From 057d5883aa551fc339356bf1184dc2a0e95a2762 Mon Sep 17 00:00:00 2001 From: schaeff Date: Fri, 3 Jul 2020 18:10:33 +0200 Subject: [PATCH 01/11] remove bellman embeds, add u32 to stdlib --- Cargo.lock | 73 ---- Cargo.toml | 1 - .../merkleTree/pedersenPathProof3.zok | 6 +- .../examples/merkleTree/sha256PathProof3.zok | 8 +- .../tests/code/sha_round.arguments.json | 260 -------------- .../tests/code/sha_round.expected.witness | 1 - zokrates_cli/tests/code/sha_round.zok | 14 - zokrates_core/Cargo.toml | 3 +- zokrates_core/src/embed.rs | 224 ------------ zokrates_core/src/imports.rs | 11 - zokrates_core/src/ir/interpreter.rs | 12 - zokrates_core/src/lib.rs | 1 - zokrates_core/src/semantics.rs | 2 + zokrates_core/src/solvers/mod.rs | 2 - zokrates_core/src/standard.rs | 232 ------------- zokrates_core/src/static_analysis/inline.rs | 5 - .../tests/tests/arrays/fun_spread.zok | 2 +- .../tests/tests/uint/sha256.json | 2 +- zokrates_embed/Cargo.toml | 14 - zokrates_embed/src/lib.rs | 319 ------------------ .../stdlib/ecc/edwardsCompress.zok | 2 +- .../stdlib/ecc/edwardsOrderCheck.zok | 2 +- .../stdlib/ecc/proofOfOwnership.zok | 4 +- .../stdlib/hashes/pedersen/512bit.zok | 36 +- .../stdlib/hashes/sha256/1024bit.zok | 11 +- .../stdlib/hashes/sha256/1024bitPadded.zok | 28 +- .../stdlib/hashes/sha256/1536bit.zok | 14 +- .../stdlib/hashes/sha256/256bitPadded.zok | 33 +- .../stdlib/hashes/sha256/512bit.zok | 16 +- .../stdlib/hashes/sha256/512bitPacked.zok | 23 +- .../stdlib/hashes/sha256/512bitPadded.zok | 29 +- .../stdlib/hashes/sha256/IVconstants.zok | 15 +- .../stdlib/hashes/sha256/shaRound.zok | 126 +++++++ .../hashes/sha256/shaRoundNoBoolCheck.zok | 6 - .../hashes/utils/256bitsDirectionHelper.zok | 2 +- .../stdlib/signatures/verifyEddsa.zok | 14 +- .../stdlib/utils/casts/bool_128_to_u32_4.zok | 4 + .../stdlib/utils/casts/bool_256_to_u32_8.zok | 4 + .../stdlib/utils/casts/u32_4_to_bool_128.zok | 4 + .../stdlib/utils/casts/u32_8_to_bool_256.zok | 4 + .../stdlib/utils/multiplexer/256bit.zok | 2 +- .../pack/{ => bool}/nonStrictUnpack256.zok | 2 +- .../stdlib/utils/pack/{ => bool}/pack128.zok | 8 +- .../stdlib/utils/pack/bool/pack256.zok | 14 + .../utils/pack/{ => bool}/unpack128.zok | 0 zokrates_stdlib/stdlib/utils/pack/pack256.zok | 10 - .../utils/pack/u32/nonStrictUnpack256.zok | 12 + .../stdlib/utils/pack/u32/pack128.zok | 10 + .../stdlib/utils/pack/u32/pack256.zok | 10 + .../stdlib/utils/pack/u32/unpack128.zok | 7 + .../tests/tests/ecc/proofOfOwnership.zok | 1 - .../tests/tests/hashes/pedersen/512bit.zok | 6 +- .../tests/hashes/sha256/1024bitPadded.zok | 12 +- .../tests/tests/hashes/sha256/512bit.zok | 8 +- .../tests/hashes/sha256/512bitPadded.zok | 8 +- .../hashes/utils/256bitsDirectionHelper.zok | 16 +- .../tests/tests/signatures/verifyEddsa.zok | 4 +- .../tests/tests/utils/multiplexer/256bit.zok | 12 +- .../utils/pack/bool/nonStrictUnpack256.json | 16 + .../pack/{ => bool}/nonStrictUnpack256.zok | 2 +- .../{unpack128.json => bool/pack128.json} | 2 +- .../tests/utils/pack/{ => bool}/pack128.zok | 2 +- .../unpack128.json} | 2 +- .../tests/utils/pack/{ => bool}/unpack128.zok | 2 +- .../utils/pack/u32/nonStrictUnpack256.json | 16 + .../utils/pack/u32/nonStrictUnpack256.zok | 41 +++ .../tests/utils/pack/{ => u32}/pack128.json | 2 +- .../tests/tests/utils/pack/u32/pack128.zok | 36 ++ .../tests/tests/utils/pack/u32/unpack128.json | 16 + .../tests/tests/utils/pack/u32/unpack128.zok | 33 ++ 70 files changed, 544 insertions(+), 1337 deletions(-) delete mode 100644 zokrates_cli/tests/code/sha_round.arguments.json delete mode 100644 zokrates_cli/tests/code/sha_round.expected.witness delete mode 100644 zokrates_cli/tests/code/sha_round.zok delete mode 100644 zokrates_core/src/standard.rs delete mode 100644 zokrates_embed/Cargo.toml delete mode 100644 zokrates_embed/src/lib.rs create mode 100644 zokrates_stdlib/stdlib/hashes/sha256/shaRound.zok delete mode 100644 zokrates_stdlib/stdlib/hashes/sha256/shaRoundNoBoolCheck.zok create mode 100644 zokrates_stdlib/stdlib/utils/casts/bool_128_to_u32_4.zok create mode 100644 zokrates_stdlib/stdlib/utils/casts/bool_256_to_u32_8.zok create mode 100644 zokrates_stdlib/stdlib/utils/casts/u32_4_to_bool_128.zok create mode 100644 zokrates_stdlib/stdlib/utils/casts/u32_8_to_bool_256.zok rename zokrates_stdlib/stdlib/utils/pack/{ => bool}/nonStrictUnpack256.zok (87%) rename zokrates_stdlib/stdlib/utils/pack/{ => bool}/pack128.zok (58%) create mode 100644 zokrates_stdlib/stdlib/utils/pack/bool/pack256.zok rename zokrates_stdlib/stdlib/utils/pack/{ => bool}/unpack128.zok (100%) delete mode 100644 zokrates_stdlib/stdlib/utils/pack/pack256.zok create mode 100644 zokrates_stdlib/stdlib/utils/pack/u32/nonStrictUnpack256.zok create mode 100644 zokrates_stdlib/stdlib/utils/pack/u32/pack128.zok create mode 100644 zokrates_stdlib/stdlib/utils/pack/u32/pack256.zok create mode 100644 zokrates_stdlib/stdlib/utils/pack/u32/unpack128.zok create mode 100644 zokrates_stdlib/tests/tests/utils/pack/bool/nonStrictUnpack256.json rename zokrates_stdlib/tests/tests/utils/pack/{ => bool}/nonStrictUnpack256.zok (99%) rename zokrates_stdlib/tests/tests/utils/pack/{unpack128.json => bool/pack128.json} (70%) rename zokrates_stdlib/tests/tests/utils/pack/{ => bool}/pack128.zok (98%) rename zokrates_stdlib/tests/tests/utils/pack/{nonStrictUnpack256.json => bool/unpack128.json} (68%) rename zokrates_stdlib/tests/tests/utils/pack/{ => bool}/unpack128.zok (98%) create mode 100644 zokrates_stdlib/tests/tests/utils/pack/u32/nonStrictUnpack256.json create mode 100644 zokrates_stdlib/tests/tests/utils/pack/u32/nonStrictUnpack256.zok rename zokrates_stdlib/tests/tests/utils/pack/{ => u32}/pack128.json (70%) create mode 100644 zokrates_stdlib/tests/tests/utils/pack/u32/pack128.zok create mode 100644 zokrates_stdlib/tests/tests/utils/pack/u32/unpack128.json create mode 100644 zokrates_stdlib/tests/tests/utils/pack/u32/unpack128.zok diff --git a/Cargo.lock b/Cargo.lock index d1e46b1e..31dc57e9 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -27,15 +27,6 @@ dependencies = [ "winapi", ] -[[package]] -name = "arrayvec" -version = "0.4.12" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "cd9fd44efafa8690358b7408d253adf110036b88f55672a933f01d616ad9b1b9" -dependencies = [ - "nodrop", -] - [[package]] name = "assert_cli" version = "0.5.4" @@ -120,17 +111,6 @@ version = "1.2.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "cf1de2fe8c75bc145a2f577add951f8134889b4795d47466a54a5c846d691693" -[[package]] -name = "blake2-rfc_bellman_edition" -version = "0.0.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "fdc60350286c7c3db13b98e91dbe5c8b6830a6821bc20af5b0c310ce94d74915" -dependencies = [ - "arrayvec", - "byteorder", - "constant_time_eq", -] - [[package]] name = "block-buffer" version = "0.7.3" @@ -261,12 +241,6 @@ dependencies = [ "wasm-bindgen", ] -[[package]] -name = "constant_time_eq" -version = "0.1.5" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "245097e9a4535ee1e3e3931fcfcd55a796a44c643e8596ff6566d68f09b87bbc" - [[package]] name = "crossbeam" version = "0.7.3" @@ -338,12 +312,6 @@ dependencies = [ "lazy_static", ] -[[package]] -name = "crunchy" -version = "0.2.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7a81dae078cea95a014a339291cec439d2f232ebe854a9d672b796c6afafa9b7" - [[package]] name = "csv" version = "1.1.3" @@ -802,12 +770,6 @@ dependencies = [ "autocfg", ] -[[package]] -name = "nodrop" -version = "0.1.14" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "72ef4a56884ca558e5ddb05a1d1e7e1bfd9a68d9ed024c21704cc98872dae1bb" - [[package]] name = "num" version = "0.1.42" @@ -1245,23 +1207,6 @@ dependencies = [ "winapi-util", ] -[[package]] -name = "sapling-crypto_ce" -version = "0.1.3" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1c4ff5309ec3e4bd800ad4ab3f71e9b76e9ea81c9f0eda6efa16008afbe440b3" -dependencies = [ - "bellman_ce", - "blake2-rfc_bellman_edition", - "byteorder", - "digest", - "rand 0.4.6", - "serde", - "serde_derive", - "sha2", - "tiny-keccak", -] - [[package]] name = "scoped-tls" version = "1.0.0" @@ -1470,15 +1415,6 @@ dependencies = [ "lazy_static", ] -[[package]] -name = "tiny-keccak" -version = "2.0.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2c9d3793400a45f954c52e73d068316d76b6f4e36977e3fcebb13a2721e80237" -dependencies = [ - "crunchy", -] - [[package]] name = "typed-arena" version = "1.7.0" @@ -1790,7 +1726,6 @@ dependencies = [ "typed-arena", "wasm-bindgen-test", "zokrates_common", - "zokrates_embed", "zokrates_field", "zokrates_pest_ast", ] @@ -1803,14 +1738,6 @@ dependencies = [ "zokrates_test", ] -[[package]] -name = "zokrates_embed" -version = "0.1.1" -dependencies = [ - "bellman_ce", - "sapling-crypto_ce", -] - [[package]] name = "zokrates_field" version = "0.3.6" diff --git a/Cargo.toml b/Cargo.toml index 50d4c4ce..889f4c86 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -6,7 +6,6 @@ members = [ "zokrates_cli", "zokrates_fs_resolver", "zokrates_stdlib", - "zokrates_embed", "zokrates_abi", "zokrates_test", "zokrates_core_test", diff --git a/zokrates_cli/examples/merkleTree/pedersenPathProof3.zok b/zokrates_cli/examples/merkleTree/pedersenPathProof3.zok index 148ecd7f..8b238fd9 100644 --- a/zokrates_cli/examples/merkleTree/pedersenPathProof3.zok +++ b/zokrates_cli/examples/merkleTree/pedersenPathProof3.zok @@ -6,14 +6,14 @@ import "hashes/utils/256bitsDirectionHelper" as multiplex // Merke-Tree inclusion proof for tree depth 3 using SNARK efficient pedersen hashes // directionSelector=> 1/true if current digest is on the rhs of the hash -def main(bool[256] rootDigest, private bool[256] leafDigest, private bool[3] directionSelector, bool[256] PathDigest0, private bool[256] PathDigest1, private bool[256] PathDigest2) -> (field): +def main(u32[8] rootDigest, private u32[8] leafDigest, private bool[3] directionSelector, u32[8] PathDigest0, private u32[8] PathDigest1, private u32[8] PathDigest2) -> (field): BabyJubJubParams context = context() //Setup - bool[256] currentDigest = leafDigest + u32[8] currentDigest = leafDigest //Loop up the tree - bool[512] preimage = multiplex(directionSelector[0], currentDigest, PathDigest0) + u32[16] preimage = multiplex(directionSelector[0], currentDigest, PathDigest0) currentDigest = hash(preimage) preimage = multiplex(directionSelector[1], currentDigest, PathDigest1) diff --git a/zokrates_cli/examples/merkleTree/sha256PathProof3.zok b/zokrates_cli/examples/merkleTree/sha256PathProof3.zok index 666d84fb..c51f1b1a 100644 --- a/zokrates_cli/examples/merkleTree/sha256PathProof3.zok +++ b/zokrates_cli/examples/merkleTree/sha256PathProof3.zok @@ -3,17 +3,17 @@ import "utils/multiplexer/256bit" as multiplex // Merkle-Tree inclusion proof for tree depth 3 -def main(field treeDepth, bool[256] rootDigest, private bool[256] leafDigest, private bool[2] directionSelector, bool[256] PathDigest0, private bool[256] PathDigest1) -> (field): +def main(field treeDepth, u32[8] rootDigest, private u32[8] leafDigest, private bool[2] directionSelector, u32[8] PathDigest0, private u32[8] PathDigest1) -> (field): //Setup - bool[256] currentDigest = leafDigest + u32[8] currentDigest = leafDigest field counter = 1 bool currentDirection = false //Loop up the tree currentDirection = directionSelector[0] - bool[256] lhs = multiplex(currentDirection, currentDigest, PathDigest0) - bool[256] rhs = multiplex(!currentDirection, currentDigest, PathDigest0) + u32[8] lhs = multiplex(currentDirection, currentDigest, PathDigest0) + u32[8] rhs = multiplex(!currentDirection, currentDigest, PathDigest0) currentDigest = sha256(lhs, rhs) counter = counter + 1 diff --git a/zokrates_cli/tests/code/sha_round.arguments.json b/zokrates_cli/tests/code/sha_round.arguments.json deleted file mode 100644 index ef766341..00000000 --- a/zokrates_cli/tests/code/sha_round.arguments.json +++ /dev/null @@ -1,260 +0,0 @@ -[ - [ - false, - false, - false, - true, - true, - true, - true, - true, - false, - false, - true, - true, - true, - false, - true, - true, - true, - false, - false, - false, - true, - false, - true, - true, - true, - false, - false, - true, - true, - false, - false, - false, - true, - true, - false, - false, - false, - false, - true, - false, - false, - false, - false, - true, - true, - true, - true, - false, - true, - false, - true, - true, - true, - false, - false, - false, - true, - false, - false, - true, - false, - true, - false, - false, - false, - false, - true, - true, - true, - true, - false, - false, - true, - false, - false, - false, - true, - true, - true, - false, - true, - true, - true, - false, - false, - false, - true, - true, - false, - false, - true, - true, - false, - false, - true, - false, - false, - false, - true, - false, - true, - true, - false, - false, - false, - false, - false, - true, - false, - true, - false, - false, - false, - false, - false, - true, - false, - true, - false, - false, - true, - false, - true, - true, - false, - true, - true, - false, - false, - false, - false, - true, - false, - false, - false, - false, - false, - true, - false, - true, - false, - true, - false, - true, - false, - true, - true, - false, - false, - false, - true, - false, - false, - true, - true, - false, - false, - false, - false, - true, - false, - true, - false, - false, - true, - true, - true, - false, - false, - true, - true, - true, - false, - false, - true, - true, - true, - false, - false, - false, - true, - true, - true, - true, - false, - false, - true, - true, - false, - true, - false, - true, - true, - true, - true, - false, - true, - true, - true, - true, - false, - false, - false, - true, - false, - false, - true, - true, - true, - false, - true, - false, - false, - false, - false, - false, - false, - true, - true, - true, - true, - false, - true, - true, - true, - true, - true, - false, - true, - false, - true, - false, - true, - true, - false, - false, - true, - true, - false, - false, - false, - false, - true, - true, - true, - true, - false, - true, - false, - false, - true, - false, - true, - true, - false, - true - ] -] \ No newline at end of file diff --git a/zokrates_cli/tests/code/sha_round.expected.witness b/zokrates_cli/tests/code/sha_round.expected.witness deleted file mode 100644 index 1e61044c..00000000 --- a/zokrates_cli/tests/code/sha_round.expected.witness +++ /dev/null @@ -1 +0,0 @@ -~out_0 1 \ No newline at end of file diff --git a/zokrates_cli/tests/code/sha_round.zok b/zokrates_cli/tests/code/sha_round.zok deleted file mode 100644 index a2222a40..00000000 --- a/zokrates_cli/tests/code/sha_round.zok +++ /dev/null @@ -1,14 +0,0 @@ -import "EMBED/sha256round" as sha256 - -def main(private bool[256] expected) -> (field): - - bool[256] a = [false; 256] - bool[256] b = [false; 256] - b[253] = true - b[255] = true - - bool[256] IV = [false, true, true, false, true, false, true, false, false, false, false, false, true, false, false, true, true, true, true, false, false, true, true, false, false, true, true, false, false, true, true, true, true, false, true, true, true, false, true, true, false, true, true, false, false, true, true, true, true, false, true, false, true, true, true, false, true, false, false, false, false, true, false, true, false, false, true, true, true, true, false, false, false, true, true, false, true, true, true, false, true, true, true, true, false, false, true, true, false, true, true, true, false, false, true, false, true, false, true, false, false, true, false, true, false, true, false, false, true, true, true, true, true, true, true, true, false, true, false, true, false, false, true, true, true, false, true, false, false, true, false, true, false, false, false, true, false, false, false, false, true, true, true, false, false, true, false, true, false, false, true, false, false, true, true, true, true, true, true, true, true, false, false, true, true, false, true, true, false, false, false, false, false, true, false, true, false, true, true, false, true, false, false, false, true, false, false, false, true, true, false, false, false, false, false, true, true, true, true, true, true, false, false, false, false, false, true, true, true, true, false, true, true, false, false, true, true, false, true, false, true, false, true, true, false, true, false, true, true, false, true, true, true, true, true, false, false, false, false, false, true, true, false, false, true, true, false, true, false, false, false, true, true, false, false, true] - - expected == sha256([...a, ...b], IV) - - return 1 \ No newline at end of file diff --git a/zokrates_core/Cargo.toml b/zokrates_core/Cargo.toml index 7c4d6a89..edf555b0 100644 --- a/zokrates_core/Cargo.toml +++ b/zokrates_core/Cargo.toml @@ -9,7 +9,7 @@ build = "build.rs" [features] default = [] libsnark = ["cc", "cmake", "git2"] -wasm = ["bellman_ce/wasm", "zokrates_embed/wasm"] +wasm = ["bellman_ce/wasm"] multicore = ["bellman_ce/multicore"] [dependencies] @@ -29,7 +29,6 @@ pairing_ce = "^0.21" ff_ce = "^0.9" zokrates_field = { version = "0.3.0", path = "../zokrates_field" } zokrates_pest_ast = { version = "0.1.0", path = "../zokrates_pest_ast" } -zokrates_embed = { path = "../zokrates_embed" } zokrates_common = { path = "../zokrates_common" } rand = "0.4" csv = "1" diff --git a/zokrates_core/src/embed.rs b/zokrates_core/src/embed.rs index 1671e25e..48284e3d 100644 --- a/zokrates_core/src/embed.rs +++ b/zokrates_core/src/embed.rs @@ -1,19 +1,16 @@ use crate::solvers::Solver; -use bellman::pairing::ff::ScalarEngine; use flat_absy::{ FlatDirective, FlatExpression, FlatExpressionList, FlatFunction, FlatParameter, FlatStatement, FlatVariable, }; use std::collections::HashMap; use typed_absy::types::{FunctionKey, Signature, Type}; -use zokrates_embed::{generate_sha256_round_constraints, BellmanConstraint}; use zokrates_field::Field; /// A low level function that contains non-deterministic introduction of variables. It is carried out as is until /// the flattening step when it can be inlined. #[derive(Debug, Clone, PartialEq, Hash)] pub enum FlatEmbed { - Sha256Round, Unpack(usize), U8ToBits, U16ToBits, @@ -26,12 +23,6 @@ pub enum FlatEmbed { impl FlatEmbed { pub fn signature(&self) -> Signature { match self { - FlatEmbed::Sha256Round => Signature::new() - .inputs(vec![ - Type::array(Type::Boolean, 512), - Type::array(Type::Boolean, 256), - ]) - .outputs(vec![Type::array(Type::Boolean, 256)]), FlatEmbed::Unpack(bitwidth) => Signature::new() .inputs(vec![Type::FieldElement]) .outputs(vec![Type::array(Type::Boolean, *bitwidth)]), @@ -62,7 +53,6 @@ impl FlatEmbed { pub fn id(&self) -> &'static str { match self { - FlatEmbed::Sha256Round => "_SHA256_ROUND", FlatEmbed::Unpack(_) => "_UNPACK", FlatEmbed::U8ToBits => "_U8_TO_BITS", FlatEmbed::U16ToBits => "_U16_TO_BITS", @@ -76,144 +66,12 @@ impl FlatEmbed { /// Actually get the `FlatFunction` that this `FlatEmbed` represents pub fn synthetize(&self) -> FlatFunction { match self { - FlatEmbed::Sha256Round => sha256_round(), FlatEmbed::Unpack(bitwidth) => unpack_to_bitwidth(*bitwidth), _ => unreachable!(), } } } -// util to convert a vector of `(variable_id, coefficient)` to a flat_expression -// we build a binary tree of additions by splitting the vector recursively -fn flat_expression_from_vec( - v: &[(usize, <::BellmanEngine as ScalarEngine>::Fr)], -) -> FlatExpression { - match v.len() { - 0 => FlatExpression::Number(T::zero()), - 1 => { - let (key, val) = v[0].clone(); - FlatExpression::Mult( - box FlatExpression::Number(T::from_bellman(val)), - box FlatExpression::Identifier(FlatVariable::new(key)), - ) - } - n => { - let (u, v) = v.split_at(n / 2); - FlatExpression::Add( - box flat_expression_from_vec(u), - box flat_expression_from_vec(v), - ) - } - } -} - -impl From> for FlatStatement { - fn from(c: zokrates_embed::BellmanConstraint) -> FlatStatement { - let rhs_a = flat_expression_from_vec(&c.a); - let rhs_b = flat_expression_from_vec(&c.b); - let lhs = flat_expression_from_vec(&c.c); - - FlatStatement::Condition(lhs, FlatExpression::Mult(box rhs_a, box rhs_b)) - } -} - -/// Returns a flat function which computes a sha256 round -/// -/// # Remarks -/// -/// The variables inside the function are set in this order: -/// - constraint system variables -/// - arguments -pub fn sha256_round() -> FlatFunction { - // Define iterators for all indices at hand - let (r1cs, input_indices, current_hash_indices, output_indices) = - generate_sha256_round_constraints::(); - - // indices of the input - let input_indices = input_indices.into_iter(); - // indices of the current hash - let current_hash_indices = current_hash_indices.into_iter(); - // indices of the output - let output_indices = output_indices.into_iter(); - - let variable_count = r1cs.aux_count + 1; // auxiliary and ONE - - // indices of the sha256round constraint system variables - let cs_indices = (0..variable_count).into_iter(); - - // indices of the arguments to the function - // apply an offset of `variable_count` to get the indice of our dummy `input` argument - let input_argument_indices = input_indices - .clone() - .into_iter() - .map(|i| i + variable_count); - // apply an offset of `variable_count` to get the indice of our dummy `current_hash` argument - let current_hash_argument_indices = current_hash_indices - .clone() - .into_iter() - .map(|i| i + variable_count); - - // define parameters to the function based on the variables - let arguments = input_argument_indices - .clone() - .chain(current_hash_argument_indices.clone()) - .map(|i| FlatParameter { - id: FlatVariable::new(i), - private: true, - }) - .collect(); - - // define a binding of the first variable in the constraint system to one - let one_binding_statement = FlatStatement::Condition( - FlatVariable::new(0).into(), - FlatExpression::Number(T::from(1)), - ); - - let input_binding_statements = - // bind input and current_hash to inputs - input_indices.clone().chain(current_hash_indices).zip(input_argument_indices.clone().chain(current_hash_argument_indices.clone())).map(|(cs_index, argument_index)| { - FlatStatement::Condition( - FlatVariable::new(cs_index).into(), - FlatVariable::new(argument_index).into(), - ) - }); - - // insert flattened statements to represent constraints - let constraint_statements = r1cs.constraints.into_iter().map(|c| c.into()); - - // define which subset of the witness is returned - let outputs: Vec> = output_indices - .map(|o| FlatExpression::Identifier(FlatVariable::new(o))) - .collect(); - - // insert a directive to set the witness based on the bellman gadget and inputs - let directive_statement = FlatStatement::Directive(FlatDirective { - outputs: cs_indices.map(|i| FlatVariable::new(i)).collect(), - inputs: input_argument_indices - .chain(current_hash_argument_indices) - .map(|i| FlatVariable::new(i).into()) - .collect(), - solver: Solver::Sha256Round, - }); - - // insert a statement to return the subset of the witness - let return_statement = FlatStatement::Return(FlatExpressionList { - expressions: outputs, - }); - - let statements = std::iter::once(directive_statement) - .chain(std::iter::once(one_binding_statement)) - .chain(input_binding_statements) - .chain(constraint_statements) - .chain(std::iter::once(return_statement)) - .collect(); - - FlatFunction { - arguments, - statements, - } -} - fn use_variable( layout: &mut HashMap, name: String, @@ -361,86 +219,4 @@ mod tests { ); } } - - #[cfg(test)] - mod sha256 { - use super::*; - use ir::Interpreter; - - #[test] - fn generate_sha256_constraints() { - let compiled = sha256_round(); - - // function should have 768 inputs - assert_eq!(compiled.arguments.len(), 768,); - - // function should return 256 values - assert_eq!( - compiled - .statements - .iter() - .filter_map(|s| match s { - FlatStatement::Return(v) => Some(v), - _ => None, - }) - .next() - .unwrap() - .expressions - .len(), - 256, - ); - - // directive should take 768 inputs and return n_var outputs - let directive = compiled - .statements - .iter() - .filter_map(|s| match s { - FlatStatement::Directive(d) => Some(d.clone()), - _ => None, - }) - .next() - .unwrap(); - assert_eq!(directive.inputs.len(), 768); - assert_eq!(directive.outputs.len(), 26935); - // function input should be offset by variable_count - assert_eq!( - compiled.arguments[0].id, - FlatVariable::new(directive.outputs.len() + 1) - ); - - // bellman variable #0: index 0 should equal 1 - assert_eq!( - compiled.statements[1], - FlatStatement::Condition( - FlatVariable::new(0).into(), - FlatExpression::Number(Bn128Field::from(1)) - ) - ); - - // bellman input #0: index 1 should equal zokrates input #0: index v_count - assert_eq!( - compiled.statements[2], - FlatStatement::Condition( - FlatVariable::new(1).into(), - FlatVariable::new(26936).into() - ) - ); - - let f = crate::ir::Function::from(compiled); - let prog = crate::ir::Prog { - main: f, - private: vec![true; 768], - }; - - let input = (0..512) - .map(|_| 0) - .chain((0..256).map(|_| 1)) - .map(|i| Bn128Field::from(i)) - .collect(); - - let interpreter = Interpreter::default(); - - interpreter.execute(&prog, &input).unwrap(); - } - } } diff --git a/zokrates_core/src/imports.rs b/zokrates_core/src/imports.rs index 1e8db324..a927c0f0 100644 --- a/zokrates_core/src/imports.rs +++ b/zokrates_core/src/imports.rs @@ -149,17 +149,6 @@ impl Importer { // handle the case of special bellman and packing imports if import.source.starts_with("EMBED") { match import.source.to_str().unwrap() { - "EMBED/sha256round" => { - let alias = alias.unwrap_or("sha256round"); - - symbols.push( - SymbolDeclaration { - id: &alias, - symbol: Symbol::Flat(FlatEmbed::Sha256Round), - } - .start_end(pos.0, pos.1), - ); - } "EMBED/unpack" => { let alias = alias.unwrap_or("unpack"); diff --git a/zokrates_core/src/ir/interpreter.rs b/zokrates_core/src/ir/interpreter.rs index 3c8b899b..7cd235ec 100644 --- a/zokrates_core/src/ir/interpreter.rs +++ b/zokrates_core/src/ir/interpreter.rs @@ -4,7 +4,6 @@ use ir::Directive; use solvers::Solver; use std::collections::BTreeMap; use std::fmt; -use zokrates_embed::generate_sha256_round_witness; use zokrates_field::Field; pub type ExecutionResult = Result, Error>; @@ -186,17 +185,6 @@ impl Interpreter { vec![a * (b - c.clone()) + c] } Solver::Div => vec![inputs[0].clone() / inputs[1].clone()], - Solver::Sha256Round => { - let i = &inputs[0..512]; - let h = &inputs[512..]; - let i: Vec<_> = i.iter().map(|x| x.clone().into_bellman()).collect(); - let h: Vec<_> = h.iter().map(|x| x.clone().into_bellman()).collect(); - assert!(h.len() == 256); - generate_sha256_round_witness::(&i, &h) - .into_iter() - .map(|x| T::from_bellman(x)) - .collect() - } }; assert_eq!(res.len(), expected_output_count); diff --git a/zokrates_core/src/lib.rs b/zokrates_core/src/lib.rs index 489a4a1f..5187d467 100644 --- a/zokrates_core/src/lib.rs +++ b/zokrates_core/src/lib.rs @@ -17,7 +17,6 @@ extern crate lazy_static; extern crate pairing_ce as pairing; extern crate regex; extern crate zokrates_common; -extern crate zokrates_embed; extern crate zokrates_field; extern crate zokrates_pest_ast; diff --git a/zokrates_core/src/semantics.rs b/zokrates_core/src/semantics.rs index 3a4c314e..52bbd20b 100644 --- a/zokrates_core/src/semantics.rs +++ b/zokrates_core/src/semantics.rs @@ -396,6 +396,8 @@ impl<'ast> Checker<'ast> { match Checker::new().check_module(&import.module_id, state) { Ok(()) => { + println!("{:?} {:#?}", import.module_id, state.typed_modules.keys()); + // find candidates in the checked module let function_candidates: Vec<_> = state .typed_modules diff --git a/zokrates_core/src/solvers/mod.rs b/zokrates_core/src/solvers/mod.rs index f5af8557..c533acfd 100644 --- a/zokrates_core/src/solvers/mod.rs +++ b/zokrates_core/src/solvers/mod.rs @@ -6,7 +6,6 @@ pub enum Solver { ConditionEq, Bits(usize), Div, - Sha256Round, Xor, Or, ShaAndXorAndXorAnd, @@ -25,7 +24,6 @@ impl Solver { Solver::ConditionEq => (1, 2), Solver::Bits(bit_width) => (1, *bit_width), Solver::Div => (2, 1), - Solver::Sha256Round => (768, 26935), Solver::Xor => (2, 1), Solver::Or => (2, 1), Solver::ShaAndXorAndXorAnd => (3, 1), diff --git a/zokrates_core/src/standard.rs b/zokrates_core/src/standard.rs deleted file mode 100644 index 97b7e0b2..00000000 --- a/zokrates_core/src/standard.rs +++ /dev/null @@ -1,232 +0,0 @@ -use crate::flat_absy::{FlatExpression, FlatExpressionList, FlatFunction, FlatStatement}; -use crate::flat_absy::{FlatParameter, FlatVariable}; -use crate::helpers::{DirectiveStatement, Helper, RustHelper}; -use crate::types::{Signature, Type}; -use bellman::pairing::ff::ScalarEngine; -use reduce::Reduce; -use zokrates_embed::{generate_sha256_round_constraints, BellmanConstraint}; -use zokrates_field::Field; - -// util to convert a vector of `(variable_id, coefficient)` to a flat_expression -fn flat_expression_from_vec( - v: Vec<(usize, <::BellmanEngine as ScalarEngine>::Fr)>, -) -> FlatExpression { - match v - .into_iter() - .map(|(key, val)| { - FlatExpression::Mult( - box FlatExpression::Number(T::from_bellman(val)), - box FlatExpression::Identifier(FlatVariable::new(key)), - ) - }) - .reduce(|acc, e| FlatExpression::Add(box acc, box e)) - { - Some(e @ FlatExpression::Mult(..)) => { - FlatExpression::Add(box FlatExpression::Number(T::zero()), box e) - } // the R1CS serializer only recognizes Add - Some(e) => e, - None => FlatExpression::Number(T::zero()), - } -} - -impl From> for FlatStatement { - fn from(c: zokrates_embed::BellmanConstraint) -> FlatStatement { - let rhs_a = flat_expression_from_vec(c.a); - let rhs_b = flat_expression_from_vec(c.b); - let lhs = flat_expression_from_vec(c.c); - - FlatStatement::Condition(lhs, FlatExpression::Mult(box rhs_a, box rhs_b)) - } -} - -/// Returns a flat function which computes a sha256 round -/// -/// # Remarks -/// -/// The variables inside the function are set in this order: -/// - constraint system variables -/// - arguments -pub fn sha_round() -> FlatFunction { - // Define iterators for all indices at hand - let (r1cs, input_indices, current_hash_indices, output_indices) = - generate_sha256_round_constraints::(); - - // indices of the input - let input_indices = input_indices.into_iter(); - // indices of the current hash - let current_hash_indices = current_hash_indices.into_iter(); - // indices of the output - let output_indices = output_indices.into_iter(); - - let variable_count = r1cs.aux_count + 1; // auxiliary and ONE - - // indices of the sha256round constraint system variables - let cs_indices = (0..variable_count).into_iter(); - - // indices of the arguments to the function - // apply an offset of `variable_count` to get the indice of our dummy `input` argument - let input_argument_indices = input_indices - .clone() - .into_iter() - .map(|i| i + variable_count); - // apply an offset of `variable_count` to get the indice of our dummy `current_hash` argument - let current_hash_argument_indices = current_hash_indices - .clone() - .into_iter() - .map(|i| i + variable_count); - - // define the signature of the resulting function - let signature = Signature { - inputs: vec![ - Type::array(Type::FieldElement, input_indices.len()), - Type::array(Type::FieldElement, current_hash_indices.len()), - ], - outputs: vec![Type::array(Type::FieldElement, output_indices.len())], - }; - - // define parameters to the function based on the variables - let arguments = input_argument_indices - .clone() - .chain(current_hash_argument_indices.clone()) - .map(|i| FlatParameter { - id: FlatVariable::new(i), - private: true, - }) - .collect(); - - // define a binding of the first variable in the constraint system to one - let one_binding_statement = FlatStatement::Condition( - FlatVariable::new(0).into(), - FlatExpression::Number(T::from(1)), - ); - - let input_binding_statements = - // bind input and current_hash to inputs - input_indices.clone().chain(current_hash_indices).zip(input_argument_indices.clone().chain(current_hash_argument_indices.clone())).map(|(cs_index, argument_index)| { - FlatStatement::Condition( - FlatVariable::new(cs_index).into(), - FlatVariable::new(argument_index).into(), - ) - }); - - // insert flattened statements to represent constraints - let constraint_statements = r1cs.constraints.into_iter().map(|c| c.into()); - - // define which subset of the witness is returned - let outputs: Vec> = output_indices - .map(|o| FlatExpression::Identifier(FlatVariable::new(o))) - .collect(); - - // insert a directive to set the witness based on the bellman gadget and inputs - let directive_statement = FlatStatement::Directive(DirectiveStatement { - outputs: cs_indices.map(|i| FlatVariable::new(i)).collect(), - inputs: input_argument_indices - .chain(current_hash_argument_indices) - .map(|i| FlatVariable::new(i).into()) - .collect(), - helper: Helper::Rust(RustHelper::Sha256Round), - }); - - // insert a statement to return the subset of the witness - let return_statement = FlatStatement::Return(FlatExpressionList { - expressions: outputs, - }); - - let statements = std::iter::once(directive_statement) - .chain(std::iter::once(one_binding_statement)) - .chain(input_binding_statements) - .chain(constraint_statements) - .chain(std::iter::once(return_statement)) - .collect(); - - FlatFunction { - id: "main".to_owned(), - arguments, - statements, - signature, - } -} - -#[cfg(test)] -mod tests { - use super::*; - use zokrates_field::Bn128Field; - - #[test] - fn generate_sha256_constraints() { - let compiled = sha_round(); - - // function should have a signature of 768 inputs and 256 outputs - assert_eq!( - compiled.signature, - Signature::new() - .inputs(vec![ - Type::array(Type::FieldElement, 512), - Type::array(Type::FieldElement, 256) - ]) - .outputs(vec![Type::array(Type::FieldElement, 256)]) - ); - - // function should have 768 inputs - assert_eq!(compiled.arguments.len(), 768,); - - // function should return 256 values - assert_eq!( - compiled - .statements - .iter() - .filter_map(|s| match s { - FlatStatement::Return(v) => Some(v), - _ => None, - }) - .next() - .unwrap() - .expressions - .len(), - 256, - ); - - // directive should take 768 inputs and return n_var outputs - let directive = compiled - .statements - .iter() - .filter_map(|s| match s { - FlatStatement::Directive(d) => Some(d.clone()), - _ => None, - }) - .next() - .unwrap(); - assert_eq!(directive.inputs.len(), 768); - assert_eq!(directive.outputs.len(), 26935); - // function input should be offset by variable_count - assert_eq!( - compiled.arguments[0].id, - FlatVariable::new(directive.outputs.len() + 1) - ); - - // bellman variable #0: index 0 should equal 1 - assert_eq!( - compiled.statements[1], - FlatStatement::Condition( - FlatVariable::new(0).into(), - FlatExpression::Number(Bn128Field::from(1)) - ) - ); - - // bellman input #0: index 1 should equal zokrates input #0: index v_count - assert_eq!( - compiled.statements[2], - FlatStatement::Condition(FlatVariable::new(1).into(), FlatVariable::new(26936).into()) - ); - - let f = crate::ir::Function::from(compiled); - let prog = crate::ir::Prog { - main: f, - private: vec![true; 768], - }; - - let input = (0..512).map(|_| 0).chain((0..256).map(|_| 1)).collect(); - - prog.execute(&input).unwrap(); - } -} diff --git a/zokrates_core/src/static_analysis/inline.rs b/zokrates_core/src/static_analysis/inline.rs index d1684c29..cafb37ab 100644 --- a/zokrates_core/src/static_analysis/inline.rs +++ b/zokrates_core/src/static_analysis/inline.rs @@ -104,10 +104,6 @@ impl<'ast, T: Field> Inliner<'ast, T> { let unpack = crate::embed::FlatEmbed::Unpack(T::get_required_bits()); let unpack_key = unpack.key::(); - // define a function in the main module for the `sha256_round` embed - let sha256_round = crate::embed::FlatEmbed::Sha256Round; - let sha256_round_key = sha256_round.key::(); - // define a function in the main module for the `u32_to_bits` embed let u32_to_bits = crate::embed::FlatEmbed::U32ToBits; let u32_to_bits_key = u32_to_bits.key::(); @@ -140,7 +136,6 @@ impl<'ast, T: Field> Inliner<'ast, T> { TypedModule { functions: vec![ (unpack_key, TypedFunctionSymbol::Flat(unpack)), - (sha256_round_key, TypedFunctionSymbol::Flat(sha256_round)), (u32_from_bits_key, TypedFunctionSymbol::Flat(u32_from_bits)), (u16_from_bits_key, TypedFunctionSymbol::Flat(u16_from_bits)), (u8_from_bits_key, TypedFunctionSymbol::Flat(u8_from_bits)), diff --git a/zokrates_core_test/tests/tests/arrays/fun_spread.zok b/zokrates_core_test/tests/tests/arrays/fun_spread.zok index 0567ed73..754e6739 100644 --- a/zokrates_core_test/tests/tests/arrays/fun_spread.zok +++ b/zokrates_core_test/tests/tests/arrays/fun_spread.zok @@ -1,4 +1,4 @@ -import "utils/pack/nonStrictUnpack256.zok" as unpack256 +import "utils/pack/bool/nonStrictUnpack256.zok" as unpack256 def main(field[2] inputs) -> (bool[512]): diff --git a/zokrates_core_test/tests/tests/uint/sha256.json b/zokrates_core_test/tests/tests/uint/sha256.json index e933d90c..57a72621 100644 --- a/zokrates_core_test/tests/tests/uint/sha256.json +++ b/zokrates_core_test/tests/tests/uint/sha256.json @@ -1,6 +1,6 @@ { "entry_point": "./tests/tests/uint/sha256.zok", - "max_constraint_count": 43000, + "max_constraint_count": 30000, "tests": [ { "input": { diff --git a/zokrates_embed/Cargo.toml b/zokrates_embed/Cargo.toml deleted file mode 100644 index 8e70a140..00000000 --- a/zokrates_embed/Cargo.toml +++ /dev/null @@ -1,14 +0,0 @@ -[package] -name = "zokrates_embed" -version = "0.1.1" -authors = ["schaeff "] -edition = "2018" - -[features] -default = [] -wasm = ["bellman_ce/wasm", "sapling-crypto_ce/wasm"] -multicore = ["bellman_ce/multicore", "sapling-crypto_ce/multicore"] - -[dependencies] -bellman_ce = { version = "^0.3", default-features = false} -sapling-crypto_ce = { version = "0.1.3", default-features = false } \ No newline at end of file diff --git a/zokrates_embed/src/lib.rs b/zokrates_embed/src/lib.rs deleted file mode 100644 index 8d689055..00000000 --- a/zokrates_embed/src/lib.rs +++ /dev/null @@ -1,319 +0,0 @@ -extern crate sapling_crypto_ce as sapling_crypto; -use sapling_crypto::bellman; - -use bellman::{ - pairing::{ff::Field, Engine}, - ConstraintSystem, Index, LinearCombination, SynthesisError, Variable, -}; -use sapling_crypto::circuit::{ - boolean::{AllocatedBit, Boolean}, - sha256::sha256_compression_function, - uint32::UInt32, -}; - -#[derive(Debug)] -pub struct BellmanR1CS { - pub aux_count: usize, - pub constraints: Vec>, -} - -impl BellmanR1CS { - pub fn new() -> Self { - BellmanR1CS { - aux_count: 0, - constraints: vec![], - } - } -} - -#[derive(Debug)] -pub struct BellmanWitness { - pub values: Vec, -} - -#[derive(Debug, PartialEq)] -pub struct BellmanConstraint { - pub a: Vec<(usize, E::Fr)>, - pub b: Vec<(usize, E::Fr)>, - pub c: Vec<(usize, E::Fr)>, -} - -fn sha256_round>( - mut cs: CS, - input: &Vec>, - current_hash: &Vec>, -) -> Result<(Vec, Vec, Vec), SynthesisError> { - // Allocate bits for `input` - let input_bits = input - .iter() - .enumerate() - .map(|(index, i)| { - AllocatedBit::alloc::( - &mut cs.namespace(|| format!("input_{}", index)), - Some(*i == Some(::one())), - ) - .unwrap() - }) - .collect::>(); - - // Define Booleans whose values are the defined bits - let input = input_bits - .iter() - .map(|i| Boolean::Is(i.clone())) - .collect::>(); - - // Allocate bits for `current_hash` - let current_hash_bits = current_hash - .iter() - .enumerate() - .map(|(index, i)| { - AllocatedBit::alloc::( - &mut cs.namespace(|| format!("current_hash_{}", index)), - Some(*i == Some(::one())), - ) - .unwrap() - }) - .collect::>(); - - // Define Booleans whose values are the defined bits - let current_hash = current_hash_bits - .chunks(32) - .map(|chunk| { - UInt32::from_bits_be( - &chunk - .into_iter() - .map(|i| Boolean::Is(i.clone())) - .collect::>(), - ) - }) - .collect::>(); - - // Apply the compression function, returning the 8 bytes of outputs - let res = sha256_compression_function::(&mut cs, &input, ¤t_hash).unwrap(); - - // Extract the 256 bits of output out of the 8 bytes - let output_bits = res - .into_iter() - .flat_map(|u| u.into_bits_be()) - .map(|b| b.get_variable().unwrap().clone()) - .collect::>(); - - // Return indices of `input`, `current_hash` and `output` in the CS - Ok(( - input_bits - .into_iter() - .map(|b| var_to_index(b.get_variable())) - .collect(), - current_hash_bits - .into_iter() - .map(|b| var_to_index(b.get_variable())) - .collect(), - output_bits - .into_iter() - .map(|b| var_to_index(b.get_variable())) - .collect(), - )) -} - -impl ConstraintSystem for BellmanWitness { - type Root = Self; - - fn alloc(&mut self, _: A, f: F) -> Result - where - F: FnOnce() -> Result, - A: FnOnce() -> AR, - AR: Into, - { - let index = self.values.len(); - let var = Variable::new_unchecked(Index::Aux(index)); - self.values.push(f().unwrap()); - Ok(var) - } - - fn alloc_input(&mut self, _: A, _: F) -> Result - where - F: FnOnce() -> Result, - A: FnOnce() -> AR, - AR: Into, - { - unreachable!("Bellman helpers are not allowed to allocate public variables") - } - - fn enforce(&mut self, _: A, _: LA, _: LB, _: LC) - where - A: FnOnce() -> AR, - AR: Into, - LA: FnOnce(LinearCombination) -> LinearCombination, - LB: FnOnce(LinearCombination) -> LinearCombination, - LC: FnOnce(LinearCombination) -> LinearCombination, - { - // do nothing - } - - fn push_namespace(&mut self, _: N) - where - NR: Into, - N: FnOnce() -> NR, - { - // do nothing - } - - fn pop_namespace(&mut self) { - // do nothing - } - - fn get_root(&mut self) -> &mut Self::Root { - self - } -} - -impl ConstraintSystem for BellmanR1CS { - type Root = Self; - - fn alloc(&mut self, _: A, _: F) -> Result - where - F: FnOnce() -> Result, - A: FnOnce() -> AR, - AR: Into, - { - // we don't care about the value as we're only generating the CS - let index = self.aux_count; - let var = Variable::new_unchecked(Index::Aux(index)); - self.aux_count += 1; - Ok(var) - } - - fn alloc_input(&mut self, _: A, _: F) -> Result - where - F: FnOnce() -> Result, - A: FnOnce() -> AR, - AR: Into, - { - unreachable!("Bellman helpers are not allowed to allocate public variables") - } - - fn enforce(&mut self, _: A, a: LA, b: LB, c: LC) - where - A: FnOnce() -> AR, - AR: Into, - LA: FnOnce(LinearCombination) -> LinearCombination, - LB: FnOnce(LinearCombination) -> LinearCombination, - LC: FnOnce(LinearCombination) -> LinearCombination, - { - let a = a(LinearCombination::zero()); - let b = b(LinearCombination::zero()); - let c = c(LinearCombination::zero()); - - let a = a - .as_ref() - .into_iter() - .map(|(variable, coefficient)| (var_to_index(*variable), *coefficient)) - .collect(); - let b = b - .as_ref() - .into_iter() - .map(|(variable, coefficient)| (var_to_index(*variable), *coefficient)) - .collect(); - let c = c - .as_ref() - .into_iter() - .map(|(variable, coefficient)| (var_to_index(*variable), *coefficient)) - .collect(); - - self.constraints.push(BellmanConstraint { a, b, c }); - } - - fn push_namespace(&mut self, _: N) - where - NR: Into, - N: FnOnce() -> NR, - { - // do nothing - } - - fn pop_namespace(&mut self) { - // do nothing - } - - fn get_root(&mut self) -> &mut Self::Root { - self - } -} - -pub fn generate_sha256_round_constraints( -) -> (BellmanR1CS, Vec, Vec, Vec) { - let mut cs = BellmanR1CS::new(); - - let (input_bits, current_hash_bits, output_bits) = - sha256_round(&mut cs, &vec![None; 512], &vec![None; 256]).unwrap(); - - // res is now the allocated bits for `input`, `current_hash` and `sha256_output` - - (cs, input_bits, current_hash_bits, output_bits) -} - -pub fn generate_sha256_round_witness( - input: &[E::Fr], - current_hash: &[E::Fr], -) -> Vec { - assert_eq!(input.len(), 512); - assert_eq!(current_hash.len(), 256); - - let mut cs: BellmanWitness = BellmanWitness { - values: vec![::one()], - }; - - sha256_round( - &mut cs, - &input.iter().map(|x| Some(x.clone())).collect(), - ¤t_hash.iter().map(|x| Some(x.clone())).collect(), - ) - .unwrap(); - - cs.values -} - -fn var_to_index(v: Variable) -> usize { - match v.get_unchecked() { - Index::Aux(i) => i + 1, - Index::Input(0) => 0, - _ => unreachable!("No public variables should have been allocated"), - } -} - -#[cfg(test)] -mod tests { - use super::*; - use bellman::pairing::bn256::{Bn256, Fr}; - - #[test] - fn generate_constraints() { - let (_c, input, current_hash, output) = generate_sha256_round_constraints::(); - assert_eq!(input.len(), 512); - assert_eq!(current_hash.len(), 256); - assert_eq!(output.len(), 256); - } - - #[test] - fn generate_witness() { - let witness = - generate_sha256_round_witness::(&vec![Fr::one(); 512], &vec![Fr::zero(); 256]); - assert_eq!(witness.len(), 26935); - } - - #[test] - fn test_cs() { - use sapling_crypto::circuit::test::TestConstraintSystem; - - let mut cs: TestConstraintSystem = TestConstraintSystem::new(); - - let _ = sha256_round( - &mut cs, - &vec![Some(Fr::zero()); 512], - &vec![Some(Fr::one()); 256], - ) - .unwrap(); - - assert!(cs.is_satisfied()); - } -} diff --git a/zokrates_stdlib/stdlib/ecc/edwardsCompress.zok b/zokrates_stdlib/stdlib/ecc/edwardsCompress.zok index 7cdf87df..0c6efe6d 100644 --- a/zokrates_stdlib/stdlib/ecc/edwardsCompress.zok +++ b/zokrates_stdlib/stdlib/ecc/edwardsCompress.zok @@ -1,4 +1,4 @@ -import "utils/pack/nonStrictUnpack256" as unpack256 +import "utils/pack/bool/nonStrictUnpack256" as unpack256 // Compress JubJub Curve Point to 256bit array using big endianness bit order // Python reference code from pycrypto: diff --git a/zokrates_stdlib/stdlib/ecc/edwardsOrderCheck.zok b/zokrates_stdlib/stdlib/ecc/edwardsOrderCheck.zok index e85391bf..9fa4d275 100644 --- a/zokrates_stdlib/stdlib/ecc/edwardsOrderCheck.zok +++ b/zokrates_stdlib/stdlib/ecc/edwardsOrderCheck.zok @@ -1,6 +1,6 @@ import "ecc/edwardsAdd" as add import "ecc/edwardsScalarMult" as multiply -import "utils/pack/nonStrictUnpack256" as unpack256 +import "utils/pack/bool/nonStrictUnpack256" as unpack256 from "ecc/babyjubjubParams" import BabyJubJubParams // Verifies that the point is not one of the low-order points. diff --git a/zokrates_stdlib/stdlib/ecc/proofOfOwnership.zok b/zokrates_stdlib/stdlib/ecc/proofOfOwnership.zok index 730f2c5e..4262d946 100644 --- a/zokrates_stdlib/stdlib/ecc/proofOfOwnership.zok +++ b/zokrates_stdlib/stdlib/ecc/proofOfOwnership.zok @@ -1,6 +1,6 @@ import "ecc/edwardsAdd" as add import "ecc/edwardsScalarMult" as multiply -import "utils/pack/nonStrictUnpack256" as unpack256 +import "utils/pack/bool/nonStrictUnpack256" as unpack256 from "ecc/babyjubjubParams" import BabyJubJubParams /// Verifies match of a given public/private keypair. @@ -24,6 +24,6 @@ def main(field[2] pk, field sk, BabyJubJubParams context) -> (bool): bool[256] skBits = unpack256(sk) field[2] ptExp = multiply(skBits, G, context) - bool out = ptExp[0] == pk[0] && ptExp[1] == pk[1] + bool out = ptExp[0] == pk[0] && ptExp[1] == pk[1] return out diff --git a/zokrates_stdlib/stdlib/hashes/pedersen/512bit.zok b/zokrates_stdlib/stdlib/hashes/pedersen/512bit.zok index 148fa031..1dc58b4f 100644 --- a/zokrates_stdlib/stdlib/hashes/pedersen/512bit.zok +++ b/zokrates_stdlib/stdlib/hashes/pedersen/512bit.zok @@ -4,6 +4,8 @@ import "ecc/babyjubjubParams" as context import "ecc/edwardsAdd" as add import "ecc/edwardsCompress" as edwardsCompress from "ecc/babyjubjubParams" import BabyJubJubParams +import "EMBED/u32_to_bits" as to_bits +import "EMBED/u32_from_bits" as from_bits // Code to export generators used in this example: // import bitstring @@ -16,7 +18,27 @@ from "ecc/babyjubjubParams" import BabyJubJubParams // print(hasher.dsl_code) // 512bit to 256bit Pedersen hash using compression of the field elements -def main(bool[512] e) -> (bool[256]): +def main(u32[16] input) -> (u32[8]): + + bool[512] e = [ \ + ...to_bits(input[0]), + ...to_bits(input[1]), + ...to_bits(input[2]), + ...to_bits(input[3]), + ...to_bits(input[4]), + ...to_bits(input[5]), + ...to_bits(input[6]), + ...to_bits(input[7]), + ...to_bits(input[8]), + ...to_bits(input[9]), + ...to_bits(input[10]), + ...to_bits(input[11]), + ...to_bits(input[12]), + ...to_bits(input[13]), + ...to_bits(input[14]), + ...to_bits(input[15]) + ] + BabyJubJubParams context = context() field[2] a = context.INFINITY //Infinity //Round 0 @@ -705,4 +727,14 @@ def main(bool[512] e) -> (bool[256]): a = add(a, [cx, cy], context) bool[256] aC = edwardsCompress(a) - return aC + + return [\ + from_bits(aC[0..32]), + from_bits(aC[32..64]), + from_bits(aC[64..96]), + from_bits(aC[96..128]), + from_bits(aC[128..160]), + from_bits(aC[160..192]), + from_bits(aC[192..224]), + from_bits(aC[224..256]) + ] diff --git a/zokrates_stdlib/stdlib/hashes/sha256/1024bit.zok b/zokrates_stdlib/stdlib/hashes/sha256/1024bit.zok index 1b729da4..db57847c 100644 --- a/zokrates_stdlib/stdlib/hashes/sha256/1024bit.zok +++ b/zokrates_stdlib/stdlib/hashes/sha256/1024bit.zok @@ -1,13 +1,12 @@ import "./IVconstants" as IVconstants -import "./shaRoundNoBoolCheck" as sha256 +import "./shaRound" as sha256 // A function that takes 4 bool[256] arrays as inputs // and applies 2 rounds of sha256 compression. -// It returns an array of 256 bool. -def main(bool[256] a, bool[256] b, bool[256] c, bool[256] d) -> (bool[256]): +def main(u32[8] a, u32[8] b, u32[8] c, u32[8] d) -> (u32[8]): - bool[256] IV = IVconstants() - bool[256] digest1 = sha256(a, b, IV) - bool[256] digest2 = sha256(c, d, digest1) + u32[8] IV = IVconstants() + u32[8] digest1 = sha256([...a, ...b], IV) + u32[8] digest2 = sha256([...c, ...d], digest1) return digest2 \ No newline at end of file diff --git a/zokrates_stdlib/stdlib/hashes/sha256/1024bitPadded.zok b/zokrates_stdlib/stdlib/hashes/sha256/1024bitPadded.zok index 0ad57333..e4f40a9b 100644 --- a/zokrates_stdlib/stdlib/hashes/sha256/1024bitPadded.zok +++ b/zokrates_stdlib/stdlib/hashes/sha256/1024bitPadded.zok @@ -1,15 +1,31 @@ import "./1536bit" as sha256 // Take two bool[256] arrays as input // and returns their sha256 full round output as an array of 256 bool. -def main(bool[256] a, bool[256] b, bool[256] c, bool[256] d) -> (bool[256]): +def main(u32[8] a, u32[8] b, u32[8] c, u32[8] d) -> (u32[8]): // Hash is computed on the full 1024bit block size // padding does not fit in the first two blocks // add dummy block (single "1" followed by "0" + total length) - bool[256] dummyblock1 = [true, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false] - // total length of message is 1024 bits: 0b10000000000 - bool[256] dummyblock2 = [false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, true, false, false, false, false, false, false, false, false, false, false] + u32[8] dummyblock1 = [ \ + 0x80000000, + 0x00000000, + 0x00000000, + 0x00000000, + 0x00000000, + 0x00000000, + 0x00000000, + 0x00000000 + ] - bool[256] digest = sha256(a, b, c, d, dummyblock1, dummyblock2) + u32[8] dummyblock2 = [ \ + 0x00000000, + 0x00000000, + 0x00000000, + 0x00000000, + 0x00000000, + 0x00000000, + 0x00000000, + 0x00000400 + ] - return digest + return sha256(a, b, c, d, dummyblock1, dummyblock2) diff --git a/zokrates_stdlib/stdlib/hashes/sha256/1536bit.zok b/zokrates_stdlib/stdlib/hashes/sha256/1536bit.zok index b037f967..c303944e 100644 --- a/zokrates_stdlib/stdlib/hashes/sha256/1536bit.zok +++ b/zokrates_stdlib/stdlib/hashes/sha256/1536bit.zok @@ -1,14 +1,14 @@ import "./IVconstants" as IVconstants -import "./shaRoundNoBoolCheck" as sha256 +import "./shaRound" as sha256 -// A function that takes 6 bool[256] arrays as inputs +// A function that takes 6 u32[8] arrays as inputs // and applies 3 rounds of sha256 compression. // It returns an array of 256 bool. -def main(bool[256] a, bool[256] b, bool[256] c, bool[256] d, bool[256] e, bool[256] f) -> (bool[256]): +def main(u32[8] a, u32[8] b, u32[8] c, u32[8] d, u32[8] e, u32[8] f) -> (u32[8]): - bool[256] IV = IVconstants() - bool[256] digest1 = sha256(a, b, IV) - bool[256] digest2 = sha256(c, d, digest1) - bool[256] digest3 = sha256(e, f, digest2) + u32[8] IV = IVconstants() + u32[8] digest1 = sha256([...a, ...b], IV) + u32[8] digest2 = sha256([...c, ...d], digest1) + u32[8] digest3 = sha256([...e, ...f], digest2) return digest3 \ No newline at end of file diff --git a/zokrates_stdlib/stdlib/hashes/sha256/256bitPadded.zok b/zokrates_stdlib/stdlib/hashes/sha256/256bitPadded.zok index fcbb97c6..af4faca5 100644 --- a/zokrates_stdlib/stdlib/hashes/sha256/256bitPadded.zok +++ b/zokrates_stdlib/stdlib/hashes/sha256/256bitPadded.zok @@ -2,29 +2,20 @@ import "./512bit" as sha256 // A function that takes 1 bool[256] array as input // and returns the sha256 full round output as an array of 256 bool. -def main(bool[256] a) -> (bool[256]): +def main(u32[8] a) -> (u32[8]): // Hash is computed on 256 bits of input // padding fits in the remaining 256 bits of the first block // add dummy block (single "1" followed by "0" + total length) - bool[256] dummyblock1 = [ \ - 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, \ - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, \ - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, \ - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, \ - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, \ - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, \ - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, \ - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, \ - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, \ - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, \ - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, \ - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, \ - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, \ - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, \ - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, \ - 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0] + u32[8] dummyblock1 = [ \ + 0x80000000, + 0x00000000, + 0x00000000, + 0x00000000, + 0x00000000, + 0x00000000, + 0x00000000, + 0x00000100 + ] - digest = sha256(a, dummyblock1) - - return digest + return sha256(a, dummyblock1) diff --git a/zokrates_stdlib/stdlib/hashes/sha256/512bit.zok b/zokrates_stdlib/stdlib/hashes/sha256/512bit.zok index 422dd047..4202ecac 100644 --- a/zokrates_stdlib/stdlib/hashes/sha256/512bit.zok +++ b/zokrates_stdlib/stdlib/hashes/sha256/512bit.zok @@ -1,15 +1,9 @@ import "./IVconstants" as IVconstants -import "./shaRoundNoBoolCheck" as sha256 +import "./shaRound" as sha256 -// A function that takes 2 bool[256] arrays as inputs -// and returns their sha256 compression function as an array of 256 bool. -// In contrast to full_round.zok no padding is being applied -def main(bool[256] a, bool[256] b) -> (bool[256]): +// A function that takes 2 u32[8] arrays as inputs +// and returns their sha256 compression function as an array of 8 u32. - // a and b is NOT checked to be of type bool +def main(u32[8] a, u32[8] b) -> (u32[8]): - bool[256] IV = IVconstants() - bool[256] digest = sha256(a, b, IV) - //digest is constraint to be of type bool - - return digest + return sha256([...a, ...b], IVconstants()) diff --git a/zokrates_stdlib/stdlib/hashes/sha256/512bitPacked.zok b/zokrates_stdlib/stdlib/hashes/sha256/512bitPacked.zok index 3eb82203..8c5f9107 100644 --- a/zokrates_stdlib/stdlib/hashes/sha256/512bitPacked.zok +++ b/zokrates_stdlib/stdlib/hashes/sha256/512bitPacked.zok @@ -1,22 +1,19 @@ -import "../../utils/pack/pack128" as pack128 -import "../../utils/pack/unpack128" as unpack128 +import "../../utils/pack/u32/pack128" as pack128 +import "../../utils/pack/u32/unpack128" as unpack128 import "./512bitPadded" as sha256 // A function that takes an array of 4 field elements as inputs, unpacks each of them to 128 // bits (big endian), concatenates them and applies sha256. // It then returns an array of two field elements, each representing 128 bits of the result. def main(field[4] preimage) -> (field[2]): - bool[128] a = unpack128(preimage[0]) - bool[128] b = unpack128(preimage[1]) - bool[128] c = unpack128(preimage[2]) - bool[128] d = unpack128(preimage[3]) + u32[4] a_bits = unpack128(preimage[0]) + u32[4] b_bits = unpack128(preimage[1]) + u32[4] c_bits = unpack128(preimage[2]) + u32[4] d_bits = unpack128(preimage[3]) - bool[256] lhs = [...a, ...b] - bool[256] rhs = [...c, ...d] + u32[8] lhs = [...a_bits, ...b_bits] + u32[8] rhs = [...c_bits, ...d_bits] - bool[256] r = sha256(lhs, rhs) + u32[8] r = sha256(lhs, rhs) - field res0 = pack128(r[..128]) - field res1 = pack128(r[128..]) - - return [res0, res1] \ No newline at end of file + return [pack128(r[0..4]), pack128(r[4..8])] \ No newline at end of file diff --git a/zokrates_stdlib/stdlib/hashes/sha256/512bitPadded.zok b/zokrates_stdlib/stdlib/hashes/sha256/512bitPadded.zok index 7c195915..00f6798d 100644 --- a/zokrates_stdlib/stdlib/hashes/sha256/512bitPadded.zok +++ b/zokrates_stdlib/stdlib/hashes/sha256/512bitPadded.zok @@ -2,16 +2,31 @@ import "./1024bit" as sha256 // A function that takes 2 bool[256] arrays as inputs // and returns their sha256 full round output as an array of 256 bool. -def main(bool[256] a, bool[256] b) -> (bool[256]): +def main(u32[8] a, u32[8] b) -> (u32[8]): // Hash is computed on the full 512bit block size // padding does not fit in the primary block // add dummy block (single "1" followed by "0" + total length) - bool[256] dummyblock1 = [true, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false] + u32[8] dummyblock1 = [ \ + 0x80000000, + 0x00000000, + 0x00000000, + 0x00000000, + 0x00000000, + 0x00000000, + 0x00000000, + 0x00000000 + ] - // total length of message is 512 bits: 0b1000000000 - bool[256] dummyblock2 = [false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, true, false, false, false, false, false, false, false, false, false] + u32[8] dummyblock2 = [ \ + 0x00000000, + 0x00000000, + 0x00000000, + 0x00000000, + 0x00000000, + 0x00000000, + 0x00000000, + 0x00000200 + ] - bool[256] digest = sha256(a, b, dummyblock1, dummyblock2) - - return digest \ No newline at end of file + return sha256(a, b, dummyblock1, dummyblock2) \ No newline at end of file diff --git a/zokrates_stdlib/stdlib/hashes/sha256/IVconstants.zok b/zokrates_stdlib/stdlib/hashes/sha256/IVconstants.zok index 20340d8d..a62cb51e 100644 --- a/zokrates_stdlib/stdlib/hashes/sha256/IVconstants.zok +++ b/zokrates_stdlib/stdlib/hashes/sha256/IVconstants.zok @@ -1,15 +1,4 @@ // SHA-256 is specified in FIPS 180-3 and initial values are listed in section 5.3.3 // https://csrc.nist.gov/csrc/media/publications/fips/180/3/archive/2008-10-31/documents/fips180-3_final.pdf -def main() -> (bool[256]): - bool[32] h0 = [false, true, true, false, true, false, true, false, false, false, false, false, true, false, false, true, true, true, true, false, false, true, true, false, false, true, true, false, false, true, true, true] - bool[32] h1 = [true, false, true, true, true, false, true, true, false, true, true, false, false, true, true, true, true, false, true, false, true, true, true, false, true, false, false, false, false, true, false, true] - bool[32] h2 = [false, false, true, true, true, true, false, false, false, true, true, false, true, true, true, false, true, true, true, true, false, false, true, true, false, true, true, true, false, false, true, false] - bool[32] h3 = [true, false, true, false, false, true, false, true, false, true, false, false, true, true, true, true, true, true, true, true, false, true, false, true, false, false, true, true, true, false, true, false] - bool[32] h4 = [false, true, false, true, false, false, false, true, false, false, false, false, true, true, true, false, false, true, false, true, false, false, true, false, false, true, true, true, true, true, true, true] - bool[32] h5 = [true, false, false, true, true, false, true, true, false, false, false, false, false, true, false, true, false, true, true, false, true, false, false, false, true, false, false, false, true, true, false, false] - bool[32] h6 = [false, false, false, true, true, true, true, true, true, false, false, false, false, false, true, true, true, true, false, true, true, false, false, true, true, false, true, false, true, false, true, true] - bool[32] h7 = [false, true, false, true, true, false, true, true, true, true, true, false, false, false, false, false, true, true, false, false, true, true, false, true, false, false, false, true, true, false, false, true] - - bool[256] IV = [...h0, ...h1, ...h2, ...h3, ...h4, ...h5, ...h6, ...h7] - - return IV +def main() -> (u32[8]): + return [0x6a09e667, 0xbb67ae85, 0x3c6ef372, 0xa54ff53a, 0x510e527f, 0x9b05688c, 0x1f83d9ab, 0x5be0cd19] diff --git a/zokrates_stdlib/stdlib/hashes/sha256/shaRound.zok b/zokrates_stdlib/stdlib/hashes/sha256/shaRound.zok new file mode 100644 index 00000000..aa1c1d23 --- /dev/null +++ b/zokrates_stdlib/stdlib/hashes/sha256/shaRound.zok @@ -0,0 +1,126 @@ +import "EMBED/u32_to_bits" as to_bits +import "EMBED/u32_from_bits" as from_bits +import "./IVconstants.zok" + +def right_rotate_2(u32 e) -> (u32): + bool[32] b = to_bits(e) + return from_bits([...b[30..], ...b[..30]]) + +def right_rotate_6(u32 e) -> (u32): + bool[32] b = to_bits(e) + return from_bits([...b[26..], ...b[..26]]) + +def right_rotate_7(u32 e) -> (u32): + bool[32] b = to_bits(e) + return from_bits([...b[25..], ...b[..25]]) + +def right_rotate_11(u32 e) -> (u32): + bool[32] b = to_bits(e) + return from_bits([...b[21..], ...b[..21]]) + +def right_rotate_13(u32 e) -> (u32): + bool[32] b = to_bits(e) + return from_bits([...b[19..], ...b[..19]]) + +def right_rotate_17(u32 e) -> (u32): + bool[32] b = to_bits(e) + return from_bits([...b[15..], ...b[..15]]) + +def right_rotate_18(u32 e) -> (u32): + bool[32] b = to_bits(e) + return from_bits([...b[14..], ...b[..14]]) + +def right_rotate_19(u32 e) -> (u32): + bool[32] b = to_bits(e) + return from_bits([...b[13..], ...b[..13]]) + +def right_rotate_22(u32 e) -> (u32): + bool[32] b = to_bits(e) + return from_bits([...b[10..], ...b[..10]]) + +def right_rotate_25(u32 e) -> (u32): + bool[32] b = to_bits(e) + return from_bits([...b[7..], ...b[..7]]) + +def extend(u32[64] w, field i) -> (u32): + u32 s0 = right_rotate_7(w[i-15]) ^ right_rotate_18(w[i-15]) ^ (w[i-15] >> 3) + u32 s1 = right_rotate_17(w[i-2]) ^ right_rotate_19(w[i-2]) ^ (w[i-2] >> 10) + return w[i-16] + s0 + w[i-7] + s1 + +def temp1(u32 e, u32 f, u32 g, u32 h, u32 k, u32 w) -> (u32): + // ch := (e and f) xor ((not e) and g) + u32 ch = (e & f) ^ ((!e) & g) + + // S1 := (e rightrotate 6) xor (e rightrotate 11) xor (e rightrotate 25) + u32 S1 = right_rotate_6(e) ^ right_rotate_11(e) ^ right_rotate_25(e) + + // temp1 := h + S1 + ch + k + w + return h + S1 + ch + k + w + +def temp2(u32 a, u32 b, u32 c) -> (u32): + // maj := (a and b) xor (a and c) xor (b and c) + u32 maj = (a & b) ^ (a & c) ^ (b & c) + + // S0 := (a rightrotate 2) xor (a rightrotate 13) xor (a rightrotate 22) + u32 S0 = right_rotate_2(a) ^ right_rotate_13(a) ^ right_rotate_22(a) + + // temp2 := S0 + maj + return S0 + maj + +def main(u32[16] input, u32[8] current) -> (u32[8]): + + u32 h0 = current[0] + u32 h1 = current[1] + u32 h2 = current[2] + u32 h3 = current[3] + u32 h4 = current[4] + u32 h5 = current[5] + u32 h6 = current[6] + u32 h7 = current[7] + + u32[64] k = [0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5, 0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5, 0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3, 0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174, 0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc, 0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da, 0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7, 0xc6e00bf3, 0xd5a79147, 0x06ca6351, 0x14292967, 0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13, 0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85, 0xa2bfe8a1, 0xa81a664b, 0xc24b8b70, 0xc76c51a3, 0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070, 0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5, 0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3, 0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208, 0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2] + + u32[64] w = [...input, ...[0x00000000; 48]] + + for field i in 16..64 do + u32 r = extend(w, i) + w[i] = r + endfor + + u32 a = h0 + u32 b = h1 + u32 c = h2 + u32 d = h3 + u32 e = h4 + u32 f = h5 + u32 g = h6 + u32 h = h7 + + for field i in 0..64 do + + u32 t1 = temp1(e, f, g, h, k[i], w[i]) + + u32 t2 = temp2(a, b, c) + + h = g + g = f + f = e + e = d + t1 + d = c + c = b + b = a + a = t1 + t2 + + endfor + + h0 = h0 + a + h1 = h1 + b + h2 = h2 + c + h3 = h3 + d + h4 = h4 + e + h5 = h5 + f + h6 = h6 + g + h7 = h7 + h + + return [h0, h1, h2, h3, h4, h5, h6, h7] + diff --git a/zokrates_stdlib/stdlib/hashes/sha256/shaRoundNoBoolCheck.zok b/zokrates_stdlib/stdlib/hashes/sha256/shaRoundNoBoolCheck.zok deleted file mode 100644 index b5a85663..00000000 --- a/zokrates_stdlib/stdlib/hashes/sha256/shaRoundNoBoolCheck.zok +++ /dev/null @@ -1,6 +0,0 @@ -import "EMBED/sha256round" as sha256round -// a and b is NOT checked to be 0 or 1 -// the return value is checked to be 0 or 1 -// IV vector is checked to be of type bool -def main(bool[256] a, bool[256] b, bool[256] IV) -> (bool[256]): - return sha256round([...a, ...b], IV) diff --git a/zokrates_stdlib/stdlib/hashes/utils/256bitsDirectionHelper.zok b/zokrates_stdlib/stdlib/hashes/utils/256bitsDirectionHelper.zok index 2d4ba181..18e6050c 100644 --- a/zokrates_stdlib/stdlib/hashes/utils/256bitsDirectionHelper.zok +++ b/zokrates_stdlib/stdlib/hashes/utils/256bitsDirectionHelper.zok @@ -1,2 +1,2 @@ -def main(bool selector, bool[256] lhs, bool[256] rhs) -> (bool[512]): +def main(bool selector, u32[8] lhs, u32[8] rhs) -> (u32[16]): return if selector then [...rhs, ...lhs] else [...lhs, ...rhs] fi \ No newline at end of file diff --git a/zokrates_stdlib/stdlib/signatures/verifyEddsa.zok b/zokrates_stdlib/stdlib/signatures/verifyEddsa.zok index ec0e6f6d..b1b03c5a 100644 --- a/zokrates_stdlib/stdlib/signatures/verifyEddsa.zok +++ b/zokrates_stdlib/stdlib/signatures/verifyEddsa.zok @@ -1,10 +1,12 @@ import "hashes/sha256/1024bitPadded" as sha256 import "ecc/edwardsScalarMult" as scalarMult import "ecc/edwardsAdd" as add -import "utils/pack/nonStrictUnpack256" as unpack256 +import "utils/pack/bool/nonStrictUnpack256" as unpack256bool +import "utils/pack/u32/nonStrictUnpack256" as unpack256u import "ecc/edwardsOnCurve" as onCurve import "ecc/edwardsOrderCheck" as orderCheck from "ecc/babyjubjubParams" import BabyJubJubParams +import "utils/casts/u32_8_to_bool_256" /// Verifies an EdDSA Signature. /// @@ -27,7 +29,7 @@ from "ecc/babyjubjubParams" import BabyJubJubParams /// /// Returns: /// Return true for S being a valid EdDSA Signature, false otherwise. -def main(private field[2] R, private field S, field[2] A, bool[256] M0, bool[256] M1, BabyJubJubParams context) -> (bool): +def main(private field[2] R, private field S, field[2] A, u32[8] M0, u32[8] M1, BabyJubJubParams context) -> (bool): field[2] G = [context.Gu, context.Gv] @@ -36,11 +38,11 @@ def main(private field[2] R, private field S, field[2] A, bool[256] M0, bool[256 field isPrimeOrder = orderCheck(R, context) 1 == isPrimeOrder - bool[256] Rx = unpack256(R[0]) - bool[256] Ax = unpack256(A[0]) - bool[256] hRAM = sha256(Rx, Ax, M0, M1) + u32[8] Rx = unpack256u(R[0]) + u32[8] Ax = unpack256u(A[0]) + bool[256] hRAM = u32_8_to_bool_256(sha256(Rx, Ax, M0, M1)) - bool[256] sBits = unpack256(S) + bool[256] sBits = unpack256bool(S) field[2] lhs = scalarMult(sBits, G, context) field[2] AhRAM = scalarMult(hRAM, A, context) diff --git a/zokrates_stdlib/stdlib/utils/casts/bool_128_to_u32_4.zok b/zokrates_stdlib/stdlib/utils/casts/bool_128_to_u32_4.zok new file mode 100644 index 00000000..481a0c9d --- /dev/null +++ b/zokrates_stdlib/stdlib/utils/casts/bool_128_to_u32_4.zok @@ -0,0 +1,4 @@ +import "EMBED/u32_from_bits" as from_bits + +def main(bool[128] bits) -> (u32[4]): + return [from_bits(bits[0..32]), from_bits(bits[32..64]), from_bits(bits[64..96]), from_bits(bits[96..128])] diff --git a/zokrates_stdlib/stdlib/utils/casts/bool_256_to_u32_8.zok b/zokrates_stdlib/stdlib/utils/casts/bool_256_to_u32_8.zok new file mode 100644 index 00000000..812f8e3e --- /dev/null +++ b/zokrates_stdlib/stdlib/utils/casts/bool_256_to_u32_8.zok @@ -0,0 +1,4 @@ +import "EMBED/u32_from_bits" as from_bits + +def main(bool[256] bits) -> (u32[8]): + return [from_bits(bits[0..32]), from_bits(bits[32..64]), from_bits(bits[64..96]), from_bits(bits[96..128]), from_bits(bits[128..160]), from_bits(bits[160..192]), from_bits(bits[192..224]), from_bits(bits[224..256])] diff --git a/zokrates_stdlib/stdlib/utils/casts/u32_4_to_bool_128.zok b/zokrates_stdlib/stdlib/utils/casts/u32_4_to_bool_128.zok new file mode 100644 index 00000000..166a22f7 --- /dev/null +++ b/zokrates_stdlib/stdlib/utils/casts/u32_4_to_bool_128.zok @@ -0,0 +1,4 @@ +import "EMBED/u32_to_bits" as to_bits + +def main(u32[4] input) -> (bool[128]): + return [...to_bits(input[0]), ...to_bits(input[1]), ...to_bits(input[2]), ...to_bits(input[3])] diff --git a/zokrates_stdlib/stdlib/utils/casts/u32_8_to_bool_256.zok b/zokrates_stdlib/stdlib/utils/casts/u32_8_to_bool_256.zok new file mode 100644 index 00000000..e47013d5 --- /dev/null +++ b/zokrates_stdlib/stdlib/utils/casts/u32_8_to_bool_256.zok @@ -0,0 +1,4 @@ +import "EMBED/u32_to_bits" as to_bits + +def main(u32[8] input) -> (bool[256]): + return [...to_bits(input[0]), ...to_bits(input[1]), ...to_bits(input[2]), ...to_bits(input[3]), ...to_bits(input[4]), ...to_bits(input[5]), ...to_bits(input[6]), ...to_bits(input[7])] diff --git a/zokrates_stdlib/stdlib/utils/multiplexer/256bit.zok b/zokrates_stdlib/stdlib/utils/multiplexer/256bit.zok index 30fa993c..c3d111c4 100644 --- a/zokrates_stdlib/stdlib/utils/multiplexer/256bit.zok +++ b/zokrates_stdlib/stdlib/utils/multiplexer/256bit.zok @@ -1,2 +1,2 @@ -def main(bool selector, bool[256] lhs, bool[256] rhs) -> (bool[256]): +def main(bool selector, u32[8] lhs, u32[8] rhs) -> (u32[8]): return if selector then rhs else lhs fi \ No newline at end of file diff --git a/zokrates_stdlib/stdlib/utils/pack/nonStrictUnpack256.zok b/zokrates_stdlib/stdlib/utils/pack/bool/nonStrictUnpack256.zok similarity index 87% rename from zokrates_stdlib/stdlib/utils/pack/nonStrictUnpack256.zok rename to zokrates_stdlib/stdlib/utils/pack/bool/nonStrictUnpack256.zok index 95a64d10..31942bee 100644 --- a/zokrates_stdlib/stdlib/utils/pack/nonStrictUnpack256.zok +++ b/zokrates_stdlib/stdlib/utils/pack/bool/nonStrictUnpack256.zok @@ -10,4 +10,4 @@ def main(field i) -> (bool[256]): bool[254] b = unpack(i) - return [false, false, ...b] + return [false, false, ...b] \ No newline at end of file diff --git a/zokrates_stdlib/stdlib/utils/pack/pack128.zok b/zokrates_stdlib/stdlib/utils/pack/bool/pack128.zok similarity index 58% rename from zokrates_stdlib/stdlib/utils/pack/pack128.zok rename to zokrates_stdlib/stdlib/utils/pack/bool/pack128.zok index 4c6f0adb..2fd8f956 100644 --- a/zokrates_stdlib/stdlib/utils/pack/pack128.zok +++ b/zokrates_stdlib/stdlib/utils/pack/bool/pack128.zok @@ -1,9 +1,13 @@ +#pragma curve bn128 + def main(bool[128] bits) -> (field): field out = 0 - for field j in 0..128 do - field i = 128 - (j + 1) + field len = 128 + + for field j in 0..len do + field i = len - (j + 1) out = out + if bits[i] then (2 ** j) else 0 fi endfor diff --git a/zokrates_stdlib/stdlib/utils/pack/bool/pack256.zok b/zokrates_stdlib/stdlib/utils/pack/bool/pack256.zok new file mode 100644 index 00000000..b5016aa1 --- /dev/null +++ b/zokrates_stdlib/stdlib/utils/pack/bool/pack256.zok @@ -0,0 +1,14 @@ +#pragma curve bn128 + +def main(bool[256] input) -> (field): + + field out = 0 + + field len = 256 + + for field j in 0..len do + field i = len - (j + 1) + out = out + if bits[i] then (2 ** j) else 0 fi + endfor + + return out \ No newline at end of file diff --git a/zokrates_stdlib/stdlib/utils/pack/unpack128.zok b/zokrates_stdlib/stdlib/utils/pack/bool/unpack128.zok similarity index 100% rename from zokrates_stdlib/stdlib/utils/pack/unpack128.zok rename to zokrates_stdlib/stdlib/utils/pack/bool/unpack128.zok diff --git a/zokrates_stdlib/stdlib/utils/pack/pack256.zok b/zokrates_stdlib/stdlib/utils/pack/pack256.zok deleted file mode 100644 index 7c5e3129..00000000 --- a/zokrates_stdlib/stdlib/utils/pack/pack256.zok +++ /dev/null @@ -1,10 +0,0 @@ -def main(bool[256] bits) -> (field): - - field out = 0 - - for field j in 0..256 do - field i = 256 - (j + 1) - out = out + if bits[i] then (2 ** j) else 0 fi - endfor - - return out \ No newline at end of file diff --git a/zokrates_stdlib/stdlib/utils/pack/u32/nonStrictUnpack256.zok b/zokrates_stdlib/stdlib/utils/pack/u32/nonStrictUnpack256.zok new file mode 100644 index 00000000..c2832467 --- /dev/null +++ b/zokrates_stdlib/stdlib/utils/pack/u32/nonStrictUnpack256.zok @@ -0,0 +1,12 @@ +#pragma curve bn128 + +// Non-strict version: +// Note that this does not strongly enforce that the commitment is +// in the field. + +import "../bool/nonStrictUnpack256" as unpack +import "../../casts/bool_256_to_u32_8" as from_bits + +def main(field i) -> (u32[8]): + + return from_bits(unpack(i)) \ No newline at end of file diff --git a/zokrates_stdlib/stdlib/utils/pack/u32/pack128.zok b/zokrates_stdlib/stdlib/utils/pack/u32/pack128.zok new file mode 100644 index 00000000..e2d000d4 --- /dev/null +++ b/zokrates_stdlib/stdlib/utils/pack/u32/pack128.zok @@ -0,0 +1,10 @@ +#pragma curve bn128 + +import "EMBED/u32_to_bits" as to_bits +import "../bool/pack128" + +def main(u32[4] input) -> (field): + + bool[128] bits = [...to_bits(input[0]), ...to_bits(input[1]), ...to_bits(input[2]), ...to_bits(input[3])] + + return pack128(bits) \ No newline at end of file diff --git a/zokrates_stdlib/stdlib/utils/pack/u32/pack256.zok b/zokrates_stdlib/stdlib/utils/pack/u32/pack256.zok new file mode 100644 index 00000000..17daa427 --- /dev/null +++ b/zokrates_stdlib/stdlib/utils/pack/u32/pack256.zok @@ -0,0 +1,10 @@ +#pragma curve bn128 + +import "EMBED/u32_to_bits" as to_bits +import "../bool/pack256" + +def main(u32[8] input) -> (field): + + bool[256] bits = [...to_bits(input[0]), ...to_bits(input[1]), ...to_bits(input[2]), ...to_bits(input[3]), ...to_bits(input[4]), ...to_bits(input[5]), ...to_bits(input[6]), ...to_bits(input[7])] + + return pack256(bits) \ No newline at end of file diff --git a/zokrates_stdlib/stdlib/utils/pack/u32/unpack128.zok b/zokrates_stdlib/stdlib/utils/pack/u32/unpack128.zok new file mode 100644 index 00000000..2c09ca81 --- /dev/null +++ b/zokrates_stdlib/stdlib/utils/pack/u32/unpack128.zok @@ -0,0 +1,7 @@ +#pragma curve bn128 + +import "../bool/unpack128" as unpack +import "../../casts/bool_128_to_u32_4" as from_bits + +def main(field i) -> (u32[4]): + return from_bits(unpack(i)) \ No newline at end of file diff --git a/zokrates_stdlib/tests/tests/ecc/proofOfOwnership.zok b/zokrates_stdlib/tests/tests/ecc/proofOfOwnership.zok index 3be541c1..4e99b22d 100644 --- a/zokrates_stdlib/tests/tests/ecc/proofOfOwnership.zok +++ b/zokrates_stdlib/tests/tests/ecc/proofOfOwnership.zok @@ -2,7 +2,6 @@ import "ecc/babyjubjubParams" as context from "ecc/babyjubjubParams" import BabyJubJubParams import "ecc/proofOfOwnership" as proofOfOwnership import "ecc/edwardsScalarMult" as multiply -import "utils/pack/nonStrictUnpack256" as unpack256 // Code to create test cases: // https://github.com/Zokrates/pycrypto diff --git a/zokrates_stdlib/tests/tests/hashes/pedersen/512bit.zok b/zokrates_stdlib/tests/tests/hashes/pedersen/512bit.zok index 9e281330..7d7f7fae 100644 --- a/zokrates_stdlib/tests/tests/hashes/pedersen/512bit.zok +++ b/zokrates_stdlib/tests/tests/hashes/pedersen/512bit.zok @@ -16,10 +16,10 @@ import "hashes/pedersen/512bit" as pedersen def main() -> (field): - bool[512] e = [false, false, false, true, false, true, true, true, true, true, false, true, false, false, true, false, true, true, true, false, false, true, true, false, true, true, false, true, true, false, false, true, false, true, false, true, true, true, false, false, false, true, true, true, false, true, false, false, true, true, true, false, true, false, false, true, false, true, true, true, true, true, false, false, false, true, false, false, true, false, true, true, true, true, true, true, false, true, true, false, false, false, false, false, true, true, false, false, true, true, false, false, false, false, false, false, true, true, false, false, false, true, true, false, true, false, true, false, false, true, true, false, true, false, true, true, false, true, false, false, false, false, false, true, false, true, true, true, true, false, true, true, true, false, true, false, true, true, true, true, true, true, false, false, false, true, false, true, false, true, false, false, true, true, true, false, true, false, false, true, false, false, true, false, false, false, false, false, false, true, false, true, true, true, false, false, true, false, false, false, false, false, false, false, true, false, false, false, false, false, false, false, false, false, true, false, false, true, true, false, false, false, false, true, true, true, true, true, false, true, false, false, false, false, true, false, false, true, false, false, false, true, false, false, true, false, false, true, false, true, true, false, false, false, true, true, false, true, false, false, true, true, false, true, false, true, true, false, true, true, false, true, true, true, true, true, true, false, false, false, true, true, true, false, false, true, true, true, true, true, true, true, false, true, false, true, true, true, true, false, false, false, false, false, false, true, true, false, false, true, true, false, true, false, true, false, false, false, true, false, true, false, false, true, false, true, true, false, true, true, true, false, true, true, false, false, true, true, true, true, false, false, false, true, true, true, false, true, true, true, false, false, false, false, false, true, true, false, false, false, false, false, true, true, true, false, false, false, true, true, false, false, false, true, true, true, true, false, false, true, false, false, false, true, true, true, false, false, true, false, false, false, true, true, true, true, false, true, false, true, true, false, true, false, true, true, true, false, true, true, true, false, true, false, false, true, true, true, true, false, true, true, false, false, true, false, true, false, false, false, true, true, false, false, true, true, false, false, true, false, false, false, false, true, false, false, false, false, false, false, false, false, true, true, true, true, false, false, false, true, true, false, false, false, true, false, false, true, true, true, false, false, true, false, false, true, false, true, true, false, true, false, true, true, false, false, false, false, false, false, true, false, true, false, false, false, true, false, false, false, true, true, false, false, false, true, true, false, true, false, true, true, false, false, false, true, false, true, false, true, false, false, false, false, false, false, false, true, true, true, true, true] + u32[16] e = [0x17d2e6d9, 0x5c74e97c, 0x4bf60cc0, 0xc6a6b417, 0xbafc54e9, 0x205c8080, 0x261f4244, 0x9634d6df, 0x8e7f5e06, 0x6a296ecf, 0x1dc1838c, 0x791c8f5a, 0xee9eca33, 0x2100f189, 0xc96b0288, 0xc6b1501f] - bool[256] d = pedersen(e) + u32[8] d = pedersen(e) - d == [false, false, false, false, false, true, true, false, true, true, false, true, true, true, true, true, true, false, true, false, true, true, false, false, true, false, true, false, false, false, false, false, true, true, false, true, true, false, false, false, false, false, true, false, true, true, false, false, false, false, false, false, false, true, true, true, true, false, true, false, true, true, true, false, false, false, true, true, false, false, true, true, false, true, true, true, true, false, false, false, false, true, true, true, true, false, true, true, false, false, true, false, true, true, true, true, false, true, true, false, false, true, true, false, false, true, false, true, false, false, true, true, false, false, false, true, true, false, false, false, false, false, false, false, false, false, true, false, true, false, false, true, true, true, true, true, false, true, true, true, true, false, false, false, true, false, false, true, true, true, true, true, false, false, false, true, false, true, true, false, true, false, false, false, true, false, false, true, false, false, true, false, false, false, false, true, true, false, false, false, true, false, false, true, false, false, true, false, false, true, true, false, false, false, true, false, true, false, false, true, true, true, true, true, false, false, false, true, false, true, false, false, true, true, false, true, false, true, true, true, false, false, false, false, false, false, true, false, true, false, true, false, false, false, true, false, true, false, false, false, false, false, true, false, true, false, false, false, false, false, false, false, true, false, true, true] + d == [0x06dfaca0, 0xd82c07ae, 0x33787b2f, 0x66531802, 0x9f789f16, 0x89218926, 0x29f14d70, 0x2a28280b] return 1 \ No newline at end of file diff --git a/zokrates_stdlib/tests/tests/hashes/sha256/1024bitPadded.zok b/zokrates_stdlib/tests/tests/hashes/sha256/1024bitPadded.zok index 0a8066ee..6b428be2 100644 --- a/zokrates_stdlib/tests/tests/hashes/sha256/1024bitPadded.zok +++ b/zokrates_stdlib/tests/tests/hashes/sha256/1024bitPadded.zok @@ -17,13 +17,13 @@ import "hashes/sha256/1024bitPadded" as sha256 def main() -> (field): - bool[256] a = [false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false] - bool[256] b = [false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false] - bool[256] c = [false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false] - bool[256] d = [false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, true, false, true] + u32[8] a = [0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000] + u32[8] b = [0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000] + u32[8] c = [0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000] + u32[8] d = [0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000005] - bool[256] digest = sha256(a, b, c, d) + u32[8] digest = sha256(a, b, c, d) - digest == [true, true, true, false, true, true, true, true, true, false, true, false, false, true, false, false, false, false, false, true, true, true, false, false, true, false, true, false, false, true, false, false, true, false, true, false, false, true, false, true, true, true, false, false, false, true, true, true, false, true, true, false, true, false, true, true, false, true, false, false, true, false, false, true, false, true, false, true, true, true, false, true, false, true, false, true, false, true, false, true, true, true, false, true, true, true, true, true, true, true, false, true, true, false, true, true, true, true, true, true, true, false, false, true, false, false, false, true, false, true, true, true, false, true, false, true, false, false, true, true, false, false, true, false, false, false, false, false, false, true, false, false, false, false, false, false, false, true, false, false, true, false, true, true, false, false, true, true, true, true, false, false, true, false, false, false, false, false, false, false, false, true, false, false, true, false, false, false, true, false, true, true, false, false, true, true, true, false, false, false, true, true, true, false, true, false, true, true, false, false, false, true, true, false, false, false, false, true, true, true, false, false, true, true, true, false, true, false, true, false, true, false, false, true, true, false, false, true, true, false, false, false, true, true, false, false, true, true, true, false, true, false, false, false, true, true, false, true, true, false, false, false, true, true, true, false, false, false, true, false, false, false, false, false, true, true] + digest == [0xefa41ca4, 0xa5c76b49, 0x5d55dfdb, 0xf9175320, 0x404b3c80, 0x48b38eb1, 0x873aa663, 0x3a363883] return 1 \ No newline at end of file diff --git a/zokrates_stdlib/tests/tests/hashes/sha256/512bit.zok b/zokrates_stdlib/tests/tests/hashes/sha256/512bit.zok index f87a6d33..64fdf1f6 100644 --- a/zokrates_stdlib/tests/tests/hashes/sha256/512bit.zok +++ b/zokrates_stdlib/tests/tests/hashes/sha256/512bit.zok @@ -1,11 +1,11 @@ import "hashes/sha256/512bit" as sha256 def main() -> (field): -bool[256] a = [false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false] -bool[256] b = [false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, true, false, true] +u32[8] a = [0x243f6a88, 0x85a308d3, 0x13198a2e, 0x03707344, 0xa4093822, 0x299f31d0, 0x082efa98, 0xec4e6c89] +u32[8] b = [0x452821e6, 0x38d01377, 0xbe5466cf, 0x34e90c6c, 0xc0ac29b7, 0xc97c50dd, 0x3f84d5b5, 0xb5470917] -bool[256] digest = sha256(a, b) +u32[8] digest = sha256(a, b) -digest == [false, false, false, true, true, true, true, true, false, false, true, true, true, false, true, true, true, false, false, false, true, false, true, true, true, false, false, true, true, false, false, false, true, true, false, false, false, false, true, false, false, false, false, true, true, true, true, false, true, false, true, true, true, false, false, false, true, false, false, true, false, true, false, false, false, false, true, true, true, true, false, false, true, false, false, false, true, true, true, false, true, true, true, false, false, false, true, true, false, false, true, true, false, false, true, false, false, false, true, false, true, true, false, false, false, false, false, true, false, true, false, false, false, false, false, true, false, true, false, false, true, false, true, true, false, true, true, false, false, false, false, true, false, false, false, false, false, true, false, true, false, true, false, true, false, true, true, false, false, false, true, false, false, true, true, false, false, false, false, true, false, true, false, false, true, true, true, false, false, true, true, true, false, false, true, true, true, false, false, false, true, true, true, true, false, false, true, true, false, true, false, true, true, true, true, false, true, true, true, true, false, false, false, true, false, false, true, true, true, false, true, false, false, false, false, false, false, true, true, true, true, false, true, true, true, true, true, false, true, false, true, false, true, true, false, false, true, true, false, false, false, false, true, true, true, true, false, true, false, false, true, false, true, true, false, true] +digest == [0xcf0ae4eb, 0x67d38ffe, 0xb9406898, 0x4b22abde, 0x4e92bc54, 0x8d14585e, 0x48dca888, 0x2d7b09ce] return 1 \ No newline at end of file diff --git a/zokrates_stdlib/tests/tests/hashes/sha256/512bitPadded.zok b/zokrates_stdlib/tests/tests/hashes/sha256/512bitPadded.zok index 16872273..72bdeb51 100644 --- a/zokrates_stdlib/tests/tests/hashes/sha256/512bitPadded.zok +++ b/zokrates_stdlib/tests/tests/hashes/sha256/512bitPadded.zok @@ -15,12 +15,12 @@ import "hashes/sha256/512bitPadded" as sha256 def main() -> (field): -bool[256] a = [false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false] -bool[256] b = [false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, true, false, true] + u32[8] a = [0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000] + u32[8] b = [0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000005] - bool[256] digest = sha256(a, b) + u32[8] digest = sha256(a, b) - digest == [true, true, false, false, false, true, true, false, false, true, false, false, true, false, false, false, false, false, false, true, true, true, true, false, false, false, true, false, false, false, true, false, true, true, false, false, false, true, false, true, true, true, true, true, true, true, true, true, false, true, false, false, false, false, false, true, false, true, true, false, false, true, false, false, true, false, true, false, true, true, true, true, false, true, true, false, true, false, false, false, false, false, false, false, true, false, true, true, true, false, false, false, true, true, false, false, true, true, true, true, true, false, true, false, true, false, true, false, false, true, false, true, true, true, true, false, true, false, false, false, true, true, true, false, true, true, false, true, false, false, true, true, false, false, false, true, false, false, true, false, false, false, false, false, true, true, true, false, true, true, true, false, true, true, true, true, true, true, true, true, true, false, false, false, true, false, false, true, true, true, false, false, false, true, false, false, true, true, true, true, false, false, true, true, false, false, false, false, false, true, true, true, true, true, false, false, false, true, false, false, true, false, true, false, false, true, true, false, true, true, true, true, true, false, true, false, true, false, true, false, true, false, true, false, true, true, true, false, false, false, false, false, false, true, false, true, true, false, false, true, true, true, false, false, true, true, true, false, false, false, false, true, false, false, false, false] + digest == [0xc6481e22, 0xc5ff4164, 0xaf680b8c, 0xfaa5e8ed, 0x3120eeff, 0x89c4f307, 0xc4a6faaa, 0xe059ce10] return 1 \ No newline at end of file diff --git a/zokrates_stdlib/tests/tests/hashes/utils/256bitsDirectionHelper.zok b/zokrates_stdlib/tests/tests/hashes/utils/256bitsDirectionHelper.zok index 7ba74bc0..ec692b88 100644 --- a/zokrates_stdlib/tests/tests/hashes/utils/256bitsDirectionHelper.zok +++ b/zokrates_stdlib/tests/tests/hashes/utils/256bitsDirectionHelper.zok @@ -16,20 +16,20 @@ import "hashes/utils/256bitsDirectionHelper" as direction def left() -> (field): - bool[256] a = [false, false, false, true, true, false, true, true, false, false, false, true, true, false, false, true, true, true, false, true, true, true, true, false, true, false, true, false, true, false, false, false, true, false, true, true, true, false, true, false, false, true, false, false, true, true, true, false, false, false, true, true, true, true, false, false, false, false, false, true, false, true, true, false, false, true, false, false, false, false, true, true, true, true, true, false, true, false, true, true, false, true, true, false, false, true, true, true, true, false, true, false, false, true, false, false, false, false, true, false, false, true, true, false, false, true, true, false, false, true, true, true, true, true, true, true, true, true, false, true, false, false, true, true, true, true, false, false, true, true, false, false, false, true, false, true, false, false, false, false, true, false, true, false, false, false, false, true, true, false, false, false, true, false, false, true, true, true, true, true, false, true, false, true, false, true, false, false, true, false, false, true, false, true, true, true, false, true, true, true, true, true, true, false, false, false, true, false, true, true, true, true, true, false, false, false, true, false, true, false, true, false, true, true, false, false, false, false, true, false, true, true, true, true, true, false, true, true, true, false, true, true, true, false, false, false, true, true, false, false, true, true, false, false, true, false, true, false, true, true, false, false, true, false, true, false, true, false, false, false, true, true, true, false, false, false] - bool[256] b = [false, false, false, false, false, false, true, true, true, true, true, true, false, false, true, true, true, true, true, true, false, true, true, false, false, false, true, false, true, false, false, false, true, true, true, false, false, false, false, false, false, true, true, false, false, true, true, true, false, true, false, true, false, false, true, false, false, false, false, false, true, true, false, true, true, false, false, true, true, false, true, false, false, false, true, true, false, true, true, false, true, true, true, true, false, true, true, true, false, false, false, true, false, true, false, false, true, false, true, false, false, true, false, true, true, false, true, true, true, false, true, false, true, false, false, false, false, true, true, false, true, true, false, false, true, true, false, true, false, false, true, false, true, true, false, true, true, false, true, true, true, true, false, false, true, false, true, false, true, true, true, false, false, false, false, true, true, true, false, true, false, false, true, true, false, true, true, true, true, true, true, false, false, false, false, false, false, false, true, true, false, true, false, false, true, false, true, true, false, false, true, true, true, false, false, false, false, true, false, false, false, true, true, true, true, false, false, false, false, true, true, false, true, true, false, true, true, true, true, false, false, false, true, true, true, true, true, false, true, true, false, true, true, false, true, true, true, false, false, false, true, false, true, true, false, true, false, true, false, true, false, true, false, true, true, true] + u32[8] a = [0x1b19dea8, 0xba4e3c16, 0x43eb67a4, 0x2667fd3c, 0xc50a189f, 0x54977e2f, 0x8ab0beee, 0x332b2a38] + u32[8] b = [0x03f3f628, 0xe067520d, 0x9a36f714, 0xa5ba86cd, 0x2dbcae1d, 0x37e034b3, 0x84786de3, 0xedb8b557] - bool[512] out = direction(false, a, b) - out == [false, false, false, true, true, false, true, true, false, false, false, true, true, false, false, true, true, true, false, true, true, true, true, false, true, false, true, false, true, false, false, false, true, false, true, true, true, false, true, false, false, true, false, false, true, true, true, false, false, false, true, true, true, true, false, false, false, false, false, true, false, true, true, false, false, true, false, false, false, false, true, true, true, true, true, false, true, false, true, true, false, true, true, false, false, true, true, true, true, false, true, false, false, true, false, false, false, false, true, false, false, true, true, false, false, true, true, false, false, true, true, true, true, true, true, true, true, true, false, true, false, false, true, true, true, true, false, false, true, true, false, false, false, true, false, true, false, false, false, false, true, false, true, false, false, false, false, true, true, false, false, false, true, false, false, true, true, true, true, true, false, true, false, true, false, true, false, false, true, false, false, true, false, true, true, true, false, true, true, true, true, true, true, false, false, false, true, false, true, true, true, true, true, false, false, false, true, false, true, false, true, false, true, true, false, false, false, false, true, false, true, true, true, true, true, false, true, true, true, false, true, true, true, false, false, false, true, true, false, false, true, true, false, false, true, false, true, false, true, true, false, false, true, false, true, false, true, false, false, false, true, true, true, false, false, false, false, false, false, false, false, false, true, true, true, true, true, true, false, false, true, true, true, true, true, true, false, true, true, false, false, false, true, false, true, false, false, false, true, true, true, false, false, false, false, false, false, true, true, false, false, true, true, true, false, true, false, true, false, false, true, false, false, false, false, false, true, true, false, true, true, false, false, true, true, false, true, false, false, false, true, true, false, true, true, false, true, true, true, true, false, true, true, true, false, false, false, true, false, true, false, false, true, false, true, false, false, true, false, true, true, false, true, true, true, false, true, false, true, false, false, false, false, true, true, false, true, true, false, false, true, true, false, true, false, false, true, false, true, true, false, true, true, false, true, true, true, true, false, false, true, false, true, false, true, true, true, false, false, false, false, true, true, true, false, true, false, false, true, true, false, true, true, true, true, true, true, false, false, false, false, false, false, false, true, true, false, true, false, false, true, false, true, true, false, false, true, true, true, false, false, false, false, true, false, false, false, true, true, true, true, false, false, false, false, true, true, false, true, true, false, true, true, true, true, false, false, false, true, true, true, true, true, false, true, true, false, true, true, false, true, true, true, false, false, false, true, false, true, true, false, true, false, true, false, true, false, true, false, true, true, true] + u32[16] out = direction(false, a, b) + out == [0x1b19dea8, 0xba4e3c16, 0x43eb67a4, 0x2667fd3c, 0xc50a189f, 0x54977e2f, 0x8ab0beee, 0x332b2a38, 0x03f3f628, 0xe067520d, 0x9a36f714, 0xa5ba86cd, 0x2dbcae1d, 0x37e034b3, 0x84786de3, 0xedb8b557] return 1 def right() -> (field): - bool[256] a = [false, false, false, true, true, false, true, true, false, false, false, true, true, false, false, true, true, true, false, true, true, true, true, false, true, false, true, false, true, false, false, false, true, false, true, true, true, false, true, false, false, true, false, false, true, true, true, false, false, false, true, true, true, true, false, false, false, false, false, true, false, true, true, false, false, true, false, false, false, false, true, true, true, true, true, false, true, false, true, true, false, true, true, false, false, true, true, true, true, false, true, false, false, true, false, false, false, false, true, false, false, true, true, false, false, true, true, false, false, true, true, true, true, true, true, true, true, true, false, true, false, false, true, true, true, true, false, false, true, true, false, false, false, true, false, true, false, false, false, false, true, false, true, false, false, false, false, true, true, false, false, false, true, false, false, true, true, true, true, true, false, true, false, true, false, true, false, false, true, false, false, true, false, true, true, true, false, true, true, true, true, true, true, false, false, false, true, false, true, true, true, true, true, false, false, false, true, false, true, false, true, false, true, true, false, false, false, false, true, false, true, true, true, true, true, false, true, true, true, false, true, true, true, false, false, false, true, true, false, false, true, true, false, false, true, false, true, false, true, true, false, false, true, false, true, false, true, false, false, false, true, true, true, false, false, false] - bool[256] b = [false, false, false, false, false, false, true, true, true, true, true, true, false, false, true, true, true, true, true, true, false, true, true, false, false, false, true, false, true, false, false, false, true, true, true, false, false, false, false, false, false, true, true, false, false, true, true, true, false, true, false, true, false, false, true, false, false, false, false, false, true, true, false, true, true, false, false, true, true, false, true, false, false, false, true, true, false, true, true, false, true, true, true, true, false, true, true, true, false, false, false, true, false, true, false, false, true, false, true, false, false, true, false, true, true, false, true, true, true, false, true, false, true, false, false, false, false, true, true, false, true, true, false, false, true, true, false, true, false, false, true, false, true, true, false, true, true, false, true, true, true, true, false, false, true, false, true, false, true, true, true, false, false, false, false, true, true, true, false, true, false, false, true, true, false, true, true, true, true, true, true, false, false, false, false, false, false, false, true, true, false, true, false, false, true, false, true, true, false, false, true, true, true, false, false, false, false, true, false, false, false, true, true, true, true, false, false, false, false, true, true, false, true, true, false, true, true, true, true, false, false, false, true, true, true, true, true, false, true, true, false, true, true, false, true, true, true, false, false, false, true, false, true, true, false, true, false, true, false, true, false, true, false, true, true, true] + u32[8] a = [0x1b19dea8, 0xba4e3c16, 0x43eb67a4, 0x2667fd3c, 0xc50a189f, 0x54977e2f, 0x8ab0beee, 0x332b2a38] + u32[8] b = [0x03f3f628, 0xe067520d, 0x9a36f714, 0xa5ba86cd, 0x2dbcae1d, 0x37e034b3, 0x84786de3, 0xedb8b557] - bool[512] out = direction(true, a, b) - out == [false, false, false, false, false, false, true, true, true, true, true, true, false, false, true, true, true, true, true, true, false, true, true, false, false, false, true, false, true, false, false, false, true, true, true, false, false, false, false, false, false, true, true, false, false, true, true, true, false, true, false, true, false, false, true, false, false, false, false, false, true, true, false, true, true, false, false, true, true, false, true, false, false, false, true, true, false, true, true, false, true, true, true, true, false, true, true, true, false, false, false, true, false, true, false, false, true, false, true, false, false, true, false, true, true, false, true, true, true, false, true, false, true, false, false, false, false, true, true, false, true, true, false, false, true, true, false, true, false, false, true, false, true, true, false, true, true, false, true, true, true, true, false, false, true, false, true, false, true, true, true, false, false, false, false, true, true, true, false, true, false, false, true, true, false, true, true, true, true, true, true, false, false, false, false, false, false, false, true, true, false, true, false, false, true, false, true, true, false, false, true, true, true, false, false, false, false, true, false, false, false, true, true, true, true, false, false, false, false, true, true, false, true, true, false, true, true, true, true, false, false, false, true, true, true, true, true, false, true, true, false, true, true, false, true, true, true, false, false, false, true, false, true, true, false, true, false, true, false, true, false, true, false, true, true, true, false, false, false, true, true, false, true, true, false, false, false, true, true, false, false, true, true, true, false, true, true, true, true, false, true, false, true, false, true, false, false, false, true, false, true, true, true, false, true, false, false, true, false, false, true, true, true, false, false, false, true, true, true, true, false, false, false, false, false, true, false, true, true, false, false, true, false, false, false, false, true, true, true, true, true, false, true, false, true, true, false, true, true, false, false, true, true, true, true, false, true, false, false, true, false, false, false, false, true, false, false, true, true, false, false, true, true, false, false, true, true, true, true, true, true, true, true, true, false, true, false, false, true, true, true, true, false, false, true, true, false, false, false, true, false, true, false, false, false, false, true, false, true, false, false, false, false, true, true, false, false, false, true, false, false, true, true, true, true, true, false, true, false, true, false, true, false, false, true, false, false, true, false, true, true, true, false, true, true, true, true, true, true, false, false, false, true, false, true, true, true, true, true, false, false, false, true, false, true, false, true, false, true, true, false, false, false, false, true, false, true, true, true, true, true, false, true, true, true, false, true, true, true, false, false, false, true, true, false, false, true, true, false, false, true, false, true, false, true, true, false, false, true, false, true, false, true, false, false, false, true, true, true, false, false, false] + u32[16] out = direction(true, a, b) + out == [0x03f3f628, 0xe067520d, 0x9a36f714, 0xa5ba86cd, 0x2dbcae1d, 0x37e034b3, 0x84786de3, 0xedb8b557, 0x1b19dea8, 0xba4e3c16, 0x43eb67a4, 0x2667fd3c, 0xc50a189f, 0x54977e2f, 0x8ab0beee, 0x332b2a38] return 1 def main() -> (field): diff --git a/zokrates_stdlib/tests/tests/signatures/verifyEddsa.zok b/zokrates_stdlib/tests/tests/signatures/verifyEddsa.zok index 09dfe7a5..0e01b84f 100644 --- a/zokrates_stdlib/tests/tests/signatures/verifyEddsa.zok +++ b/zokrates_stdlib/tests/tests/signatures/verifyEddsa.zok @@ -14,8 +14,8 @@ def main() -> (field): // Private Key field[2] A = [14897476871502190904409029696666322856887678969656209656241038339251270171395, 16668832459046858928951622951481252834155254151733002984053501254009901876174] - bool[256] M0 = [false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false] - bool[256] M1 = [false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, true, false, true] + u32[8] M0 = [0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000] + u32[8] M1 = [0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000005] bool isVerified = verifyEddsa(R, S, A, M0, M1, context) isVerified == true diff --git a/zokrates_stdlib/tests/tests/utils/multiplexer/256bit.zok b/zokrates_stdlib/tests/tests/utils/multiplexer/256bit.zok index 08eae996..864b059d 100644 --- a/zokrates_stdlib/tests/tests/utils/multiplexer/256bit.zok +++ b/zokrates_stdlib/tests/tests/utils/multiplexer/256bit.zok @@ -3,11 +3,11 @@ import "utils/multiplexer/256bit" as multiplex def left() -> (field): bool bit = false //left - bool[256] a = [false, false, false, true, true, false, true, true, false, false, false, true, true, false, false, true, true, true, false, true, true, true, true, false, true, false, true, false, true, false, false, false, true, false, true, true, true, false, true, false, false, true, false, false, true, true, true, false, false, false, true, true, true, true, false, false, false, false, false, true, false, true, true, false, false, true, false, false, false, false, true, true, true, true, true, false, true, false, true, true, false, true, true, false, false, true, true, true, true, false, true, false, false, true, false, false, false, false, true, false, false, true, true, false, false, true, true, false, false, true, true, true, true, true, true, true, true, true, false, true, false, false, true, true, true, true, false, false, true, true, false, false, false, true, false, true, false, false, false, false, true, false, true, false, false, false, false, true, true, false, false, false, true, false, false, true, true, true, true, true, false, true, false, true, false, true, false, false, true, false, false, true, false, true, true, true, false, true, true, true, true, true, true, false, false, false, true, false, true, true, true, true, true, false, false, false, true, false, true, false, true, false, true, true, false, false, false, false, true, false, true, true, true, true, true, false, true, true, true, false, true, true, true, false, false, false, true, true, false, false, true, true, false, false, true, false, true, false, true, true, false, false, true, false, true, false, true, false, false, false, true, true, true, false, false, false] + u32[8] a = [0x1b19dea8, 0xba4e3c16, 0x43eb67a4, 0x2667fd3c, 0xc50a189f, 0x54977e2f, 0x8ab0beee, 0x332b2a38] - bool[256] b = [false, false, false, false, false, false, true, true, true, true, true, true, false, false, true, true, true, true, true, true, false, true, true, false, false, false, true, false, true, false, false, false, true, true, true, false, false, false, false, false, false, true, true, false, false, true, true, true, false, true, false, true, false, false, true, false, false, false, false, false, true, true, false, true, true, false, false, true, true, false, true, false, false, false, true, true, false, true, true, false, true, true, true, true, false, true, true, true, false, false, false, true, false, true, false, false, true, false, true, false, false, true, false, true, true, false, true, true, true, false, true, false, true, false, false, false, false, true, true, false, true, true, false, false, true, true, false, true, false, false, true, false, true, true, false, true, true, false, true, true, true, true, false, false, true, false, true, false, true, true, true, false, false, false, false, true, true, true, false, true, false, false, true, true, false, true, true, true, true, true, true, false, false, false, false, false, false, false, true, true, false, true, false, false, true, false, true, true, false, false, true, true, true, false, false, false, false, true, false, false, false, true, true, true, true, false, false, false, false, true, true, false, true, true, false, true, true, true, true, false, false, false, true, true, true, true, true, false, true, true, false, true, true, false, true, true, true, false, false, false, true, false, true, true, false, true, false, true, false, true, false, true, false, true, true, true] + u32[8] b = [0x03f3f628, 0xe067520d, 0x9a36f714, 0xa5ba86cd, 0x2dbcae1d, 0x37e034b3, 0x84786de3, 0xedb8b557] - bool[256] output = [false, false, false, true, true, false, true, true, false, false, false, true, true, false, false, true, true, true, false, true, true, true, true, false, true, false, true, false, true, false, false, false, true, false, true, true, true, false, true, false, false, true, false, false, true, true, true, false, false, false, true, true, true, true, false, false, false, false, false, true, false, true, true, false, false, true, false, false, false, false, true, true, true, true, true, false, true, false, true, true, false, true, true, false, false, true, true, true, true, false, true, false, false, true, false, false, false, false, true, false, false, true, true, false, false, true, true, false, false, true, true, true, true, true, true, true, true, true, false, true, false, false, true, true, true, true, false, false, true, true, false, false, false, true, false, true, false, false, false, false, true, false, true, false, false, false, false, true, true, false, false, false, true, false, false, true, true, true, true, true, false, true, false, true, false, true, false, false, true, false, false, true, false, true, true, true, false, true, true, true, true, true, true, false, false, false, true, false, true, true, true, true, true, false, false, false, true, false, true, false, true, false, true, true, false, false, false, false, true, false, true, true, true, true, true, false, true, true, true, false, true, true, true, false, false, false, true, true, false, false, true, true, false, false, true, false, true, false, true, true, false, false, true, false, true, false, true, false, false, false, true, true, true, false, false, false] + u32[8] output = [0x1b19dea8, 0xba4e3c16, 0x43eb67a4, 0x2667fd3c, 0xc50a189f, 0x54977e2f, 0x8ab0beee, 0x332b2a38] output == multiplex(bit, a, b) return 1 @@ -15,11 +15,11 @@ def left() -> (field): def right() -> (field): bool bit = true //right - bool[256] a = [false, false, false, true, true, false, true, true, false, false, false, true, true, false, false, true, true, true, false, true, true, true, true, false, true, false, true, false, true, false, false, false, true, false, true, true, true, false, true, false, false, true, false, false, true, true, true, false, false, false, true, true, true, true, false, false, false, false, false, true, false, true, true, false, false, true, false, false, false, false, true, true, true, true, true, false, true, false, true, true, false, true, true, false, false, true, true, true, true, false, true, false, false, true, false, false, false, false, true, false, false, true, true, false, false, true, true, false, false, true, true, true, true, true, true, true, true, true, false, true, false, false, true, true, true, true, false, false, true, true, false, false, false, true, false, true, false, false, false, false, true, false, true, false, false, false, false, true, true, false, false, false, true, false, false, true, true, true, true, true, false, true, false, true, false, true, false, false, true, false, false, true, false, true, true, true, false, true, true, true, true, true, true, false, false, false, true, false, true, true, true, true, true, false, false, false, true, false, true, false, true, false, true, true, false, false, false, false, true, false, true, true, true, true, true, false, true, true, true, false, true, true, true, false, false, false, true, true, false, false, true, true, false, false, true, false, true, false, true, true, false, false, true, false, true, false, true, false, false, false, true, true, true, false, false, false] + u32[8] a = [0x1b19dea8, 0xba4e3c16, 0x43eb67a4, 0x2667fd3c, 0xc50a189f, 0x54977e2f, 0x8ab0beee, 0x332b2a38] - bool[256] b = [false, false, false, false, false, false, true, true, true, true, true, true, false, false, true, true, true, true, true, true, false, true, true, false, false, false, true, false, true, false, false, false, true, true, true, false, false, false, false, false, false, true, true, false, false, true, true, true, false, true, false, true, false, false, true, false, false, false, false, false, true, true, false, true, true, false, false, true, true, false, true, false, false, false, true, true, false, true, true, false, true, true, true, true, false, true, true, true, false, false, false, true, false, true, false, false, true, false, true, false, false, true, false, true, true, false, true, true, true, false, true, false, true, false, false, false, false, true, true, false, true, true, false, false, true, true, false, true, false, false, true, false, true, true, false, true, true, false, true, true, true, true, false, false, true, false, true, false, true, true, true, false, false, false, false, true, true, true, false, true, false, false, true, true, false, true, true, true, true, true, true, false, false, false, false, false, false, false, true, true, false, true, false, false, true, false, true, true, false, false, true, true, true, false, false, false, false, true, false, false, false, true, true, true, true, false, false, false, false, true, true, false, true, true, false, true, true, true, true, false, false, false, true, true, true, true, true, false, true, true, false, true, true, false, true, true, true, false, false, false, true, false, true, true, false, true, false, true, false, true, false, true, false, true, true, true] + u32[8] b = [0x03f3f628, 0xe067520d, 0x9a36f714, 0xa5ba86cd, 0x2dbcae1d, 0x37e034b3, 0x84786de3, 0xedb8b557] - bool[256] output = [false, false, false, false, false, false, true, true, true, true, true, true, false, false, true, true, true, true, true, true, false, true, true, false, false, false, true, false, true, false, false, false, true, true, true, false, false, false, false, false, false, true, true, false, false, true, true, true, false, true, false, true, false, false, true, false, false, false, false, false, true, true, false, true, true, false, false, true, true, false, true, false, false, false, true, true, false, true, true, false, true, true, true, true, false, true, true, true, false, false, false, true, false, true, false, false, true, false, true, false, false, true, false, true, true, false, true, true, true, false, true, false, true, false, false, false, false, true, true, false, true, true, false, false, true, true, false, true, false, false, true, false, true, true, false, true, true, false, true, true, true, true, false, false, true, false, true, false, true, true, true, false, false, false, false, true, true, true, false, true, false, false, true, true, false, true, true, true, true, true, true, false, false, false, false, false, false, false, true, true, false, true, false, false, true, false, true, true, false, false, true, true, true, false, false, false, false, true, false, false, false, true, true, true, true, false, false, false, false, true, true, false, true, true, false, true, true, true, true, false, false, false, true, true, true, true, true, false, true, true, false, true, true, false, true, true, true, false, false, false, true, false, true, true, false, true, false, true, false, true, false, true, false, true, true, true] + u32[8] output = [0x03f3f628, 0xe067520d, 0x9a36f714, 0xa5ba86cd, 0x2dbcae1d, 0x37e034b3, 0x84786de3, 0xedb8b557] output == multiplex(bit, a, b) return 1 diff --git a/zokrates_stdlib/tests/tests/utils/pack/bool/nonStrictUnpack256.json b/zokrates_stdlib/tests/tests/utils/pack/bool/nonStrictUnpack256.json new file mode 100644 index 00000000..80d78cfa --- /dev/null +++ b/zokrates_stdlib/tests/tests/utils/pack/bool/nonStrictUnpack256.json @@ -0,0 +1,16 @@ +{ + "entry_point": "./tests/tests/utils/pack/bool/nonStrictUnpack256.zok", + "curves": ["Bn128"], + "tests": [ + { + "input": { + "values": [] + }, + "output": { + "Ok": { + "values": ["1"] + } + } + } + ] +} \ No newline at end of file diff --git a/zokrates_stdlib/tests/tests/utils/pack/nonStrictUnpack256.zok b/zokrates_stdlib/tests/tests/utils/pack/bool/nonStrictUnpack256.zok similarity index 99% rename from zokrates_stdlib/tests/tests/utils/pack/nonStrictUnpack256.zok rename to zokrates_stdlib/tests/tests/utils/pack/bool/nonStrictUnpack256.zok index acdf18e1..ebbcd4ac 100644 --- a/zokrates_stdlib/tests/tests/utils/pack/nonStrictUnpack256.zok +++ b/zokrates_stdlib/tests/tests/utils/pack/bool/nonStrictUnpack256.zok @@ -1,4 +1,4 @@ -import "utils/pack/nonStrictUnpack256" as unpack256 +import "utils/pack/bool/nonStrictUnpack256" as unpack256 def testFive() -> (field): diff --git a/zokrates_stdlib/tests/tests/utils/pack/unpack128.json b/zokrates_stdlib/tests/tests/utils/pack/bool/pack128.json similarity index 70% rename from zokrates_stdlib/tests/tests/utils/pack/unpack128.json rename to zokrates_stdlib/tests/tests/utils/pack/bool/pack128.json index b5f7768f..f9fc4dc4 100644 --- a/zokrates_stdlib/tests/tests/utils/pack/unpack128.json +++ b/zokrates_stdlib/tests/tests/utils/pack/bool/pack128.json @@ -1,5 +1,5 @@ { - "entry_point": "./tests/tests/utils/pack/unpack128.zok", + "entry_point": "./tests/tests/utils/pack/bool/pack128.zok", "curves": ["Bn128"], "tests": [ { diff --git a/zokrates_stdlib/tests/tests/utils/pack/pack128.zok b/zokrates_stdlib/tests/tests/utils/pack/bool/pack128.zok similarity index 98% rename from zokrates_stdlib/tests/tests/utils/pack/pack128.zok rename to zokrates_stdlib/tests/tests/utils/pack/bool/pack128.zok index 11ff1ff4..819ed8e1 100644 --- a/zokrates_stdlib/tests/tests/utils/pack/pack128.zok +++ b/zokrates_stdlib/tests/tests/utils/pack/bool/pack128.zok @@ -1,4 +1,4 @@ -import "utils/pack/pack128" as pack128 +import "utils/pack/bool/pack128" as pack128 def testFive() -> (field): diff --git a/zokrates_stdlib/tests/tests/utils/pack/nonStrictUnpack256.json b/zokrates_stdlib/tests/tests/utils/pack/bool/unpack128.json similarity index 68% rename from zokrates_stdlib/tests/tests/utils/pack/nonStrictUnpack256.json rename to zokrates_stdlib/tests/tests/utils/pack/bool/unpack128.json index fe66a5c8..d7868da7 100644 --- a/zokrates_stdlib/tests/tests/utils/pack/nonStrictUnpack256.json +++ b/zokrates_stdlib/tests/tests/utils/pack/bool/unpack128.json @@ -1,5 +1,5 @@ { - "entry_point": "./tests/tests/utils/pack/nonStrictUnpack256.zok", + "entry_point": "./tests/tests/utils/pack/bool/unpack128.zok", "curves": ["Bn128"], "tests": [ { diff --git a/zokrates_stdlib/tests/tests/utils/pack/unpack128.zok b/zokrates_stdlib/tests/tests/utils/pack/bool/unpack128.zok similarity index 98% rename from zokrates_stdlib/tests/tests/utils/pack/unpack128.zok rename to zokrates_stdlib/tests/tests/utils/pack/bool/unpack128.zok index 2b81cd34..f86bd856 100644 --- a/zokrates_stdlib/tests/tests/utils/pack/unpack128.zok +++ b/zokrates_stdlib/tests/tests/utils/pack/bool/unpack128.zok @@ -1,4 +1,4 @@ -import "utils/pack/unpack128" as unpack128 +import "utils/pack/bool/unpack128" as unpack128 def testFive() -> (field): diff --git a/zokrates_stdlib/tests/tests/utils/pack/u32/nonStrictUnpack256.json b/zokrates_stdlib/tests/tests/utils/pack/u32/nonStrictUnpack256.json new file mode 100644 index 00000000..0aa40ce2 --- /dev/null +++ b/zokrates_stdlib/tests/tests/utils/pack/u32/nonStrictUnpack256.json @@ -0,0 +1,16 @@ +{ + "entry_point": "./tests/tests/utils/pack/u32/nonStrictUnpack256.zok", + "curves": ["Bn128"], + "tests": [ + { + "input": { + "values": [] + }, + "output": { + "Ok": { + "values": ["1"] + } + } + } + ] +} \ No newline at end of file diff --git a/zokrates_stdlib/tests/tests/utils/pack/u32/nonStrictUnpack256.zok b/zokrates_stdlib/tests/tests/utils/pack/u32/nonStrictUnpack256.zok new file mode 100644 index 00000000..3ccc32c4 --- /dev/null +++ b/zokrates_stdlib/tests/tests/utils/pack/u32/nonStrictUnpack256.zok @@ -0,0 +1,41 @@ +import "utils/pack/u32/nonStrictUnpack256" as unpack256 + +def testFive() -> (field): + + u32[8] b = unpack256(5) + + b == [0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000005] + + return 1 + +def testZero() -> (field): + + u32[8] b = unpack256(0) + + b == [0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000] + + return 1 + +def testLarge() -> (field): + + u32[8] b = unpack256(14474011154664524427946373126085988481658748083205070504932198000989141204991) + + b == [0x1fffffff, 0xffffffff, 0xffffffff, 0xffffffff, 0xffffffff, 0xffffffff, 0xffffffff, 0xffffffff] + + return 1 + +def testMax() -> (field): + + u32[8] b = unpack256(21888242871839275222246405745257275088548364400416034343698204186575808495616) + + b == [0x30644e72, 0xe131a029, 0xb85045b6, 0x8181585d, 0x2833e848, 0x79b97091, 0x43e1f593, 0xf0000000] + + return 1 + + def main() -> (field): + + 1 == testFive() + 1 == testMax() + 1 == testZero() + 1 == testLarge() + return 1 diff --git a/zokrates_stdlib/tests/tests/utils/pack/pack128.json b/zokrates_stdlib/tests/tests/utils/pack/u32/pack128.json similarity index 70% rename from zokrates_stdlib/tests/tests/utils/pack/pack128.json rename to zokrates_stdlib/tests/tests/utils/pack/u32/pack128.json index f581763f..7e615a3e 100644 --- a/zokrates_stdlib/tests/tests/utils/pack/pack128.json +++ b/zokrates_stdlib/tests/tests/utils/pack/u32/pack128.json @@ -1,5 +1,5 @@ { - "entry_point": "./tests/tests/utils/pack/pack128.zok", + "entry_point": "./tests/tests/utils/pack/u32/pack128.zok", "curves": ["Bn128"], "tests": [ { diff --git a/zokrates_stdlib/tests/tests/utils/pack/u32/pack128.zok b/zokrates_stdlib/tests/tests/utils/pack/u32/pack128.zok new file mode 100644 index 00000000..ecd0e7a8 --- /dev/null +++ b/zokrates_stdlib/tests/tests/utils/pack/u32/pack128.zok @@ -0,0 +1,36 @@ +import "utils/pack/u32/pack128" as pack128 + +def testFive() -> (field): + + u32[4] b = [0x00000000, 0x00000000, 0x00000000, 0x00000005] + field n = pack128(b) + + 5 == n + + return 1 + +def testZero() -> (field): + + u32[4] b = [0x00000000, 0x00000000, 0x00000000, 0x00000000] + field n = pack128(b) + + 0 == n + + return 1 + +def testMax() -> (field): + + u32[4] b = [0xffffffff, 0xffffffff, 0xffffffff, 0xffffffff] + field n = pack128(b) + + 2**128 - 1 == n + + return 1 + + def main() -> (field): + + 1 == testFive() + 1 == testMax() + 1 == testZero() + + return 1 diff --git a/zokrates_stdlib/tests/tests/utils/pack/u32/unpack128.json b/zokrates_stdlib/tests/tests/utils/pack/u32/unpack128.json new file mode 100644 index 00000000..75252d88 --- /dev/null +++ b/zokrates_stdlib/tests/tests/utils/pack/u32/unpack128.json @@ -0,0 +1,16 @@ +{ + "entry_point": "./tests/tests/utils/pack/u32/unpack128.zok", + "curves": ["Bn128"], + "tests": [ + { + "input": { + "values": [] + }, + "output": { + "Ok": { + "values": ["1"] + } + } + } + ] +} \ No newline at end of file diff --git a/zokrates_stdlib/tests/tests/utils/pack/u32/unpack128.zok b/zokrates_stdlib/tests/tests/utils/pack/u32/unpack128.zok new file mode 100644 index 00000000..b264ded7 --- /dev/null +++ b/zokrates_stdlib/tests/tests/utils/pack/u32/unpack128.zok @@ -0,0 +1,33 @@ +import "utils/pack/u32/unpack128" as unpack128 + +def testFive() -> (field): + + u32[4] b = unpack128(5) + + b == [0x00000000, 0x00000000, 0x00000000, 0x00000005] + + return 1 + +def testZero() -> (field): + + u32[4] b = unpack128(0) + + b == [0x00000000, 0x00000000, 0x00000000, 0x00000000] + + return 1 + +def testMax() -> (field): + + u32[4] b = unpack128(2**128 - 1) + + b == [0xffffffff, 0xffffffff, 0xffffffff, 0xffffffff] + + return 1 + + def main() -> (field): + + 1 == testFive() + 1 == testMax() + 1 == testZero() + + return 1 From 802ab653e6a3dd23ca51d3f0341e52180bc8094e Mon Sep 17 00:00:00 2001 From: schaeff Date: Fri, 3 Jul 2020 18:29:57 +0200 Subject: [PATCH 02/11] remove print --- zokrates_core/src/semantics.rs | 2 -- 1 file changed, 2 deletions(-) diff --git a/zokrates_core/src/semantics.rs b/zokrates_core/src/semantics.rs index 52bbd20b..3a4c314e 100644 --- a/zokrates_core/src/semantics.rs +++ b/zokrates_core/src/semantics.rs @@ -396,8 +396,6 @@ impl<'ast> Checker<'ast> { match Checker::new().check_module(&import.module_id, state) { Ok(()) => { - println!("{:?} {:#?}", import.module_id, state.typed_modules.keys()); - // find candidates in the checked module let function_candidates: Vec<_> = state .typed_modules From 83d0a299123aa19decb42331e69ffd36dca513b9 Mon Sep 17 00:00:00 2001 From: schaeff Date: Mon, 6 Jul 2020 17:02:10 +0200 Subject: [PATCH 03/11] switch off release mode on tests --- zokrates_test/src/lib.rs | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/zokrates_test/src/lib.rs b/zokrates_test/src/lib.rs index e3ca6b8c..1e52048f 100644 --- a/zokrates_test/src/lib.rs +++ b/zokrates_test/src/lib.rs @@ -108,12 +108,14 @@ fn compile_and_run(t: Tests) { code, t.entry_point.clone(), Some(&resolver), - &CompileConfig::default().with_is_release(true), + &CompileConfig::default(), ) .unwrap(); let bin = artifacts.prog(); + println!("NOTE: We do not compile in release mode here, so the metrics below are conservative"); + match t.max_constraint_count { Some(target_count) => { let count = bin.constraint_count(); From 76940140d6c813e39272825eae0210fd47350c0e Mon Sep 17 00:00:00 2001 From: schaeff Date: Mon, 6 Jul 2020 17:17:35 +0200 Subject: [PATCH 04/11] fix stdlib tests --- zokrates_js/tests/stdlib.test.js | 2 +- zokrates_js/tests/utils.test.js | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/zokrates_js/tests/stdlib.test.js b/zokrates_js/tests/stdlib.test.js index f90ba414..faa345ae 100644 --- a/zokrates_js/tests/stdlib.test.js +++ b/zokrates_js/tests/stdlib.test.js @@ -6,7 +6,7 @@ describe('stdlib', function() { it('should resolve module from stdlib (1)', function() { let basePath = 'hashes/sha256/512bitPacked.zok'; - let relativePath = '../../utils/pack/pack128'; + let relativePath = '../../utils/pack/u32/pack128'; let absolutePath = utils.appendExtension(utils.getAbsolutePath(basePath, relativePath), '.zok'); assert.notEqual(stdlib[absolutePath], undefined); diff --git a/zokrates_js/tests/utils.test.js b/zokrates_js/tests/utils.test.js index 1ac375f8..c324c23a 100644 --- a/zokrates_js/tests/utils.test.js +++ b/zokrates_js/tests/utils.test.js @@ -13,10 +13,10 @@ describe('absolute path resolving', function() { it('should resolve valid absolute path (../)', function() { let basePath = 'hashes/sha256/512bitPacked'; - let relativePath = '../../utils/pack/pack128'; + let relativePath = '../../utils/pack/u32/pack128'; let absolutePath = utils.getAbsolutePath(basePath, relativePath); - assert.equal(absolutePath, 'utils/pack/pack128'); + assert.equal(absolutePath, 'utils/pack/u32/pack128'); }); it('should resolve valid absolute path (./)', function() { From 1f04580cffc32ff992585e3472d52e3775530a26 Mon Sep 17 00:00:00 2001 From: dark64 Date: Wed, 15 Jul 2020 19:07:23 +0200 Subject: [PATCH 05/11] update zokrates.js docs --- zokrates_book/src/zokrates_js.md | 37 ++++++++++++++++++++++++++------ zokrates_js/README.md | 4 +++- 2 files changed, 34 insertions(+), 7 deletions(-) diff --git a/zokrates_book/src/zokrates_js.md b/zokrates_book/src/zokrates_js.md index 8d162c74..726449c0 100644 --- a/zokrates_book/src/zokrates_js.md +++ b/zokrates_book/src/zokrates_js.md @@ -19,19 +19,44 @@ npm install zokrates-js ## Usage +### Importing + +Bundlers ```js import { initialize } from 'zokrates-js'; +``` -function importResolver(location, path) { +Node +```js +const { initialize } = require('zokrates-js/node'); +``` + +### Example +```js +function importResolver(currentLocation, importLocation) { // implement your resolving logic here - return { - source: "def main() -> (): return", - location: path + return { + source: "def main() -> (): return", + location: importLocation }; } initialize().then((zokratesProvider) => { - // we have to initialize the wasm module before calling api functions - zokratesProvider.compile("def main(private field a) -> (field): return a", "main", importResolver) + const source = "def main(private field a) -> (field): return a * a"; + + // compilation + const artifacts = zokratesProvider.compile(source, "main", importResolver); + + // computation + const { witness, output } = zokratesProvider.computeWitness(artifacts, ["2"]); + + // run setup + const keypair = zokratesProvider.setup(artifacts.program); + + // generate proof + const proof = zokratesProvider.generateProof(artifacts.program, witness, keypair.pk); + + // export solidity verifier + const verifier = zokratesProvider.exportSolidityVerifier(keypair.vk, "v1"); }); ``` diff --git a/zokrates_js/README.md b/zokrates_js/README.md index 12133e33..2863185f 100644 --- a/zokrates_js/README.md +++ b/zokrates_js/README.md @@ -42,8 +42,10 @@ function importResolver(currentLocation, importLocation) { } initialize().then((zokratesProvider) => { + const source = "def main(private field a) -> (field): return a * a"; + // compilation - const artifacts = zokratesProvider.compile("def main(private field a) -> (field): return a * a", "main", importResolver); + const artifacts = zokratesProvider.compile(source, "main", importResolver); // computation const { witness, output } = zokratesProvider.computeWitness(artifacts, ["2"]); From ab811a0d0ba70b6d3ac27c0967f24cef918c47bd Mon Sep 17 00:00:00 2001 From: dark64 Date: Thu, 16 Jul 2020 11:10:13 +0200 Subject: [PATCH 06/11] fix import resolving issue with absolute paths --- zokrates_js/tests/tests.js | 7 ++++++- zokrates_js/wrapper.js | 3 +++ 2 files changed, 9 insertions(+), 1 deletion(-) diff --git a/zokrates_js/tests/tests.js b/zokrates_js/tests/tests.js index edcfb9fc..d235e3c4 100644 --- a/zokrates_js/tests/tests.js +++ b/zokrates_js/tests/tests.js @@ -25,7 +25,12 @@ describe('tests', function() { it('should resolve stdlib module', function() { assert.doesNotThrow(() => { - const code = 'import "hashes/sha256/512bit" as sha256\ndef main() -> (): return'; + const code = ` + import "hashes/sha256/512bit" as sha256 + import "ecc/edwardsAdd" as edwardsAdd + def main() -> (): + return + `; this.zokrates.compile(code, "main"); }) }); diff --git a/zokrates_js/wrapper.js b/zokrates_js/wrapper.js index e163c128..7765e0c2 100644 --- a/zokrates_js/wrapper.js +++ b/zokrates_js/wrapper.js @@ -1,4 +1,7 @@ const getAbsolutePath = (basePath, relativePath) => { + if (relativePath[0] !== '.') { + return relativePath; + } var stack = basePath.split('/'); var chunks = relativePath.split('/'); stack.pop(); From 07c8a255680cd1e2da08451bc53de39ad897125d Mon Sep 17 00:00:00 2001 From: schaeff Date: Thu, 16 Jul 2020 11:31:19 +0200 Subject: [PATCH 07/11] wip --- .../merkleTree/pedersenPathProof3.zok | 5 +- zokrates_js/Cargo.lock | 1105 +++++++++++++++++ zokrates_js/tests/tests.js | 2 - 3 files changed, 1106 insertions(+), 6 deletions(-) create mode 100644 zokrates_js/Cargo.lock diff --git a/zokrates_cli/examples/merkleTree/pedersenPathProof3.zok b/zokrates_cli/examples/merkleTree/pedersenPathProof3.zok index 109fe71d..d2b2c64d 100644 --- a/zokrates_cli/examples/merkleTree/pedersenPathProof3.zok +++ b/zokrates_cli/examples/merkleTree/pedersenPathProof3.zok @@ -6,11 +6,8 @@ import "hashes/utils/256bitsDirectionHelper" as multiplex // Merke-Tree inclusion proof for tree depth 3 using SNARK efficient pedersen hashes // directionSelector=> 1/true if current digest is on the rhs of the hash -<<<<<<< HEAD -def main(u32[8] rootDigest, private u32[8] leafDigest, private bool[3] directionSelector, u32[8] PathDigest0, private u32[8] PathDigest1, private u32[8] PathDigest2) -> (field): -======= + def main(bool[256] rootDigest, private bool[256] leafDigest, private bool[3] directionSelector, bool[256] PathDigest0, private bool[256] PathDigest1, private bool[256] PathDigest2) -> (): ->>>>>>> 26f4d72ee6e0c802823cf145fbd11a372586eb28 BabyJubJubParams context = context() //Setup diff --git a/zokrates_js/Cargo.lock b/zokrates_js/Cargo.lock new file mode 100644 index 00000000..36f96e42 --- /dev/null +++ b/zokrates_js/Cargo.lock @@ -0,0 +1,1105 @@ +# This file is automatically @generated by Cargo. +# It is not intended for manual editing. +[[package]] +name = "addr2line" +version = "0.13.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1b6a2d3371669ab3ca9797670853d61402b03d0b4b9ebf33d677dfa720203072" +dependencies = [ + "gimli", +] + +[[package]] +name = "adler" +version = "0.2.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ee2a4ec343196209d6594e19543ae87a39f96d5534d7174822a3ad825dd6ed7e" + +[[package]] +name = "aho-corasick" +version = "0.6.10" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "81ce3d38065e618af2d7b77e10c5ad9a069859b4be3c2250f674af3840d9c8a5" +dependencies = [ + "memchr", +] + +[[package]] +name = "autocfg" +version = "1.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f8aac770f1885fd7e387acedd76065302551364496e46b3dd00860b2f8359b9d" + +[[package]] +name = "backtrace" +version = "0.3.50" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "46254cf2fdcdf1badb5934448c1bcbe046a56537b3987d96c51a7afc5d03f293" +dependencies = [ + "addr2line", + "cfg-if", + "libc", + "miniz_oxide", + "object", + "rustc-demangle", +] + +[[package]] +name = "bellman_ce" +version = "0.3.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a5ca1343d8690bb4d62e0665116bd4f109e33a642f86908ed107d226a402b0ef" +dependencies = [ + "bit-vec", + "byteorder", + "cfg-if", + "futures", + "num_cpus", + "pairing_ce", + "rand", + "web-sys", +] + +[[package]] +name = "bincode" +version = "0.8.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e103c8b299b28a9c6990458b7013dc4a8356a9b854c51b9883241f5866fac36e" +dependencies = [ + "byteorder", + "num-traits 0.1.43", + "serde", +] + +[[package]] +name = "bincode" +version = "1.3.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f30d3a39baa26f9651f17b375061f3233dde33424a8b72b0dbe93a68a0bc896d" +dependencies = [ + "byteorder", + "serde", +] + +[[package]] +name = "bit-vec" +version = "0.6.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5f0dc55f2d8a1a85650ac47858bb001b4c0dd73d79e3c455a842925e68d29cd3" + +[[package]] +name = "block-buffer" +version = "0.7.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c0940dc441f31689269e10ac70eb1002a3a1d3ad1390e030043662eb7fe4688b" +dependencies = [ + "block-padding", + "byte-tools", + "byteorder", + "generic-array", +] + +[[package]] +name = "block-padding" +version = "0.1.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "fa79dedbb091f449f1f39e53edf88d5dbe95f895dae6135a8d7b881fb5af73f5" +dependencies = [ + "byte-tools", +] + +[[package]] +name = "bstr" +version = "0.2.13" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "31accafdb70df7871592c058eca3985b71104e15ac32f64706022c58867da931" +dependencies = [ + "lazy_static", + "memchr", + "regex-automata", + "serde", +] + +[[package]] +name = "bumpalo" +version = "3.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2e8c087f005730276d1096a652e92a8bacee2e2472bcc9715a74d2bec38b5820" + +[[package]] +name = "byte-tools" +version = "0.3.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e3b5ca7a04898ad4bcd41c90c5285445ff5b791899bb1b0abdd2a2aa791211d7" + +[[package]] +name = "byteorder" +version = "1.3.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "08c48aae112d48ed9f069b33538ea9e3e90aa263cfa3d1c24309612b1f7472de" + +[[package]] +name = "cfg-if" +version = "0.1.10" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4785bdd1c96b2a846b2bd7cc02e86b6b3dbf14e7e53446c4f54c92a361040822" + +[[package]] +name = "console_error_panic_hook" +version = "0.1.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b8d976903543e0c48546a91908f21588a680a8c8f984df9a5d69feccb2b2a211" +dependencies = [ + "cfg-if", + "wasm-bindgen", +] + +[[package]] +name = "csv" +version = "1.1.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "00affe7f6ab566df61b4be3ce8cf16bc2576bca0963ceb0955e45d514bf9a279" +dependencies = [ + "bstr", + "csv-core", + "itoa", + "ryu", + "serde", +] + +[[package]] +name = "csv-core" +version = "0.1.10" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2b2466559f260f48ad25fe6317b3c8dac77b5bdb5763ac7d9d6103530663bc90" +dependencies = [ + "memchr", +] + +[[package]] +name = "digest" +version = "0.8.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f3d0c8c8752312f9713efd397ff63acb9f85585afbf179282e720e7704954dd5" +dependencies = [ + "generic-array", +] + +[[package]] +name = "either" +version = "1.5.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "bb1f6b1ce1c140482ea30ddd3335fc0024ac7ee112895426e0a629a6c20adfe3" + +[[package]] +name = "failure" +version = "0.1.8" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d32e9bd16cc02eae7db7ef620b392808b89f6a5e16bb3497d159c6b92a0f4f86" +dependencies = [ + "backtrace", + "failure_derive", +] + +[[package]] +name = "failure_derive" +version = "0.1.8" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "aa4da3c766cd7a0db8242e326e9e4e081edd567072893ed320008189715366a4" +dependencies = [ + "proc-macro2 1.0.18", + "quote 1.0.7", + "syn 1.0.34", + "synstructure", +] + +[[package]] +name = "fake-simd" +version = "0.1.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e88a8acf291dafb59c2d96e8f59828f3838bb1a70398823ade51a84de6a6deed" + +[[package]] +name = "ff_ce" +version = "0.9.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "83c0a6a2c53b0bd6d8cae976816dc8a171e0554c03f304e3dac110473e0219fd" +dependencies = [ + "byteorder", + "hex", + "rand", +] + +[[package]] +name = "ff_ce" +version = "0.10.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4592897f75fd1bd178e5ec12d9d7df3d1943464feda2cbce1e708a484e82c8f6" +dependencies = [ + "byteorder", + "ff_derive_ce", + "hex", + "rand", +] + +[[package]] +name = "ff_derive_ce" +version = "0.8.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "50c052fa6d4c2f12305ec364bfb8ef884836f3f61ea015b202372ff996d1ac4b" +dependencies = [ + "num-bigint", + "num-integer", + "num-traits 0.2.12", + "proc-macro2 1.0.18", + "quote 1.0.7", + "syn 1.0.34", +] + +[[package]] +name = "from-pest" +version = "0.3.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "aba9389cedcba1fb3a2aa2ed00f584f2606bce8e0106614a17327a24513bc60f" +dependencies = [ + "pest", + "void", +] + +[[package]] +name = "fuchsia-cprng" +version = "0.1.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a06f77d526c1a601b7c4cdd98f54b5eaabffc14d5f2f0296febdc7f357c6d3ba" + +[[package]] +name = "futures" +version = "0.3.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1e05b85ec287aac0dc34db7d4a569323df697f9c55b99b15d6b4ef8cde49f613" +dependencies = [ + "futures-channel", + "futures-core", + "futures-executor", + "futures-io", + "futures-sink", + "futures-task", + "futures-util", +] + +[[package]] +name = "futures-channel" +version = "0.3.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f366ad74c28cca6ba456d95e6422883cfb4b252a83bed929c83abfdbbf2967d5" +dependencies = [ + "futures-core", + "futures-sink", +] + +[[package]] +name = "futures-core" +version = "0.3.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "59f5fff90fd5d971f936ad674802482ba441b6f09ba5e15fd8b39145582ca399" + +[[package]] +name = "futures-executor" +version = "0.3.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "10d6bb888be1153d3abeb9006b11b02cf5e9b209fda28693c31ae1e4e012e314" +dependencies = [ + "futures-core", + "futures-task", + "futures-util", +] + +[[package]] +name = "futures-io" +version = "0.3.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "de27142b013a8e869c14957e6d2edeef89e97c289e69d042ee3a49acd8b51789" + +[[package]] +name = "futures-sink" +version = "0.3.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3f2032893cb734c7a05d85ce0cc8b8c4075278e93b24b66f9de99d6eb0fa8acc" + +[[package]] +name = "futures-task" +version = "0.3.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "bdb66b5f09e22019b1ab0830f7785bcea8e7a42148683f99214f73f8ec21a626" +dependencies = [ + "once_cell", +] + +[[package]] +name = "futures-util" +version = "0.3.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8764574ff08b701a084482c3c7031349104b07ac897393010494beaa18ce32c6" +dependencies = [ + "futures-channel", + "futures-core", + "futures-io", + "futures-sink", + "futures-task", + "memchr", + "pin-project", + "pin-utils", + "slab", +] + +[[package]] +name = "generic-array" +version = "0.12.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c68f0274ae0e023facc3c97b2e00f076be70e254bc851d972503b328db79b2ec" +dependencies = [ + "typenum", +] + +[[package]] +name = "gimli" +version = "0.22.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "aaf91faf136cb47367fa430cd46e37a788775e7fa104f8b4bcb3861dc389b724" + +[[package]] +name = "hermit-abi" +version = "0.1.15" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3deed196b6e7f9e44a2ae8d94225d80302d81208b1bb673fd21fe634645c85a9" +dependencies = [ + "libc", +] + +[[package]] +name = "hex" +version = "0.4.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "644f9158b2f133fd50f5fb3242878846d9eb792e445c893805ff0e3824006e35" + +[[package]] +name = "itertools" +version = "0.7.11" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0d47946d458e94a1b7bcabbf6521ea7c037062c81f534615abcad76e84d4970d" +dependencies = [ + "either", +] + +[[package]] +name = "itoa" +version = "0.4.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "dc6f3ad7b9d11a0c00842ff8de1b60ee58661048eb8049ed33c73594f359d7e6" + +[[package]] +name = "js-sys" +version = "0.3.42" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "52732a3d3ad72c58ad2dc70624f9c17b46ecd0943b9a4f1ee37c4c18c5d983e2" +dependencies = [ + "wasm-bindgen", +] + +[[package]] +name = "lazy_static" +version = "1.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e2abad23fbc42b3700f2f279844dc832adb2b2eb069b2df918f455c4e18cc646" + +[[package]] +name = "libc" +version = "0.2.72" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a9f8082297d534141b30c8d39e9b1773713ab50fdbe4ff30f750d063b3bfd701" + +[[package]] +name = "log" +version = "0.4.8" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "14b6052be84e6b71ab17edffc2eeabf5c2c3ae1fdb464aae35ac50c67a44e1f7" +dependencies = [ + "cfg-if", +] + +[[package]] +name = "maplit" +version = "1.0.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3e2e65a1a2e43cfcb47a895c4c8b10d1f4a61097f9f254f183aee60cad9c651d" + +[[package]] +name = "memchr" +version = "2.3.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3728d817d99e5ac407411fa471ff9800a778d88a24685968b36824eaf4bee400" + +[[package]] +name = "miniz_oxide" +version = "0.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "be0f75932c1f6cfae3c04000e40114adf955636e19040f9c0a2c380702aa1c7f" +dependencies = [ + "adler", +] + +[[package]] +name = "num" +version = "0.1.42" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4703ad64153382334aa8db57c637364c322d3372e097840c72000dabdcf6156e" +dependencies = [ + "num-integer", + "num-iter", + "num-traits 0.2.12", +] + +[[package]] +name = "num-bigint" +version = "0.2.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "090c7f9998ee0ff65aa5b723e4009f7b217707f1fb5ea551329cc4d6231fb304" +dependencies = [ + "autocfg", + "num-integer", + "num-traits 0.2.12", + "serde", +] + +[[package]] +name = "num-integer" +version = "0.1.43" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8d59457e662d541ba17869cf51cf177c0b5f0cbf476c66bdc90bf1edac4f875b" +dependencies = [ + "autocfg", + "num-traits 0.2.12", +] + +[[package]] +name = "num-iter" +version = "0.1.41" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7a6e6b7c748f995c4c29c5f5ae0248536e04a5739927c74ec0fa564805094b9f" +dependencies = [ + "autocfg", + "num-integer", + "num-traits 0.2.12", +] + +[[package]] +name = "num-traits" +version = "0.1.43" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "92e5113e9fd4cc14ded8e499429f396a20f98c772a47cc8622a736e1ec843c31" +dependencies = [ + "num-traits 0.2.12", +] + +[[package]] +name = "num-traits" +version = "0.2.12" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ac267bcc07f48ee5f8935ab0d24f316fb722d7a1292e2913f0cc196b29ffd611" +dependencies = [ + "autocfg", +] + +[[package]] +name = "num_cpus" +version = "1.13.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "05499f3756671c15885fee9034446956fff3f243d6077b91e5767df161f766b3" +dependencies = [ + "hermit-abi", + "libc", +] + +[[package]] +name = "object" +version = "0.20.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1ab52be62400ca80aa00285d25253d7f7c437b7375c4de678f5405d3afe82ca5" + +[[package]] +name = "once_cell" +version = "1.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0b631f7e854af39a1739f401cf34a8a013dfe09eac4fa4dba91e9768bd28168d" + +[[package]] +name = "opaque-debug" +version = "0.2.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2839e79665f131bdb5782e51f2c6c9599c133c6098982a54c794358bf432529c" + +[[package]] +name = "pairing_ce" +version = "0.21.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "bfc00d65b1d29e0a067a967fcea83d8db261c149f76a557ba73f0304f01cdfde" +dependencies = [ + "byteorder", + "ff_ce 0.10.3", + "rand", +] + +[[package]] +name = "pest" +version = "2.1.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "10f4872ae94d7b90ae48754df22fd42ad52ce740b8f370b03da4835417403e53" +dependencies = [ + "ucd-trie", +] + +[[package]] +name = "pest-ast" +version = "0.3.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3fbf404899169771dd6a32c84248b83cd67a26cc7cc957aac87661490e1227e4" +dependencies = [ + "itertools", + "proc-macro2 0.4.30", + "quote 0.6.13", + "single", + "syn 0.15.44", +] + +[[package]] +name = "pest_derive" +version = "2.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "833d1ae558dc601e9a60366421196a8d94bc0ac980476d0b67e1d0988d72b2d0" +dependencies = [ + "pest", + "pest_generator", +] + +[[package]] +name = "pest_generator" +version = "2.1.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "99b8db626e31e5b81787b9783425769681b347011cc59471e33ea46d2ea0cf55" +dependencies = [ + "pest", + "pest_meta", + "proc-macro2 1.0.18", + "quote 1.0.7", + "syn 1.0.34", +] + +[[package]] +name = "pest_meta" +version = "2.1.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "54be6e404f5317079812fc8f9f5279de376d8856929e21c184ecf6bbd692a11d" +dependencies = [ + "maplit", + "pest", + "sha-1", +] + +[[package]] +name = "pin-project" +version = "0.4.22" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "12e3a6cdbfe94a5e4572812a0201f8c0ed98c1c452c7b8563ce2276988ef9c17" +dependencies = [ + "pin-project-internal", +] + +[[package]] +name = "pin-project-internal" +version = "0.4.22" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6a0ffd45cf79d88737d7cc85bfd5d2894bee1139b356e616fe85dc389c61aaf7" +dependencies = [ + "proc-macro2 1.0.18", + "quote 1.0.7", + "syn 1.0.34", +] + +[[package]] +name = "pin-utils" +version = "0.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8b870d8c151b6f2fb93e84a13146138f05d02ed11c7e7c54f8826aaaf7c9f184" + +[[package]] +name = "proc-macro2" +version = "0.4.30" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "cf3d2011ab5c909338f7887f4fc896d35932e29146c12c8d01da6b22a80ba759" +dependencies = [ + "unicode-xid 0.1.0", +] + +[[package]] +name = "proc-macro2" +version = "1.0.18" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "beae6331a816b1f65d04c45b078fd8e6c93e8071771f41b8163255bbd8d7c8fa" +dependencies = [ + "unicode-xid 0.2.1", +] + +[[package]] +name = "quote" +version = "0.6.13" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6ce23b6b870e8f94f81fb0a363d65d86675884b34a09043c81e5562f11c1f8e1" +dependencies = [ + "proc-macro2 0.4.30", +] + +[[package]] +name = "quote" +version = "1.0.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "aa563d17ecb180e500da1cfd2b028310ac758de548efdd203e18f283af693f37" +dependencies = [ + "proc-macro2 1.0.18", +] + +[[package]] +name = "rand" +version = "0.4.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "552840b97013b1a26992c11eac34bdd778e464601a4c2054b5f0bff7c6761293" +dependencies = [ + "fuchsia-cprng", + "libc", + "rand_core 0.3.1", + "rdrand", + "winapi", +] + +[[package]] +name = "rand_core" +version = "0.3.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7a6fdeb83b075e8266dcc8762c22776f6877a63111121f5f8c7411e5be7eed4b" +dependencies = [ + "rand_core 0.4.2", +] + +[[package]] +name = "rand_core" +version = "0.4.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9c33a3c44ca05fa6f1807d8e6743f3824e8509beca625669633be0acbdf509dc" + +[[package]] +name = "rdrand" +version = "0.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "678054eb77286b51581ba43620cc911abf02758c91f93f479767aed0f90458b2" +dependencies = [ + "rand_core 0.3.1", +] + +[[package]] +name = "reduce" +version = "0.1.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a4c8549eb79c1fc8c449cb18a2d9b7873a7cb1bf2fcbfe8a3ad8812320544341" + +[[package]] +name = "regex" +version = "0.2.11" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9329abc99e39129fcceabd24cf5d85b4671ef7c29c50e972bc5afe32438ec384" +dependencies = [ + "aho-corasick", + "memchr", + "regex-syntax", + "thread_local", + "utf8-ranges", +] + +[[package]] +name = "regex-automata" +version = "0.1.9" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ae1ded71d66a4a97f5e961fd0cb25a5f366a42a41570d16a763a69c092c26ae4" +dependencies = [ + "byteorder", +] + +[[package]] +name = "regex-syntax" +version = "0.5.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7d707a4fa2637f2dca2ef9fd02225ec7661fe01a53623c1e6515b6916511f7a7" +dependencies = [ + "ucd-util", +] + +[[package]] +name = "rustc-demangle" +version = "0.1.16" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4c691c0e608126e00913e33f0ccf3727d5fc84573623b8d65b2df340b5201783" + +[[package]] +name = "ryu" +version = "1.0.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "71d301d4193d031abdd79ff7e3dd721168a9572ef3fe51a1517aba235bd8f86e" + +[[package]] +name = "serde" +version = "1.0.114" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5317f7588f0a5078ee60ef675ef96735a1442132dc645eb1d12c018620ed8cd3" +dependencies = [ + "serde_derive", +] + +[[package]] +name = "serde_bytes" +version = "0.10.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "defbb8a83d7f34cc8380751eeb892b825944222888aff18996ea7901f24aec88" +dependencies = [ + "serde", +] + +[[package]] +name = "serde_derive" +version = "1.0.114" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2a0be94b04690fbaed37cddffc5c134bf537c8e3329d53e982fe04c374978f8e" +dependencies = [ + "proc-macro2 1.0.18", + "quote 1.0.7", + "syn 1.0.34", +] + +[[package]] +name = "serde_json" +version = "1.0.56" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3433e879a558dde8b5e8feb2a04899cf34fdde1fafb894687e52105fc1162ac3" +dependencies = [ + "itoa", + "ryu", + "serde", +] + +[[package]] +name = "sha-1" +version = "0.8.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f7d94d0bede923b3cea61f3f1ff57ff8cdfd77b400fb8f9998949e0cf04163df" +dependencies = [ + "block-buffer", + "digest", + "fake-simd", + "opaque-debug", +] + +[[package]] +name = "sha2" +version = "0.8.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a256f46ea78a0c0d9ff00077504903ac881a1dafdc20da66545699e7776b3e69" +dependencies = [ + "block-buffer", + "digest", + "fake-simd", + "opaque-debug", +] + +[[package]] +name = "single" +version = "1.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "bd5add732a1ab689845591a1b50339cf5310b563e08dc5813c65991f30369ea2" +dependencies = [ + "failure", +] + +[[package]] +name = "slab" +version = "0.4.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c111b5bd5695e56cffe5129854aa230b39c93a305372fdbb2668ca2394eea9f8" + +[[package]] +name = "syn" +version = "0.15.44" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9ca4b3b69a77cbe1ffc9e198781b7acb0c7365a883670e8f1c1bc66fba79a5c5" +dependencies = [ + "proc-macro2 0.4.30", + "quote 0.6.13", + "unicode-xid 0.1.0", +] + +[[package]] +name = "syn" +version = "1.0.34" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "936cae2873c940d92e697597c5eee105fb570cd5689c695806f672883653349b" +dependencies = [ + "proc-macro2 1.0.18", + "quote 1.0.7", + "unicode-xid 0.2.1", +] + +[[package]] +name = "synstructure" +version = "0.12.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b834f2d66f734cb897113e34aaff2f1ab4719ca946f9a7358dba8f8064148701" +dependencies = [ + "proc-macro2 1.0.18", + "quote 1.0.7", + "syn 1.0.34", + "unicode-xid 0.2.1", +] + +[[package]] +name = "thread_local" +version = "0.3.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c6b53e329000edc2b34dbe8545fd20e55a333362d0a321909685a19bd28c3f1b" +dependencies = [ + "lazy_static", +] + +[[package]] +name = "typed-arena" +version = "1.7.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a9b2228007eba4120145f785df0f6c92ea538f5a3635a612ecf4e334c8c1446d" + +[[package]] +name = "typenum" +version = "1.12.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "373c8a200f9e67a0c95e62a4f52fbf80c23b4381c05a17845531982fa99e6b33" + +[[package]] +name = "ucd-trie" +version = "0.1.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "56dee185309b50d1f11bfedef0fe6d036842e3fb77413abef29f8f8d1c5d4c1c" + +[[package]] +name = "ucd-util" +version = "0.1.8" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c85f514e095d348c279b1e5cd76795082cf15bd59b93207832abe0b1d8fed236" + +[[package]] +name = "unicode-xid" +version = "0.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "fc72304796d0818e357ead4e000d19c9c174ab23dc11093ac919054d20a6a7fc" + +[[package]] +name = "unicode-xid" +version = "0.2.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f7fe0bb3479651439c9112f72b6c505038574c9fbb575ed1bf3b797fa39dd564" + +[[package]] +name = "utf8-ranges" +version = "1.0.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b4ae116fef2b7fea257ed6440d3cfcff7f190865f170cdad00bb6465bf18ecba" + +[[package]] +name = "void" +version = "1.0.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6a02e4885ed3bc0f2de90ea6dd45ebcbb66dacffe03547fadbb0eeae2770887d" + +[[package]] +name = "wasm-bindgen" +version = "0.2.65" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f3edbcc9536ab7eababcc6d2374a0b7bfe13a2b6d562c5e07f370456b1a8f33d" +dependencies = [ + "cfg-if", + "serde", + "serde_json", + "wasm-bindgen-macro", +] + +[[package]] +name = "wasm-bindgen-backend" +version = "0.2.65" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "89ed2fb8c84bfad20ea66b26a3743f3e7ba8735a69fe7d95118c33ec8fc1244d" +dependencies = [ + "bumpalo", + "lazy_static", + "log", + "proc-macro2 1.0.18", + "quote 1.0.7", + "syn 1.0.34", + "wasm-bindgen-shared", +] + +[[package]] +name = "wasm-bindgen-macro" +version = "0.2.65" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "eb071268b031a64d92fc6cf691715ca5a40950694d8f683c5bb43db7c730929e" +dependencies = [ + "quote 1.0.7", + "wasm-bindgen-macro-support", +] + +[[package]] +name = "wasm-bindgen-macro-support" +version = "0.2.65" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "cf592c807080719d1ff2f245a687cbadb3ed28b2077ed7084b47aba8b691f2c6" +dependencies = [ + "proc-macro2 1.0.18", + "quote 1.0.7", + "syn 1.0.34", + "wasm-bindgen-backend", + "wasm-bindgen-shared", +] + +[[package]] +name = "wasm-bindgen-shared" +version = "0.2.65" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "72b6c0220ded549d63860c78c38f3bcc558d1ca3f4efa74942c536ddbbb55e87" + +[[package]] +name = "web-sys" +version = "0.3.42" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8be2398f326b7ba09815d0b403095f34dd708579220d099caae89be0b32137b2" +dependencies = [ + "js-sys", + "wasm-bindgen", +] + +[[package]] +name = "winapi" +version = "0.3.9" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5c839a674fcd7a98952e593242ea400abe93992746761e38641405d28b00f419" +dependencies = [ + "winapi-i686-pc-windows-gnu", + "winapi-x86_64-pc-windows-gnu", +] + +[[package]] +name = "winapi-i686-pc-windows-gnu" +version = "0.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ac3b87c63620426dd9b991e5ce0329eff545bccbbb34f3be09ff6fb6ab51b7b6" + +[[package]] +name = "winapi-x86_64-pc-windows-gnu" +version = "0.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "712e227841d057c1ee1cd2fb22fa7e5a5461ae8e48fa2ca79ec42cfc1931183f" + +[[package]] +name = "zokrates_abi" +version = "0.1.1" +dependencies = [ + "serde", + "serde_derive", + "serde_json", + "zokrates_core", + "zokrates_field", +] + +[[package]] +name = "zokrates_common" +version = "0.1.0" + +[[package]] +name = "zokrates_core" +version = "0.4.3" +dependencies = [ + "bellman_ce", + "bincode 0.8.0", + "csv", + "ff_ce 0.9.0", + "hex", + "lazy_static", + "num", + "num-bigint", + "pairing_ce", + "rand", + "reduce", + "regex", + "serde", + "serde_bytes", + "serde_derive", + "serde_json", + "typed-arena", + "zokrates_common", + "zokrates_field", + "zokrates_pest_ast", +] + +[[package]] +name = "zokrates_field" +version = "0.3.6" +dependencies = [ + "bellman_ce", + "bincode 0.8.0", + "lazy_static", + "num-bigint", + "num-integer", + "num-traits 0.2.12", + "serde", + "serde_derive", + "serde_json", + "sha2", +] + +[[package]] +name = "zokrates_js" +version = "1.0.23" +dependencies = [ + "bincode 1.3.1", + "console_error_panic_hook", + "js-sys", + "serde", + "serde_json", + "wasm-bindgen", + "zokrates_abi", + "zokrates_common", + "zokrates_core", + "zokrates_field", +] + +[[package]] +name = "zokrates_parser" +version = "0.1.4" +dependencies = [ + "pest", + "pest_derive", +] + +[[package]] +name = "zokrates_pest_ast" +version = "0.1.3" +dependencies = [ + "from-pest", + "lazy_static", + "pest", + "pest-ast", + "zokrates_field", + "zokrates_parser", +] diff --git a/zokrates_js/tests/tests.js b/zokrates_js/tests/tests.js index d235e3c4..e6ca9951 100644 --- a/zokrates_js/tests/tests.js +++ b/zokrates_js/tests/tests.js @@ -26,8 +26,6 @@ describe('tests', function() { it('should resolve stdlib module', function() { assert.doesNotThrow(() => { const code = ` - import "hashes/sha256/512bit" as sha256 - import "ecc/edwardsAdd" as edwardsAdd def main() -> (): return `; From 81b81e4d103a03226d0c963071beee6c6890441b Mon Sep 17 00:00:00 2001 From: dark64 Date: Thu, 16 Jul 2020 11:54:00 +0200 Subject: [PATCH 08/11] fix extension slicing --- zokrates_js/wrapper.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/zokrates_js/wrapper.js b/zokrates_js/wrapper.js index 7765e0c2..37401642 100644 --- a/zokrates_js/wrapper.js +++ b/zokrates_js/wrapper.js @@ -20,7 +20,7 @@ const getAbsolutePath = (basePath, relativePath) => { const getImportPath = (currentLocation, importLocation) => { let path = getAbsolutePath(currentLocation, importLocation); - const extension = importLocation.slice((path.lastIndexOf(".") - 1 >>> 0) + 2); + const extension = path.slice((path.lastIndexOf(".") - 1 >>> 0) + 2); return extension ? path : path.concat('.zok'); } From 4487e5835cc3e22b46633639f31cf5d3d674207d Mon Sep 17 00:00:00 2001 From: schaeff Date: Thu, 16 Jul 2020 12:55:05 +0200 Subject: [PATCH 09/11] fix example --- zokrates_cli/examples/merkleTree/pedersenPathProof3.zok | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/zokrates_cli/examples/merkleTree/pedersenPathProof3.zok b/zokrates_cli/examples/merkleTree/pedersenPathProof3.zok index d2b2c64d..355eebce 100644 --- a/zokrates_cli/examples/merkleTree/pedersenPathProof3.zok +++ b/zokrates_cli/examples/merkleTree/pedersenPathProof3.zok @@ -7,7 +7,7 @@ import "hashes/utils/256bitsDirectionHelper" as multiplex // Merke-Tree inclusion proof for tree depth 3 using SNARK efficient pedersen hashes // directionSelector=> 1/true if current digest is on the rhs of the hash -def main(bool[256] rootDigest, private bool[256] leafDigest, private bool[3] directionSelector, bool[256] PathDigest0, private bool[256] PathDigest1, private bool[256] PathDigest2) -> (): +def main(u32[8] rootDigest, private u32[8] leafDigest, private bool[3] directionSelector, u32[8] PathDigest0, private u32[8] PathDigest1, private u32[8] PathDigest2) -> (): BabyJubJubParams context = context() //Setup From 84aa649a468cf46726eab44a50af9eecd9273ad8 Mon Sep 17 00:00:00 2001 From: schaeff Date: Thu, 16 Jul 2020 13:20:43 +0200 Subject: [PATCH 10/11] fix example --- zokrates_cli/examples/merkleTree/sha256PathProof3.zok | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/zokrates_cli/examples/merkleTree/sha256PathProof3.zok b/zokrates_cli/examples/merkleTree/sha256PathProof3.zok index 3c27c69f..1757ad7a 100644 --- a/zokrates_cli/examples/merkleTree/sha256PathProof3.zok +++ b/zokrates_cli/examples/merkleTree/sha256PathProof3.zok @@ -3,11 +3,7 @@ import "utils/multiplexer/256bit" as multiplex // Merkle-Tree inclusion proof for tree depth 3 -<<<<<<< HEAD -def main(field treeDepth, u32[8] rootDigest, private u32[8] leafDigest, private bool[2] directionSelector, u32[8] PathDigest0, private u32[8] PathDigest1) -> (field): -======= -def main(field treeDepth, bool[256] rootDigest, private bool[256] leafDigest, private bool[2] directionSelector, bool[256] PathDigest0, private bool[256] PathDigest1) -> (): ->>>>>>> 26f4d72ee6e0c802823cf145fbd11a372586eb28 +def main(field treeDepth, u32[8] rootDigest, private u32[8] leafDigest, private bool[2] directionSelector, u32[8] PathDigest0, private u32[8] PathDigest1) -> (): //Setup u32[8] currentDigest = leafDigest From 1e45be0a645732d5d85f8654622d84a3c3f10e8a Mon Sep 17 00:00:00 2001 From: schaeff Date: Thu, 16 Jul 2020 14:54:44 +0200 Subject: [PATCH 11/11] fix more tests --- .../hashes/utils/256bitsDirectionHelper.zok | 2 +- .../tests/tests/utils/multiplexer/256bit.zok | 10 ------ .../utils/pack/bool/nonStrictUnpack256.json | 2 +- .../utils/pack/u32/nonStrictUnpack256.json | 2 +- .../utils/pack/u32/nonStrictUnpack256.zok | 36 +++++++++---------- .../tests/tests/utils/pack/u32/pack128.zok | 28 +++++++-------- .../tests/tests/utils/pack/u32/unpack128.json | 2 +- .../tests/tests/utils/pack/u32/unpack128.zok | 28 +++++++-------- 8 files changed, 50 insertions(+), 60 deletions(-) diff --git a/zokrates_stdlib/tests/tests/hashes/utils/256bitsDirectionHelper.zok b/zokrates_stdlib/tests/tests/hashes/utils/256bitsDirectionHelper.zok index 0e8ab54d..56bd6ae5 100644 --- a/zokrates_stdlib/tests/tests/hashes/utils/256bitsDirectionHelper.zok +++ b/zokrates_stdlib/tests/tests/hashes/utils/256bitsDirectionHelper.zok @@ -20,7 +20,7 @@ def left() -> (bool): u32[8] b = [0x03f3f628, 0xe067520d, 0x9a36f714, 0xa5ba86cd, 0x2dbcae1d, 0x37e034b3, 0x84786de3, 0xedb8b557] u32[16] out = direction(false, a, b) - out == [0x1b19dea8, 0xba4e3c16, 0x43eb67a4, 0x2667fd3c, 0xc50a189f, 0x54977e2f, 0x8ab0beee, 0x332b2a38, 0x03f3f628, 0xe067520d, 0x9a36f714, 0xa5ba86cd, 0x2dbcae1d, 0x37e034b3, 0x84786de3, 0xedb8b557] + assert(out == [0x1b19dea8, 0xba4e3c16, 0x43eb67a4, 0x2667fd3c, 0xc50a189f, 0x54977e2f, 0x8ab0beee, 0x332b2a38, 0x03f3f628, 0xe067520d, 0x9a36f714, 0xa5ba86cd, 0x2dbcae1d, 0x37e034b3, 0x84786de3, 0xedb8b557]) return true def right() -> (bool): diff --git a/zokrates_stdlib/tests/tests/utils/multiplexer/256bit.zok b/zokrates_stdlib/tests/tests/utils/multiplexer/256bit.zok index a3b90703..0c41d0ca 100644 --- a/zokrates_stdlib/tests/tests/utils/multiplexer/256bit.zok +++ b/zokrates_stdlib/tests/tests/utils/multiplexer/256bit.zok @@ -7,13 +7,8 @@ def left() -> (bool): u32[8] b = [0x03f3f628, 0xe067520d, 0x9a36f714, 0xa5ba86cd, 0x2dbcae1d, 0x37e034b3, 0x84786de3, 0xedb8b557] -<<<<<<< HEAD u32[8] output = [0x1b19dea8, 0xba4e3c16, 0x43eb67a4, 0x2667fd3c, 0xc50a189f, 0x54977e2f, 0x8ab0beee, 0x332b2a38] - output == multiplex(bit, a, b) -======= - bool[256] output = [false, false, false, true, true, false, true, true, false, false, false, true, true, false, false, true, true, true, false, true, true, true, true, false, true, false, true, false, true, false, false, false, true, false, true, true, true, false, true, false, false, true, false, false, true, true, true, false, false, false, true, true, true, true, false, false, false, false, false, true, false, true, true, false, false, true, false, false, false, false, true, true, true, true, true, false, true, false, true, true, false, true, true, false, false, true, true, true, true, false, true, false, false, true, false, false, false, false, true, false, false, true, true, false, false, true, true, false, false, true, true, true, true, true, true, true, true, true, false, true, false, false, true, true, true, true, false, false, true, true, false, false, false, true, false, true, false, false, false, false, true, false, true, false, false, false, false, true, true, false, false, false, true, false, false, true, true, true, true, true, false, true, false, true, false, true, false, false, true, false, false, true, false, true, true, true, false, true, true, true, true, true, true, false, false, false, true, false, true, true, true, true, true, false, false, false, true, false, true, false, true, false, true, true, false, false, false, false, true, false, true, true, true, true, true, false, true, true, true, false, true, true, true, false, false, false, true, true, false, false, true, true, false, false, true, false, true, false, true, true, false, false, true, false, true, false, true, false, false, false, true, true, true, false, false, false] assert(output == multiplex(bit, a, b)) ->>>>>>> 26f4d72ee6e0c802823cf145fbd11a372586eb28 return true @@ -24,13 +19,8 @@ def right() -> (bool): u32[8] b = [0x03f3f628, 0xe067520d, 0x9a36f714, 0xa5ba86cd, 0x2dbcae1d, 0x37e034b3, 0x84786de3, 0xedb8b557] -<<<<<<< HEAD u32[8] output = [0x03f3f628, 0xe067520d, 0x9a36f714, 0xa5ba86cd, 0x2dbcae1d, 0x37e034b3, 0x84786de3, 0xedb8b557] - output == multiplex(bit, a, b) -======= - bool[256] output = [false, false, false, false, false, false, true, true, true, true, true, true, false, false, true, true, true, true, true, true, false, true, true, false, false, false, true, false, true, false, false, false, true, true, true, false, false, false, false, false, false, true, true, false, false, true, true, true, false, true, false, true, false, false, true, false, false, false, false, false, true, true, false, true, true, false, false, true, true, false, true, false, false, false, true, true, false, true, true, false, true, true, true, true, false, true, true, true, false, false, false, true, false, true, false, false, true, false, true, false, false, true, false, true, true, false, true, true, true, false, true, false, true, false, false, false, false, true, true, false, true, true, false, false, true, true, false, true, false, false, true, false, true, true, false, true, true, false, true, true, true, true, false, false, true, false, true, false, true, true, true, false, false, false, false, true, true, true, false, true, false, false, true, true, false, true, true, true, true, true, true, false, false, false, false, false, false, false, true, true, false, true, false, false, true, false, true, true, false, false, true, true, true, false, false, false, false, true, false, false, false, true, true, true, true, false, false, false, false, true, true, false, true, true, false, true, true, true, true, false, false, false, true, true, true, true, true, false, true, true, false, true, true, false, true, true, true, false, false, false, true, false, true, true, false, true, false, true, false, true, false, true, false, true, true, true] assert(output == multiplex(bit, a, b)) ->>>>>>> 26f4d72ee6e0c802823cf145fbd11a372586eb28 return true diff --git a/zokrates_stdlib/tests/tests/utils/pack/bool/nonStrictUnpack256.json b/zokrates_stdlib/tests/tests/utils/pack/bool/nonStrictUnpack256.json index 80d78cfa..fe64e6d0 100644 --- a/zokrates_stdlib/tests/tests/utils/pack/bool/nonStrictUnpack256.json +++ b/zokrates_stdlib/tests/tests/utils/pack/bool/nonStrictUnpack256.json @@ -8,7 +8,7 @@ }, "output": { "Ok": { - "values": ["1"] + "values": [] } } } diff --git a/zokrates_stdlib/tests/tests/utils/pack/u32/nonStrictUnpack256.json b/zokrates_stdlib/tests/tests/utils/pack/u32/nonStrictUnpack256.json index 0aa40ce2..92dcbbf3 100644 --- a/zokrates_stdlib/tests/tests/utils/pack/u32/nonStrictUnpack256.json +++ b/zokrates_stdlib/tests/tests/utils/pack/u32/nonStrictUnpack256.json @@ -8,7 +8,7 @@ }, "output": { "Ok": { - "values": ["1"] + "values": [] } } } diff --git a/zokrates_stdlib/tests/tests/utils/pack/u32/nonStrictUnpack256.zok b/zokrates_stdlib/tests/tests/utils/pack/u32/nonStrictUnpack256.zok index 3ccc32c4..04527ff4 100644 --- a/zokrates_stdlib/tests/tests/utils/pack/u32/nonStrictUnpack256.zok +++ b/zokrates_stdlib/tests/tests/utils/pack/u32/nonStrictUnpack256.zok @@ -1,41 +1,41 @@ import "utils/pack/u32/nonStrictUnpack256" as unpack256 -def testFive() -> (field): +def testFive() -> (bool): u32[8] b = unpack256(5) - b == [0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000005] + assert(b == [0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000005]) - return 1 + return true -def testZero() -> (field): +def testZero() -> (bool): u32[8] b = unpack256(0) - b == [0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000] + assert(b == [0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000]) - return 1 + return true -def testLarge() -> (field): +def testLarge() -> (bool): u32[8] b = unpack256(14474011154664524427946373126085988481658748083205070504932198000989141204991) - b == [0x1fffffff, 0xffffffff, 0xffffffff, 0xffffffff, 0xffffffff, 0xffffffff, 0xffffffff, 0xffffffff] + assert(b == [0x1fffffff, 0xffffffff, 0xffffffff, 0xffffffff, 0xffffffff, 0xffffffff, 0xffffffff, 0xffffffff]) - return 1 + return true -def testMax() -> (field): +def testMax() -> (bool): u32[8] b = unpack256(21888242871839275222246405745257275088548364400416034343698204186575808495616) - b == [0x30644e72, 0xe131a029, 0xb85045b6, 0x8181585d, 0x2833e848, 0x79b97091, 0x43e1f593, 0xf0000000] + assert(b == [0x30644e72, 0xe131a029, 0xb85045b6, 0x8181585d, 0x2833e848, 0x79b97091, 0x43e1f593, 0xf0000000]) - return 1 + return true - def main() -> (field): + def main() -> (): - 1 == testFive() - 1 == testMax() - 1 == testZero() - 1 == testLarge() - return 1 + assert(testFive()) + assert(testMax()) + assert(testZero()) + assert(testLarge()) + return diff --git a/zokrates_stdlib/tests/tests/utils/pack/u32/pack128.zok b/zokrates_stdlib/tests/tests/utils/pack/u32/pack128.zok index ecd0e7a8..bfca790a 100644 --- a/zokrates_stdlib/tests/tests/utils/pack/u32/pack128.zok +++ b/zokrates_stdlib/tests/tests/utils/pack/u32/pack128.zok @@ -1,36 +1,36 @@ import "utils/pack/u32/pack128" as pack128 -def testFive() -> (field): +def testFive() -> (bool): u32[4] b = [0x00000000, 0x00000000, 0x00000000, 0x00000005] field n = pack128(b) - 5 == n + assert(5 == n) - return 1 + return true -def testZero() -> (field): +def testZero() -> (bool): u32[4] b = [0x00000000, 0x00000000, 0x00000000, 0x00000000] field n = pack128(b) - 0 == n + assert(0 == n) - return 1 + return true -def testMax() -> (field): +def testMax() -> (bool): u32[4] b = [0xffffffff, 0xffffffff, 0xffffffff, 0xffffffff] field n = pack128(b) - 2**128 - 1 == n + assert(2**128 - 1 == n) - return 1 + return true - def main() -> (field): + def main() -> (): - 1 == testFive() - 1 == testMax() - 1 == testZero() + assert(testFive()) + assert(testMax()) + assert(testZero()) - return 1 + return diff --git a/zokrates_stdlib/tests/tests/utils/pack/u32/unpack128.json b/zokrates_stdlib/tests/tests/utils/pack/u32/unpack128.json index 75252d88..2d93be8e 100644 --- a/zokrates_stdlib/tests/tests/utils/pack/u32/unpack128.json +++ b/zokrates_stdlib/tests/tests/utils/pack/u32/unpack128.json @@ -8,7 +8,7 @@ }, "output": { "Ok": { - "values": ["1"] + "values": [] } } } diff --git a/zokrates_stdlib/tests/tests/utils/pack/u32/unpack128.zok b/zokrates_stdlib/tests/tests/utils/pack/u32/unpack128.zok index b264ded7..cec01e30 100644 --- a/zokrates_stdlib/tests/tests/utils/pack/u32/unpack128.zok +++ b/zokrates_stdlib/tests/tests/utils/pack/u32/unpack128.zok @@ -1,33 +1,33 @@ import "utils/pack/u32/unpack128" as unpack128 -def testFive() -> (field): +def testFive() -> (bool): u32[4] b = unpack128(5) - b == [0x00000000, 0x00000000, 0x00000000, 0x00000005] + assert(b == [0x00000000, 0x00000000, 0x00000000, 0x00000005]) - return 1 + return true -def testZero() -> (field): +def testZero() -> (bool): u32[4] b = unpack128(0) - b == [0x00000000, 0x00000000, 0x00000000, 0x00000000] + assert(b == [0x00000000, 0x00000000, 0x00000000, 0x00000000]) - return 1 + return true -def testMax() -> (field): +def testMax() -> (bool): u32[4] b = unpack128(2**128 - 1) - b == [0xffffffff, 0xffffffff, 0xffffffff, 0xffffffff] + assert(b == [0xffffffff, 0xffffffff, 0xffffffff, 0xffffffff]) - return 1 + return true - def main() -> (field): + def main() -> (): - 1 == testFive() - 1 == testMax() - 1 == testZero() + assert(testFive()) + assert(testMax()) + assert(testZero()) - return 1 + return