From f33ad7a6736c0ed7a6cb95727b33d8ce64454662 Mon Sep 17 00:00:00 2001 From: sdeml Date: Wed, 19 Dec 2018 16:07:52 +0100 Subject: [PATCH 01/30] add sharound --- sha256/IV_constants.code | 12 ++ sha256/double_round.code | 12 ++ sha256/full_round.code | 14 ++ sha256/run.sh | 5 + sha256/sha_round.code | 9 + sha256/single_packed.code | 17 ++ sha256/single_round.code | 15 ++ sha256/single_test.code | 45 +++++ zokrates_cli/Cargo.toml | 1 + zokrates_core/lib/wraplibsnarkgadgets.cpp | 195 +++++++++++++++++-- zokrates_core/lib/wraplibsnarkgadgets.hpp | 3 + zokrates_core/src/helpers/libsnark_gadget.rs | 19 +- zokrates_core/src/helpers/mod.rs | 1 + zokrates_core/src/imports.rs | 15 +- zokrates_core/src/libsnark.rs | 29 +++ zokrates_core/src/standard.rs | 11 ++ 16 files changed, 387 insertions(+), 16 deletions(-) create mode 100644 sha256/IV_constants.code create mode 100644 sha256/double_round.code create mode 100644 sha256/full_round.code create mode 100755 sha256/run.sh create mode 100644 sha256/sha_round.code create mode 100644 sha256/single_packed.code create mode 100644 sha256/single_round.code create mode 100644 sha256/single_test.code diff --git a/sha256/IV_constants.code b/sha256/IV_constants.code new file mode 100644 index 00000000..7cdeccd0 --- /dev/null +++ b/sha256/IV_constants.code @@ -0,0 +1,12 @@ +def main() -> (field[256]): + field[32] h0 = [0, 1, 1, 0, 1, 0, 1, 0, 0, 0, 0, 0, 1, 0, 0, 1, 1, 1, 1, 0, 0, 1, 1, 0, 0, 1, 1, 0, 0, 1, 1, 1] + field[32] h1 = [1, 0, 1, 1, 1, 0, 1, 1, 0, 1, 1, 0, 0, 1, 1, 1, 1, 0, 1, 0, 1, 1, 1, 0, 1, 0, 0, 0, 0, 1, 0, 1] + field[32] h2 = [0, 0, 1, 1, 1, 1, 0, 0, 0, 1, 1, 0, 1, 1, 1, 0, 1, 1, 1, 1, 0, 0, 1, 1, 0, 1, 1, 1, 0, 0, 1, 0] + field[32] h3 = [1, 0, 1, 0, 0, 1, 0, 1, 0, 1, 0, 0, 1, 1, 1, 1, 1, 1, 1, 1, 0, 1, 0, 1, 0, 0, 1, 1, 1, 0, 1, 0] + field[32] h4 = [0, 1, 0, 1, 0, 0, 0, 1, 0, 0, 0, 0, 1, 1, 1, 0, 0, 1, 0, 1, 0, 0, 1, 0, 0, 1, 1, 1, 1, 1, 1, 1] + field[32] h5 = [1, 0, 0, 1, 1, 0, 1, 1, 0, 0, 0, 0, 0, 1, 0, 1, 0, 1, 1, 0, 1, 0, 0, 0, 1, 0, 0, 0, 1, 1, 0, 0] + field[32] h6 = [0, 0, 0, 1, 1, 1, 1, 1, 1, 0, 0, 0, 0, 0, 1, 1, 1, 1, 0, 1, 1, 0, 0, 1, 1, 0, 1, 0, 1, 0, 1, 1] + field[32] h7 = [0, 1, 0, 1, 1, 0, 1, 1, 1, 1, 1, 0, 0, 0, 0, 0, 1, 1, 0, 0, 1, 1, 0, 1, 0, 0, 0, 1, 1, 0, 0, 1] + + field[256] IV = [h0[0], h0[1], h0[2], h0[3], h0[4], h0[5], h0[6], h0[7], h0[8], h0[9], h0[10], h0[11], h0[12], h0[13], h0[14], h0[15], h0[16], h0[17], h0[18], h0[19], h0[20], h0[21], h0[22], h0[23], h0[24], h0[25], h0[26], h0[27], h0[28], h0[29], h0[30], h0[31], h1[0], h1[1], h1[2], h1[3], h1[4], h1[5], h1[6], h1[7], h1[8], h1[9], h1[10], h1[11], h1[12], h1[13], h1[14], h1[15], h1[16], h1[17], h1[18], h1[19], h1[20], h1[21], h1[22], h1[23], h1[24], h1[25], h1[26], h1[27], h1[28], h1[29], h1[30], h1[31], h2[0], h2[1], h2[2], h2[3], h2[4], h2[5], h2[6], h2[7], h2[8], h2[9], h2[10], h2[11], h2[12], h2[13], h2[14], h2[15], h2[16], h2[17], h2[18], h2[19], h2[20], h2[21], h2[22], h2[23], h2[24], h2[25], h2[26], h2[27], h2[28], h2[29], h2[30], h2[31], h3[0], h3[1], h3[2], h3[3], h3[4], h3[5], h3[6], h3[7], h3[8], h3[9], h3[10], h3[11], h3[12], h3[13], h3[14], h3[15], h3[16], h3[17], h3[18], h3[19], h3[20], h3[21], h3[22], h3[23], h3[24], h3[25], h3[26], h3[27], h3[28], h3[29], h3[30], h3[31], h4[0], h4[1], h4[2], h4[3], h4[4], h4[5], h4[6], h4[7], h4[8], h4[9], h4[10], h4[11], h4[12], h4[13], h4[14], h4[15], h4[16], h4[17], h4[18], h4[19], h4[20], h4[21], h4[22], h4[23], h4[24], h4[25], h4[26], h4[27], h4[28], h4[29], h4[30], h4[31], h5[0], h5[1], h5[2], h5[3], h5[4], h5[5], h5[6], h5[7], h5[8], h5[9], h5[10], h5[11], h5[12], h5[13], h5[14], h5[15], h5[16], h5[17], h5[18], h5[19], h5[20], h5[21], h5[22], h5[23], h5[24], h5[25], h5[26], h5[27], h5[28], h5[29], h5[30], h5[31], h6[0], h6[1], h6[2], h6[3], h6[4], h6[5], h6[6], h6[7], h6[8], h6[9], h6[10], h6[11], h6[12], h6[13], h6[14], h6[15], h6[16], h6[17], h6[18], h6[19], h6[20], h6[21], h6[22], h6[23], h6[24], h6[25], h6[26], h6[27], h6[28], h6[29], h6[30], h6[31], h7[0], h7[1], h7[2], h7[3], h7[4], h7[5], h7[6], h7[7], h7[8], h7[9], h7[10], h7[11], h7[12], h7[13], h7[14], h7[15], h7[16], h7[17], h7[18], h7[19], h7[20], h7[21], h7[22], h7[23], h7[24], h7[25], h7[26], h7[27], h7[28], h7[29], h7[30], h7[31]] + return IV \ No newline at end of file diff --git a/sha256/double_round.code b/sha256/double_round.code new file mode 100644 index 00000000..753ae879 --- /dev/null +++ b/sha256/double_round.code @@ -0,0 +1,12 @@ +import "./IV_constants.code" as IVconstants +import "./sha_round.code" as sha256 + +def main(field[256] a, field[256] b, field[256] c, field[256] d) -> (field[256]): + + //TODO: add bool check + + IV = IVconstants() + digest1 = sha256(a, b, IV) + digest2 = sha256(c, d, digest1) + + return digest2 \ No newline at end of file diff --git a/sha256/full_round.code b/sha256/full_round.code new file mode 100644 index 00000000..49d511dd --- /dev/null +++ b/sha256/full_round.code @@ -0,0 +1,14 @@ +import "./double_round.code" as sha256 + +def main(field[256] a, field[256] b) -> (field[256]): + + // Hash is computed on the full 512bit block size + // padding does not fit in the primary block + // add dummy block (single "1" followed by "0" + total length) + field[256] dummyblock1 = [1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0] + // total length of message is 512 bits: 0b1000000000 + field[256] dummyblock2 = [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0] + + digest = sha256(a, b, dummyblock1, dummyblock2) + + return digest \ No newline at end of file diff --git a/sha256/run.sh b/sha256/run.sh new file mode 100755 index 00000000..aa21c58d --- /dev/null +++ b/sha256/run.sh @@ -0,0 +1,5 @@ +# (cd ..; ./mybuild.sh) +rsync -avzP --delete --exclude=target --exclude=Cargo.toml ~/ZoKrates_mac/ ~/ZoKrates +ln -s ../target/debug/zokrates . +./zokrates compile -i single_test.code 2>&1 | tee debugcomp +./zokrates compute-witness 2>&1 | tee debugwit \ No newline at end of file diff --git a/sha256/sha_round.code b/sha256/sha_round.code new file mode 100644 index 00000000..6759f860 --- /dev/null +++ b/sha256/sha_round.code @@ -0,0 +1,9 @@ +import "LIBSNARK/sha256round" as sha256 + +def main(field[256] a, field[256] b, field[256] IV) -> (field[256]): + + o255, o254, o253, o252, o251, o250, o249, o248, o247, o246, o245, o244, o243, o242, o241, o240, o239, o238, o237, o236, o235, o234, o233, o232, o231, o230, o229, o228, o227, o226, o225, o224, o223, o222, o221, o220, o219, o218, o217, o216, o215, o214, o213, o212, o211, o210, o209, o208, o207, o206, o205, o204, o203, o202, o201, o200, o199, o198, o197, o196, o195, o194, o193, o192, o191, o190, o189, o188, o187, o186, o185, o184, o183, o182, o181, o180, o179, o178, o177, o176, o175, o174, o173, o172, o171, o170, o169, o168, o167, o166, o165, o164, o163, o162, o161, o160, o159, o158, o157, o156, o155, o154, o153, o152, o151, o150, o149, o148, o147, o146, o145, o144, o143, o142, o141, o140, o139, o138, o137, o136, o135, o134, o133, o132, o131, o130, o129, o128, o127, o126, o125, o124, o123, o122, o121, o120, o119, o118, o117, o116, o115, o114, o113, o112, o111, o110, o109, o108, o107, o106,o105, o104, o103, o102, o101, o100, o99, o98, o97, o96, o95, o94, o93, o92, o91, o90, o89, o88, o87, o86, o85, o84, o83, o82, o81, o80, o79, o78, o77, o76, o75, o74, o73, o72, o71, o70, o69, o68, o67, o66, o65, o64, o63, o62, o61, o60, o59, o58, o57, o56, o55, o54, o53, o52, o51, o50, o49, o48, o47, o46, o45, o44, o43, o42, o41, o40, o39, o38, o37, o36, o35, o34, o33, o32, o31, o30, o29, o28, o27, o26, o25, o24, o23, o22, o21, o20, o19, o18, o17, o16, o15, o14, o13, o12, o11, o10, o9, o8, o7, o6, o5, o4, o3, o2, o1, o0 = sha256(a[0], a[1], a[2], a[3], a[4], a[5], a[6], a[7], a[8], a[9], a[10], a[11], a[12], a[13], a[14], a[15], a[16], a[17], a[18], a[19], a[20], a[21], a[22], a[23], a[24], a[25], a[26], a[27], a[28], a[29], a[30], a[31], a[32], a[33], a[34], a[35], a[36], a[37], a[38], a[39], a[40], a[41], a[42], a[43], a[44], a[45], a[46], a[47], a[48], a[49], a[50], a[51], a[52], a[53], a[54], a[55], a[56], a[57], a[58], a[59], a[60], a[61], a[62], a[63], a[64], a[65], a[66], a[67], a[68], a[69], a[70], a[71], a[72], a[73], a[74], a[75], a[76], a[77], a[78], a[79], a[80], a[81], a[82], a[83], a[84], a[85], a[86], a[87], a[88], a[89], a[90], a[91], a[92], a[93], a[94], a[95], a[96], a[97], a[98], a[99], a[100], a[101], a[102], a[103], a[104], a[105], a[106], a[107], a[108], a[109], a[110], a[111], a[112], a[113], a[114], a[115], a[116], a[117], a[118], a[119], a[120], a[121], a[122], a[123], a[124], a[125], a[126], a[127], a[128], a[129], a[130], a[131], a[132], a[133], a[134], a[135], a[136], a[137], a[138], a[139], a[140], a[141], a[142], a[143], a[144], a[145], a[146], a[147], a[148], a[149], a[150], a[151], a[152], a[153], a[154], a[155], a[156], a[157], a[158], a[159], a[160], a[161], a[162], a[163], a[164], a[165], a[166], a[167], a[168], a[169], a[170], a[171], a[172], a[173], a[174], a[175], a[176], a[177], a[178], a[179], a[180], a[181], a[182], a[183], a[184], a[185], a[186], a[187], a[188], a[189], a[190], a[191], a[192], a[193], a[194], a[195], a[196], a[197], a[198], a[199], a[200], a[201], a[202], a[203], a[204], a[205], a[206], a[207], a[208], a[209], a[210], a[211], a[212], a[213], a[214], a[215], a[216], a[217], a[218], a[219], a[220], a[221], a[222], a[223], a[224], a[225], a[226], a[227], a[228], a[229], a[230], a[231], a[232], a[233], a[234], a[235], a[236], a[237], a[238], a[239], a[240], a[241], a[242], a[243], a[244], a[245], a[246], a[247], a[248], a[249], a[250], a[251], a[252], a[253], a[254], a[255], b[0], b[1], b[2], b[3], b[4], b[5], b[6], b[7], b[8], b[9], b[10], b[11], b[12], b[13], b[14], b[15], b[16], b[17], b[18], b[19], b[20], b[21], b[22], b[23], b[24], b[25], b[26], b[27], b[28], b[29], b[30], b[31], b[32], b[33], b[34], b[35], b[36], b[37], b[38], b[39], b[40], b[41], b[42], b[43], b[44], b[45], b[46], b[47], b[48], b[49], b[50], b[51], b[52], b[53], b[54], b[55], b[56], b[57], b[58], b[59], b[60], b[61], b[62], b[63], b[64], b[65], b[66], b[67], b[68], b[69], b[70], b[71], b[72], b[73], b[74], b[75], b[76], b[77], b[78], b[79], b[80], b[81], b[82], b[83], b[84], b[85], b[86], b[87], b[88], b[89], b[90], b[91], b[92], b[93], b[94], b[95], b[96], b[97], b[98], b[99], b[100], b[101], b[102], b[103], b[104], b[105], b[106], b[107], b[108], b[109], b[110], b[111], b[112], b[113], b[114], b[115], b[116], b[117], b[118], b[119], b[120], b[121], b[122], b[123], b[124], b[125], b[126], b[127], b[128], b[129], b[130], b[131], b[132], b[133], b[134], b[135], b[136], b[137], b[138], b[139], b[140], b[141], b[142], b[143], b[144], b[145], b[146], b[147], b[148], b[149], b[150], b[151], b[152], b[153], b[154], b[155], b[156], b[157], b[158], b[159], b[160], b[161], b[162], b[163], b[164], b[165], b[166], b[167], b[168], b[169], b[170], b[171], b[172], b[173], b[174], b[175], b[176], b[177], b[178], b[179], b[180], b[181], b[182], b[183], b[184], b[185], b[186], b[187], b[188], b[189], b[190], b[191], b[192], b[193], b[194], b[195], b[196], b[197], b[198], b[199], b[200], b[201], b[202], b[203], b[204], b[205], b[206], b[207], b[208], b[209], b[210], b[211], b[212], b[213], b[214], b[215], b[216], b[217], b[218], b[219], b[220], b[221], b[222], b[223], b[224], b[225], b[226], b[227], b[228], b[229], b[230], b[231], b[232], b[233], b[234], b[235], b[236], b[237], b[238], b[239], b[240], b[241], b[242], b[243], b[244], b[245], b[246], b[247], b[248], b[249], b[250], b[251], b[252], b[253], b[254], b[255], IV[0], IV[1], IV[2], IV[3], IV[4], IV[5], IV[6], IV[7], IV[8], IV[9], IV[10], IV[11], IV[12], IV[13], IV[14], IV[15], IV[16], IV[17], IV[18], IV[19], IV[20], IV[21], IV[22], IV[23], IV[24], IV[25], IV[26], IV[27], IV[28], IV[29], IV[30], IV[31], IV[32], IV[33], IV[34], IV[35], IV[36], IV[37], IV[38], IV[39], IV[40], IV[41], IV[42], IV[43], IV[44], IV[45], IV[46], IV[47], IV[48], IV[49], IV[50], IV[51], IV[52], IV[53], IV[54], IV[55], IV[56], IV[57], IV[58], IV[59], IV[60], IV[61], IV[62], IV[63], IV[64], IV[65], IV[66], IV[67], IV[68], IV[69], IV[70], IV[71], IV[72], IV[73], IV[74], IV[75], IV[76], IV[77], IV[78], IV[79], IV[80], IV[81], IV[82], IV[83], IV[84], IV[85], IV[86], IV[87], IV[88], IV[89], IV[90], IV[91], IV[92], IV[93], IV[94], IV[95], IV[96], IV[97], IV[98], IV[99], IV[100], IV[101], IV[102], IV[103], IV[104], IV[105], IV[106], IV[107], IV[108], IV[109], IV[110], IV[111], IV[112], IV[113], IV[114], IV[115], IV[116], IV[117], IV[118], IV[119], IV[120], IV[121], IV[122], IV[123], IV[124], IV[125], IV[126], IV[127], IV[128], IV[129], IV[130], IV[131], IV[132], IV[133], IV[134], IV[135], IV[136], IV[137], IV[138], IV[139], IV[140], IV[141], IV[142], IV[143], IV[144], IV[145], IV[146], IV[147], IV[148], IV[149], IV[150], IV[151], IV[152], IV[153], IV[154], IV[155], IV[156], IV[157], IV[158], IV[159], IV[160], IV[161], IV[162], IV[163], IV[164], IV[165], IV[166], IV[167], IV[168], IV[169], IV[170], IV[171], IV[172], IV[173], IV[174], IV[175], IV[176], IV[177], IV[178], IV[179], IV[180], IV[181], IV[182], IV[183], IV[184], IV[185], IV[186], IV[187], IV[188], IV[189], IV[190], IV[191], IV[192], IV[193], IV[194], IV[195], IV[196], IV[197], IV[198], IV[199], IV[200], IV[201], IV[202], IV[203], IV[204], IV[205], IV[206], IV[207], IV[208], IV[209], IV[210], IV[211], IV[212], IV[213], IV[214], IV[215], IV[216], IV[217], IV[218], IV[219], IV[220], IV[221], IV[222], IV[223], IV[224], IV[225], IV[226], IV[227], IV[228], IV[229], IV[230], IV[231], IV[232], IV[233], IV[234], IV[235], IV[236], IV[237], IV[238], IV[239], IV[240], IV[241], IV[242], IV[243], IV[244], IV[245], IV[246], IV[247], IV[248], IV[249], IV[250], IV[251], IV[252], IV[253], IV[254], IV[255]) + + field[256] digest = [o255, o254, o253, o252, o251, o250, o249, o248, o247, o246, o245, o244, o243, o242, o241, o240, o239, o238, o237, o236, o235, o234, o233, o232, o231, o230, o229, o228, o227, o226, o225, o224, o223, o222, o221, o220, o219, o218, o217, o216, o215, o214, o213, o212, o211, o210, o209, o208, o207, o206, o205, o204, o203, o202, o201, o200, o199, o198, o197, o196, o195, o194, o193,o192, o191, o190, o189, o188, o187, o186, o185, o184, o183, o182, o181, o180, o179, o178, o177, o176, o175, o174, o173, o172, o171, o170, o169, o168, o167, o166, o165, o164, o163, o162, o161, o160, o159, o158, o157, o156, o155, o154, o153, o152, o151, o150, o149, o148, o147, o146, o145, o144, o143, o142, o141, o140, o139, o138, o137, o136, o135, o134, o133, o132, o131, o130, o129, o128, o127, o126, o125, o124, o123, o122, o121, o120, o119, o118, o117, o116, o115, o114, o113, o112, o111, o110, o109, o108, o107, o106, o105, o104, o103, o102, o101, o100, o99, o98, o97, o96, o95, o94, o93, o92, o91, o90, o89, o88, o87, o86, o85, o84, o83, o82, o81, o80, o79, o78, o77, o76, o75, o74, o73, o72, o71, o70, o69, o68, o67, o66, o65, o64, o63, o62, o61, o60, o59, o58, o57, o56, o55, o54, o53, o52, o51, o50, o49, o48, o47, o46, o45, o44, o43, o42, o41, o40, o39, o38, o37, o36, o35, o34, o33, o32, o31, o30, o29, o28, o27, o26, o25, o24, o23, o22, o21, o20, o19, o18, o17, o16, o15, o14, o13, o12, o11, o10, o9, o8, o7, o6, o5, o4, o3, o2, o1, o0] + + return digest \ No newline at end of file diff --git a/sha256/single_packed.code b/sha256/single_packed.code new file mode 100644 index 00000000..e85c3444 --- /dev/null +++ b/sha256/single_packed.code @@ -0,0 +1,17 @@ + +import "./IV_constants.code" as IVConstant +import "./sha_round.code" as sha256 +import "PACKING/pack256" as pack256 +import "PACKING/unpack256" as unpack256 + +def main(field a, field b) -> (field): + + //TODO: add bool check + + IV = IVConstant() + field[256] a = unpack256(a) + field[256] b = unpack256(b) + digest = sha256(a, b, IV) + field c = pack256(digest) + + return c \ No newline at end of file diff --git a/sha256/single_round.code b/sha256/single_round.code new file mode 100644 index 00000000..2900e597 --- /dev/null +++ b/sha256/single_round.code @@ -0,0 +1,15 @@ +import "./IV_constants.code" as IVconstants +import "./sha_round.code" as sha256 + +def main(field[256] a, field[256] b) -> (field[256]): + +// for index in 0..256 do +// 1 == BOOLCHECK(a[index]) +// 1 == BOOLCHECK(b[index]) +// endfor +// + + IV = IVconstants() + digest = sha256(a, b, IV) + + return digest \ No newline at end of file diff --git a/sha256/single_test.code b/sha256/single_test.code new file mode 100644 index 00000000..be4e1def --- /dev/null +++ b/sha256/single_test.code @@ -0,0 +1,45 @@ +import "./IV_constants.code" as IVConstant +//import "LIBSNARK/sha256round" as sha256 +//import "LIBSNARK/sha256compression" as sha256 +//import "LIBSNARK/sha256" as sha256 +//import "./single_round.code" as sha256 +//import "./sha_round.code" as sha256 +import "./full_round.code" as sha256 + +//def main(field[256] a, field[256] b) -> (field): +//def main() -> (field): +// for index in 0..256 do +// 1 == BOOLCHECK(a[index]) +// 1 == BOOLCHECK(b[index]) +// endfor + + // h0, h1, h2, h3, h4, h5, h6, h7 = sha256round(a, b, h0, h1, h2, h3, h4, h5, h6, h7) + +//o255, o254, o253, o252, o251, o250, o249, o248, o247, o246, o245, o244, o243, o242, o241, o240, o239, o238, o237, o236, o235, o234, o233, o232, o231, o230, o229, o228, o227, o226, o225, o224, o223, o222, o221, o220, o219, o218, o217, o216, o215, o214, o213, o212, o211, o210, o209, o208, o207, o206, o205, o204, o203, o202, o201, o200, o199, o198, o197, o196, o195, o194, o193, o192, o191, o190, o189, o188, o187, o186, o185, o184, o183, o182, o181, o180, o179, o178, o177, o176, o175, o174, o173, o172, o171, o170, o169, o168, o167, o166, o165, o164, o163, o162, o161, o160, o159, o158, o157, o156, o155, o154, o153, o152, o151, o150, o149, o148, o147, o146, o145, o144, o143, o142, o141, o140, o139, o138, o137, o136, o135, o134, o133, o132, o131, o130, o129, o128, o127, o126, o125, o124, o123, o122, o121, o120, o119, o118, o117, o116, o115, o114, o113, o112, o111, o110, o109, o108, o107, o106,o105, o104, o103, o102, o101, o100, o99, o98, o97, o96, o95, o94, o93, o92, o91, o90, o89, o88, o87, o86, o85, o84, o83, o82, o81, o80, o79, o78, o77, o76, o75, o74, o73, o72, o71, o70, o69, o68, o67, o66, o65, o64, o63, o62, o61, o60, o59, o58, o57, o56, o55, o54, o53, o52, o51, o50, o49, o48, o47, o46, o45, o44, o43, o42, o41, o40, o39, o38, o37, o36, o35, o34, o33, o32, o31, o30, o29, o28, o27, o26, o25, o24, o23, o22, o21, o20, o19, o18, o17, o16, o15, o14, o13, o12, o11, o10, o9, o8, o7, o6, o5, o4, o3, o2, o1, o0 = sha256round(0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,1,0,0,0,0,0,0,0,1,1,0,0,0,0,0,1,0,0,0,0,0,0,0,1,0,1,0,0,0,0,0,1,1,0,0,0,0,0,0,1,1,1,0,0,0,0,1,0,0,0,0,0,0,0,1,0,0,1,0,0,0,0,1,0,1,0,0,0,0,0,1,0,1,1,0,0,0,0,1,1,0,0,0,0,0,0,1,1,0,1,0,0,0,0,1,1,1,0,0,0,0,0,1,1,1,1,0,0,0,1,0,0,0,0,0,0,0,1,0,0,0,1,0,0,0,1,0,0,1,0,0,0,0,1,0,0,1,1,0,0,0,1,0,1,0,0,0,0,0,1,0,1,0,1,0,0,0,1,0,1,1,0,0,0,0,1,0,1,1,1,0,0,0,1,1,0,0,0,0,0,0,1,1,0,0,1,0,0,0,1,1,0,1,0,0,0,0,1,1,0,1,1,0,0,0,1,1,1,0,0,0,0,0,1,1,1,0,1,0,0,0,1,1,1,1,0,0,0,0,1,1,1,1,1,0,0,1,0,0,0,0,0,0,0,1,0,0,0,0,1,0,0,1,0,0,0,1,0,0,0,1,0,0,0,1,1,0,0,1,0,0,1,0,0,0,0,1,0,0,1,0,1,0,0,1,0,0,1,1,0,0,0,1,0,0,1,1,1,0,0,1,0,1,0,0,0,0,0,1,0,1,0,0,1,0,0,1,0,1,0,1,0,0,0,1,0,1,0,1,1,0,0,1,0,1,1,0,0,0,0,1,0,1,1,0,1,0,0,1,0,1,1,1,0,0,0,1,0,1,1,1,1,0,0,1,1,0,0,0,0,0,0,1,1,0,0,0,1,0,0,1,1,0,0,1,0,0,0,1,1,0,0,1,1,0,0,1,1,0,1,0,0,0,0,1,1,0,1,0,1,0,0,1,1,0,1,1,0,0,0,1,1,0,1,1,1,0,0,1,1,1,0,0,0,0,0,1,1,1,0,0,1,0,0,1,1,1,0,1,0,0,0,1,1,1,0,1,1,0,0,1,1,1,1,0,0,0,0,1,1,1,1,0,1,0,0,1,1,1,1,1,0,0,0,1,1,1,1,1,0) +//h0[0], h0[1], h0[2], h0[3], h0[4], h0[5], h0[6], h0[7], h0[8], h0[9], h0[10], h0[11], h0[12], h0[13], h0[14], h0[15], h0[16], h0[17], h0[18], h0[19], h0[20], h0[21], h0[22], h0[23], h0[24], h0[25], h0[26], h0[27], h0[28], h0[29], h0[30], h0[31], h1[0], h1[1], h1[2], h1[3], h1[4], h1[5], h1[6], h1[7], h1[8], h1[9], h1[10], h1[11], h1[12], h1[13], h1[14], h1[15], h1[16], h1[17], h1[18], h1[19], h1[20], h1[21], h1[22], h1[23], h1[24], h1[25], h1[26], h1[27], h1[28], h1[29], h1[30], h1[31], h2[0], h2[1], h2[2], h2[3], h2[4], h2[5], h2[6], h2[7], h2[8], h2[9], h2[10], h2[11], h2[12], h2[13], h2[14], h2[15], h2[16], h2[17], h2[18], h2[19], h2[20], h2[21], h2[22], h2[23], h2[24], h2[25], h2[26], h2[27], h2[28], h2[29], h2[30], h2[31], h3[0], h3[1], h3[2], h3[3], h3[4], h3[5], h3[6], h3[7], h3[8], h3[9], h3[10], h3[11], h3[12], h3[13], h3[14], h3[15], h3[16], h3[17], h3[18], h3[19], h3[20], h3[21], h3[22], h3[23], h3[24], h3[25], h3[26], h3[27], h3[28], h3[29], h3[30], h3[31], h4[0], h4[1], h4[2], h4[3], h4[4], h4[5], h4[6], h4[7], h4[8], h4[9], h4[10], h4[11], h4[12], h4[13], h4[14], h4[15], h4[16], h4[17], h4[18], h4[19], h4[20], h4[21], h4[22], h4[23], h4[24], h4[25], h4[26], h4[27], h4[28], h4[29], h4[30], h4[31], h5[0], h5[1], h5[2], h5[3], h5[4], h5[5], h5[6], h5[7], h5[8], h5[9], h5[10], h5[11], h5[12], h5[13], h5[14], h5[15], h5[16], h5[17], h5[18], h5[19], h5[20], h5[21], h5[22], h5[23], h5[24], h5[25], h5[26], h5[27], h5[28], h5[29], h5[30], h5[31], h6[0], h6[1], h6[2], h6[3], h6[4], h6[5], h6[6], h6[7], h6[8], h6[9], h6[10], h6[11], h6[12], h6[13], h6[14], h6[15], h6[16], h6[17], h6[18], h6[19], h6[20], h6[21], h6[22], h6[23], h6[24], h6[25], h6[26], h6[27], h6[28], h6[29], h6[30], h6[31], h7[0], h7[1], h7[2], h7[3], h7[4], h7[5], h7[6], h7[7], h7[8], h7[9], h7[10], h7[11], h7[12], h7[13], h7[14], h7[15], h7[16], h7[17], h7[18], h7[19], h7[20], h7[21], h7[22], h7[23], h7[24], h7[25], h7[26], h7[27], h7[28], h7[29], h7[30], h7[31]) +// field[256] hash = [o255, o254, o253, o252, o251, o250, o249, o248, o247, o246, o245, o244, o243, o242, o241, o240, o239, o238, o237, o236, o235, o234, o233, o232, o231, o230, o229, o228, o227, o226, o225, o224, o223, o222, o221, o220, o219, o218, o217, o216, o215, o214, o213, o212, o211, o210, o209, o208, o207, o206, o205, o204, o203, o202, o201, o200, o199, o198, o197, o196, o195, o194, o193,o192, o191, o190, o189, o188, o187, o186, o185, o184, o183, o182, o181, o180, o179, o178, o177, o176, o175, o174, o173, o172, o171, o170, o169, o168, o167, o166, o165, o164, o163, o162, o161, o160, o159, o158, o157, o156, o155, o154, o153, o152, o151, o150, o149, o148, o147, o146, o145, o144, o143, o142, o141, o140, o139, o138, o137, o136, o135, o134, o133, o132, o131, o130, o129, o128, o127, o126, o125, o124, o123, o122, o121, o120, o119, o118, o117, o116, o115, o114, o113, o112, o111, o110, o109, o108, o107, o106, o105, o104, o103, o102, o101, o100, o99, o98, o97, o96, o95, o94, o93, o92, o91, o90, o89, o88, o87, o86, o85, o84, o83, o82, o81, o80, o79, o78, o77, o76, o75, o74, o73, o72, o71, o70, o69, o68, o67, o66, o65, o64, o63, o62, o61, o60, o59, o58, o57, o56, o55, o54, o53, o52, o51, o50, o49, o48, o47, o46, o45, o44, o43, o42, o41, o40, o39, o38, o37, o36, o35, o34, o33, o32, o31, o30, o29, o28, o27, o26, o25, o24, o23, o22, o21, o20, o19, o18, o17, o16, o15, o14, o13, o12, o11, o10, o9, o8, o7, o6, o5, o4, o3, o2, o1, o0] + +// ORIGINAL EXAMPLE +//def main() -> (field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field): +// // h0, h1, h2, h3, h4, h5, h6, h7 = IVConstant() +// o255, o254, o253, o252, o251, o250, o249, o248, o247, o246, o245, o244, o243, o242, o241, o240, o239, o238, o237, o236, o235, o234, o233, o232, o231, o230, o229, o228, o227, o226, o225, o224, o223, o222, o221, o220, o219, o218, o217, o216, o215, o214, o213, o212, o211, o210, o209, o208, o207, o206, o205, o204, o203, o202, o201, o200, o199, o198, o197, o196, o195, o194, o193, o192, o191, o190, o189, o188, o187, o186, o185, o184, o183, o182, o181, o180, o179, o178, o177, o176, o175, o174, o173, o172, o171, o170, o169, o168, o167, o166, o165, o164, o163, o162, o161, o160, o159, o158, o157, o156, o155, o154, o153, o152, o151, o150, o149, o148, o147, o146, o145, o144, o143, o142, o141, o140, o139, o138, o137, o136, o135, o134, o133, o132, o131, o130, o129, o128, o127, o126, o125, o124, o123, o122, o121, o120, o119, o118, o117, o116, o115, o114, o113, o112, o111, o110, o109, o108, o107, o106, o105, o104, o103, o102, o101, o100, o99, o98, o97, o96, o95, o94, o93, o92, o91, o90, o89, o88, o87, o86, o85, o84, o83, o82, o81, o80, o79, o78, o77, o76, o75, o74, o73, o72, o71, o70, o69, o68, o67, o66, o65, o64, o63, o62, o61, o60, o59, o58, o57, o56, o55, o54, o53, o52, o51, o50, o49, o48, o47, o46, o45, o44, o43, o42, o41, o40, o39, o38, o37, o36, o35, o34, o33, o32, o31, o30, o29, o28, o27, o26, o25, o24, o23, o22, o21, o20, o19, o18, o17, o16, o15, o14, o13, o12, o11, o10, o9, o8, o7, o6, o5, o4, o3, o2, o1, o0 = sha256(0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0) +// return o255, o254, o253, o252, o251, o250, o249, o248, o247, o246, o245, o244, o243, o242, o241, o240, o239, o238, o237, o236, o235, o234, o233, o232, o231, o230, o229, o228, o227, o226, o225, o224, o223, o222, o221, o220, o219, o218, o217, o216, o215, o214, o213, o212, o211, o210, o209, o208, o207, o206, o205, o204, o203, o202, o201, o200, o199, o198, o197, o196, o195, o194, o193, o192, o191, o190, o189, o188, o187, o186, o185, o184, o183, o182, o181, o180, o179, o178, o177, o176, o175, o174, o173, o172, o171, o170, o169, o168, o167, o166, o165, o164, o163, o162, o161, o160, o159, o158, o157, o156, o155, o154, o153, o152, o151, o150, o149, o148, o147, o146, o145, o144, o143, o142, o141, o140, o139, o138, o137, o136, o135, o134, o133, o132, o131, o130, o129, o128, o127, o126, o125, o124, o123, o122, o121, o120, o119, o118, o117, o116, o115, o114, o113, o112, o111, o110, o109, o108, o107, o106, o105, o104, o103, o102, o101, o100, o99, o98, o97, o96, o95, o94, o93, o92, o91, o90, o89, o88, o87, o86, o85, o84, o83, o82, o81, o80, o79, o78, o77, o76, o75, o74, o73, o72, o71, o70, o69, o68, o67, o66, o65, o64, o63, o62, o61, o60, o59, o58, o57, o56, o55, o54, o53, o52, o51, o50, o49, o48, o47, o46, o45, o44, o43, o42, o41, o40, o39, o38, o37, o36, o35, o34, o33, o32, o31, o30, o29, o28, o27, o26, o25, o24, o23, o22, o21, o20, o19, o18, o17, o16, o15, o14, o13, o12, o11, o10, o9, o8, o7, o6, o5, o4, o3, o2, o1, o0 + +//FULL IV appended +//def main() -> (field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field): +// // h0, h1, h2, h3, h4, h5, h6, h7 = IVConstant() +// o255, o254, o253, o252, o251, o250, o249, o248, o247, o246, o245, o244, o243, o242, o241, o240, o239, o238, o237, o236, o235, o234, o233, o232, o231, o230, o229, o228, o227, o226, o225, o224, o223, o222, o221, o220, o219, o218, o217, o216, o215, o214, o213, o212, o211, o210, o209, o208, o207, o206, o205, o204, o203, o202, o201, o200, o199, o198, o197, o196, o195, o194, o193, o192, o191, o190, o189, o188, o187, o186, o185, o184, o183, o182, o181, o180, o179, o178, o177, o176, o175, o174, o173, o172, o171, o170, o169, o168, o167, o166, o165, o164, o163, o162, o161, o160, o159, o158, o157, o156, o155, o154, o153, o152, o151, o150, o149, o148, o147, o146, o145, o144, o143, o142, o141, o140, o139, o138, o137, o136, o135, o134, o133, o132, o131, o130, o129, o128, o127, o126, o125, o124, o123, o122, o121, o120, o119, o118, o117, o116, o115, o114, o113, o112, o111, o110, o109, o108, o107, o106, o105, o104, o103, o102, o101, o100, o99, o98, o97, o96, o95, o94, o93, o92, o91, o90, o89, o88, o87, o86, o85, o84, o83, o82, o81, o80, o79, o78, o77, o76, o75, o74, o73, o72, o71, o70, o69, o68, o67, o66, o65, o64, o63, o62, o61, o60, o59, o58, o57, o56, o55, o54, o53, o52, o51, o50, o49, o48, o47, o46, o45, o44, o43, o42, o41, o40, o39, o38, o37, o36, o35, o34, o33, o32, o31, o30, o29, o28, o27, o26, o25, o24, o23, o22, o21, o20, o19, o18, o17, o16, o15, o14, o13, o12, o11, o10, o9, o8, o7, o6, o5, o4, o3, o2, o1, o0 = sha256(0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,1,0,1,1,0,1,0,1,0,0,0,0,0,1,0,0,1,1,1,1,0,0,1,1,0,0,1,1,0,0,1,1,1,1,0,1,1,1,0,1,1,0,1,1,0,0,1,1,1,1,0,1,0,1,1,1,0,1,0,0,0,0,1,0,1,0,0,1,1,1,1,0,0,0,1,1,0,1,1,1,0,1,1,1,1,0,0,1,1,0,1,1,1,0,0,1,0,1,0,1,0,0,1,0,1,0,1,0,0,1,1,1,1,1,1,1,1,0,1,0,1,0,0,1,1,1,0,1,0,0,1,0,1,0,0,0,1,0,0,0,0,1,1,1,0,0,1,0,1,0,0,1,0,0,1,1,1,1,1,1,1,1,0,0,1,1,0,1,1,0,0,0,0,0,1,0,1,0,1,1,0,1,0,0,0,1,0,0,0,1,1,0,0,0,0,0,1,1,1,1,1,1,0,0,0,0,0,1,1,1,1,0,1,1,0,0,1,1,0,1,0,1,0,1,1,0,1,0,1,1,0,1,1,1,1,1,0,0,0,0,0,1,1,0,0,1,1,0,1,0,0,0,1,1,0,0,1) +// return o255, o254, o253, o252, o251, o250, o249, o248, o247, o246, o245, o244, o243, o242, o241, o240, o239, o238, o237, o236, o235, o234, o233, o232, o231, o230, o229, o228, o227, o226, o225, o224, o223, o222, o221, o220, o219, o218, o217, o216, o215, o214, o213, o212, o211, o210, o209, o208, o207, o206, o205, o204, o203, o202, o201, o200, o199, o198, o197, o196, o195, o194, o193, o192, o191, o190, o189, o188, o187, o186, o185, o184, o183, o182, o181, o180, o179, o178, o177, o176, o175, o174, o173, o172, o171, o170, o169, o168, o167, o166, o165, o164, o163, o162, o161, o160, o159, o158, o157, o156, o155, o154, o153, o152, o151, o150, o149, o148, o147, o146, o145, o144, o143, o142, o141, o140, o139, o138, o137, o136, o135, o134, o133, o132, o131, o130, o129, o128, o127, o126, o125, o124, o123, o122, o121, o120, o119, o118, o117, o116, o115, o114, o113, o112, o111, o110, o109, o108, o107, o106, o105, o104, o103, o102, o101, o100, o99, o98, o97, o96, o95, o94, o93, o92, o91, o90, o89, o88, o87, o86, o85, o84, o83, o82, o81, o80, o79, o78, o77, o76, o75, o74, o73, o72, o71, o70, o69, o68, o67, o66, o65, o64, o63, o62, o61, o60, o59, o58, o57, o56, o55, o54, o53, o52, o51, o50, o49, o48, o47, o46, o45, o44, o43, o42, o41, o40, o39, o38, o37, o36, o35, o34, o33, o32, o31, o30, o29, o28, o27, o26, o25, o24, o23, o22, o21, o20, o19, o18, o17, o16, o15, o14, o13, o12, o11, o10, o9, o8, o7, o6, o5, o4, o3, o2, o1, o0 + + // return 1 + +def main() -> (field[256]): + + field[256] a = [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0] + field[256] b = [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 1] + //field[256] IV = [0, 1, 1, 0, 1, 0, 1, 0, 0, 0, 0, 0, 1, 0, 0, 1, 1, 1, 1, 0, 0, 1, 1, 0, 0, 1, 1, 0, 0, 1, 1, 1, 1, 0, 1, 1, 1, 0, 1, 1, 0, 1, 1, 0, 0, 1, 1, 1, 1, 0, 1, 0, 1, 1, 1, 0, 1, 0, 0, 0, 0, 1, 0, 1, 0, 0, 1, 1, 1, 1, 0, 0, 0, 1, 1, 0, 1, 1, 1, 0, 1, 1, 1, 1, 0, 0, 1, 1, 0, 1, 1, 1, 0, 0, 1, 0, 1, 0, 1, 0, 0, 1, 0, 1, 0, 1, 0, 0, 1, 1, 1, 1, 1, 1, 1, 1, 0, 1, 0, 1, 0, 0, 1, 1, 1, 0, 1, 0, 0, 1, 0, 1, 0, 0, 0, 1, 0, 0, 0, 0, 1, 1, 1, 0, 0, 1, 0, 1, 0, 0, 1, 0, 0, 1, 1, 1, 1, 1, 1, 1, 1, 0, 0, 1, 1, 0, 1, 1, 0, 0, 0, 0, 0, 1, 0, 1, 0, 1, 1, 0, 1, 0, 0, 0, 1, 0, 0, 0, 1, 1, 0, 0, 0, 0, 0, 1, 1, 1, 1, 1, 1, 0, 0, 0, 0, 0, 1, 1, 1, 1, 0, 1, 1, 0, 0, 1, 1, 0, 1, 0, 1, 0, 1, 1, 0, 1, 0, 1, 1, 0, 1, 1, 1, 1, 1, 0, 0, 0, 0, 0, 1, 1, 0, 0, 1, 1, 0, 1, 0, 0, 0, 1, 1, 0, 0, 1] + + //digest = sha256(a, b, IV) + digest = sha256(a, b) + + return digest diff --git a/zokrates_cli/Cargo.toml b/zokrates_cli/Cargo.toml index e996099e..62483fde 100644 --- a/zokrates_cli/Cargo.toml +++ b/zokrates_cli/Cargo.toml @@ -5,6 +5,7 @@ authors = ["Jacob Eberhardt ", "Dennis Kuhnert & ZERO, pb_variable_array& a, pb_variable_array& b, - std::shared_ptr> result + digest_variable result ) : gadget(pb, "ethereum_sha256") { intermediate_hash.reset(new digest_variable(pb, 256, "intermediate")); @@ -161,7 +161,7 @@ public: pb, IV2, block2->bits, - *result, + result, "hasher2")); } @@ -210,8 +210,10 @@ std::string r1cs_to_json(protoboard pb) { r1cs_constraint_system constraints = pb.get_constraint_system(); std::stringstream ss; - - ss << "{\"input_count\":512, \"outputs\":[513,514,515,516,517,518,519,520,521,522,523,524,525,526,527,528,529,530,531,532,533,534,535,536,537,538,539,540,541,542,543,544,545,546,547,548,549,550,551,552,553,554,555,556,557,558,559,560,561,562,563,564,565,566,567,568,569,570,571,572,573,574,575,576,577,578,579,580,581,582,583,584,585,586,587,588,589,590,591,592,593,594,595,596,597,598,599,600,601,602,603,604,605,606,607,608,609,610,611,612,613,614,615,616,617,618,619,620,621,622,623,624,625,626,627,628,629,630,631,632,633,634,635,636,637,638,639,640,641,642,643,644,645,646,647,648,649,650,651,652,653,654,655,656,657,658,659,660,661,662,663,664,665,666,667,668,669,670,671,672,673,674,675,676,677,678,679,680,681,682,683,684,685,686,687,688,689,690,691,692,693,694,695,696,697,698,699,700,701,702,703,704,705,706,707,708,709,710,711,712,713,714,715,716,717,718,719,720,721,722,723,724,725,726,727,728,729,730,731,732,733,734,735,736,737,738,739,740,741,742,743,744,745,746,747,748,749,750,751,752,753,754,755,756,757,758,759,760,761,762,763,764,765,766,767,768],\"constraints\":["; + // ss << "{\"input_count\":612, \"outputs\":[613,614,615,616,617,618,619,620,621,622,623,624,625,626,627,628,629,630,631,632,633,634,635,636,637,638,639,640,641,642,643,644,645,646,647,648,649,650,651,652,653,654,655,656,657,658,659,660,661,662,663,664,665,666,667,668,669,670,671,672,673,674,675,676,677,678,679,680,681,682,683,684,685,686,687,688,689,690,691,692,693,694,695,696,697,698,699,700,701,702,703,704,705,706,707,708,709,710,711,712,713,714,715,716,717,718,719,720,721,722,723,724,725,726,727,728,729,730,731,732,733,734,735,736,737,738,739,740,741,742,743,744,745,746,747,748,749,750,751,752,753,754,755,756,757,758,759,760,761,762,763,764,765,766,767,768,769,770,771,772,773,774,775,776,777,778,779,780,781,782,783,784,785,786,787,788,789,790,791,792,793,794,795,796,797,798,799,800,801,802,803,804,805,806,807,808,809,810,811,812,813,814,815,816,817,818,819,820,821,822,823,824,825,826,827,828,829,830,831,832,833,834,835,836,837,838,839,840,841,842,843,844,845,846,847,848,849,850,851,852,853,854,855,856,857,858,859,860,861,862,863,864,865,866,867,868],\"constraints\":["; + // ss << "{\"input_count\":612, \"outputs\":[513,514,515,516,517,518,519,520,521,522,523,524,525,526,527,528,529,530,531,532,533,534,535,536,537,538,539,540,541,542,543,544,545,546,547,548,549,550,551,552,553,554,555,556,557,558,559,560,561,562,563,564,565,566,567,568,569,570,571,572,573,574,575,576,577,578,579,580,581,582,583,584,585,586,587,588,589,590,591,592,593,594,595,596,597,598,599,600,601,602,603,604,605,606,607,608,609,610,611,612,613,614,615,616,617,618,619,620,621,622,623,624,625,626,627,628,629,630,631,632,633,634,635,636,637,638,639,640,641,642,643,644,645,646,647,648,649,650,651,652,653,654,655,656,657,658,659,660,661,662,663,664,665,666,667,668,669,670,671,672,673,674,675,676,677,678,679,680,681,682,683,684,685,686,687,688,689,690,691,692,693,694,695,696,697,698,699,700,701,702,703,704,705,706,707,708,709,710,711,712,713,714,715,716,717,718,719,720,721,722,723,724,725,726,727,728,729,730,731,732,733,734,735,736,737,738,739,740,741,742,743,744,745,746,747,748,749,750,751,752,753,754,755,756,757,758,759,760,761,762,763,764,765,766,767,768],\"constraints\":["; + // ss << "{\"input_count\":513, \"outputs\":[514,515,516,517,518,519,520,521,522,523,524,525,526,527,528,529,530,531,532,533,534,535,536,537,538,539,540,541,542,543,544,545,546,547,548,549,550,551,552,553,554,555,556,557,558,559,560,561,562,563,564,565,566,567,568,569,570,571,572,573,574,575,576,577,578,579,580,581,582,583,584,585,586,587,588,589,590,591,592,593,594,595,596,597,598,599,600,601,602,603,604,605,606,607,608,609,610,611,612,613,614,615,616,617,618,619,620,621,622,623,624,625,626,627,628,629,630,631,632,633,634,635,636,637,638,639,640,641,642,643,644,645,646,647,648,649,650,651,652,653,654,655,656,657,658,659,660,661,662,663,664,665,666,667,668,669,670,671,672,673,674,675,676,677,678,679,680,681,682,683,684,685,686,687,688,689,690,691,692,693,694,695,696,697,698,699,700,701,702,703,704,705,706,707,708,709,710,711,712,713,714,715,716,717,718,719,720,721,722,723,724,725,726,727,728,729,730,731,732,733,734,735,736,737,738,739,740,741,742,743,744,745,746,747,748,749,750,751,752,753,754,755,756,757,758,759,760,761,762,763,764,765,766,767,768, 769],\"constraints\":["; + ss << "{\"input_count\":768, \"outputs\":[769,770,771,772,773,774,775,776,777,778,779,780,781,782,783,784,785,786,787,788,789,790,791,792,793,794,795,796,797,798,799,800,801,802,803,804,805,806,807,808,809,810,811,812,813,814,815,816,817,818,819,820,821,822,823,824,825,826,827,828,829,830,831,832,833,834,835,836,837,838,839,840,841,842,843,844,845,846,847,848,849,850,851,852,853,854,855,856,857,858,859,860,861,862,863,864,865,866,867,868,869,870,871,872,873,874,875,876,877,878,879,880,881,882,883,884,885,886,887,888,889,890,891,892,893,894,895,896,897,898,899,900,901,902,903,904,905,906,907,908,909,910,911,912,913,914,915,916,917,918,919,920,921,922,923,924,925,926,927,928,929,930,931,932,933,934,935,936,937,938,939,940,941,942,943,944,945,946,947,948,949,950,951,952,953,954,955,956,957,958,959,960,961,962,963,964,965,966,967,968,969,970,971,972,973,974,975,976,977,978,979,980,981,982,983,984,985,986,987,988,989,990,991,992,993,994,995,996,997,998,999,1000,1001,1002,1003,1004,1005,1006,1007,1008,1009,1010,1011,1012,1013,1014,1015,1016,1017,1018,1019,1020,1021,1022,1023,1024],\"constraints\":["; for (size_t c = 0; c < constraints.num_constraints(); ++c) { @@ -243,8 +245,7 @@ char* _shaEth256Constraints() pb_variable_array right; right.allocate(pb, 256, "right"); - std::shared_ptr> output; - output.reset(new digest_variable(pb, 256, "output")); + digest_variable output(pb, 256, "output"); pb_variable ZERO; ZERO.allocate(pb, "ZERO"); @@ -275,6 +276,9 @@ std::string array_to_json(protoboard pb) } ss << "]}"; + + // std::cout << ss.rdbuf(); + ss.rdbuf()->pubseekpos(0, std::ios_base::out); return(ss.str()); @@ -290,9 +294,8 @@ char* _shaEth256Witness(const uint8_t* inputs, int inputs_length) left.allocate(pb, 256, "left"); pb_variable_array right; right.allocate(pb, 256, "right"); - - std::shared_ptr> output; - output.reset(new digest_variable(pb, 256, "output")); +//TODO: replace with digest variable? + digest_variable output(pb, 256, "output"); pb_variable ZERO; ZERO.allocate(pb, "ZERO"); @@ -314,7 +317,6 @@ char* _shaEth256Witness(const uint8_t* inputs, int inputs_length) left.fill_with_bits(pb, left_bv); right.fill_with_bits(pb, right_bv); - ethereum_sha256 g(pb, ZERO, left, right, output); g.generate_r1cs_constraints(); g.generate_r1cs_witness(); @@ -337,6 +339,10 @@ char* _sha256Constraints() digest_variable right(pb, SHA256_digest_size, "right"); digest_variable output(pb, SHA256_digest_size, "output"); + pb_variable single; + single.allocate(pb, "single"); + pb.val(single) = 13373; + sha256_two_to_one_hash_gadget f(pb, left, right, output, "f"); f.generate_r1cs_constraints(); @@ -351,13 +357,16 @@ char* _sha256Witness(const uint8_t* inputs, int inputs_length) { libff::alt_bn128_pp::init_public_params(); - protoboard pb; digest_variable left(pb, SHA256_digest_size, "left"); digest_variable right(pb, SHA256_digest_size, "right"); digest_variable output(pb, SHA256_digest_size, "output"); + pb_variable single; + single.allocate(pb, "single"); + pb.val(single) = 13373; + sha256_two_to_one_hash_gadget f(pb, left, right, output, "f"); f.generate_r1cs_constraints(true); @@ -383,3 +392,167 @@ char* _sha256Witness(const uint8_t* inputs, int inputs_length) memcpy(result, json.c_str(), json.size() + 1); return result; } + +const unsigned long mySHA256_H[8] = { + 0x6a09e667, 0xbb67ae85, 0x3c6ef372, 0xa54ff53a, 0x510e527f, 0x9b05688c, 0x1f83d9ab, 0x5be0cd19 +}; + +pb_linear_combination_array SHA256_IV(protoboard &pb) +{ + pb_linear_combination_array result; + result.reserve(SHA256_digest_size); + + for (size_t i = 0; i < SHA256_digest_size; ++i) + { + int iv_val = (mySHA256_H[i / 32] >> (31-(i % 32))) & 1; + + pb_linear_combination iv_element; + iv_element.assign(pb, iv_val * ONE); + iv_element.evaluate(pb); + + result.emplace_back(iv_element); + } + + return result; +} + +class sha256round: gadget +{ +private: + std::shared_ptr> block; + +public: + std::shared_ptr> hasher; + sha256round( + protoboard &pb, + pb_variable& ZERO, + pb_variable_array& myIV, + pb_variable_array& a, + pb_variable_array& b, + std::shared_ptr> result + ) : gadget(pb, "sha256round") { + + // pb_variable_array myIV = + // from_bits({ + // 0,1,1,0,1,0,1,0,0,0,0,0,1,0,0,1,1,1,1,0,0,1,1,0,0,1,1,0,0,1,1,1, + // 1,0,1,1,1,0,1,1,0,1,1,0,0,1,1,1,1,0,1,0,1,1,1,0,1,0,0,0,0,1,0,1, + // 0,0,1,1,1,1,0,0,0,1,1,0,1,1,1,0,1,1,1,1,0,0,1,1,0,1,1,1,0,0,1,0, + // 1,0,1,0,0,1,0,1,0,1,0,0,1,1,1,1,1,1,1,1,0,1,0,1,0,0,1,1,1,0,1,0, + // 0,1,0,1,0,0,0,1,0,0,0,0,1,1,1,0,0,1,0,1,0,0,1,0,0,1,1,1,1,1,1,1, + // 1,0,0,1,1,0,1,1,0,0,0,0,0,1,0,1,0,1,1,0,1,0,0,0,1,0,0,0,1,1,0,0, + // 0,0,0,1,1,1,1,1,1,0,0,0,0,0,1,1,1,1,0,1,1,0,0,1,1,0,1,0,1,0,1,1, + // 0,1,0,1,1,0,1,1,1,1,1,0,0,0,0,0,1,1,0,0,1,1,0,1,0,0,0,1,1,0,0,1 + // }, ZERO); + + block.reset(new block_variable(pb, { + a, + b + }, "block")); + + // pb_linear_combination_array IV = SHA256_IV(pb); + + hasher.reset(new sha256_compression_function_gadget( + pb, + myIV, + block->bits, + *result, + "hasher")); + } + + void generate_r1cs_constraints() { + hasher->generate_r1cs_constraints(); + } + + void generate_r1cs_witness() { + hasher->generate_r1cs_witness(); + } +}; + +char* _sha256RoundConstraints() +{ + libff::alt_bn128_pp::init_public_params(); + protoboard pb; + pb_variable_array left; + + left.allocate(pb, 256, "left"); + pb_variable_array right; + right.allocate(pb, 256, "right"); + + digest_variable IV(pb, 256, "IV"); + + std::shared_ptr> output; + output.reset(new digest_variable(pb, 256, "output")); + + pb_variable ZERO; + ZERO.allocate(pb, "ZERO"); + pb.val(ZERO) = 0; + + sha256round g(pb, ZERO, IV.bits, left, right, output); + g.generate_r1cs_constraints(); + IV.generate_r1cs_constraints(); + + auto json = r1cs_to_json(pb); + + auto result = new char[json.size()]; + memcpy(result, json.c_str(), json.size() + 1); + return result; +} + +char* _sha256RoundWitness(const uint8_t* inputs, int inputs_length) +{ + + libff::alt_bn128_pp::init_public_params(); + protoboard pb; + + pb_variable_array left; + left.allocate(pb, 256, "left"); + pb_variable_array right; + right.allocate(pb, 256, "right"); + + digest_variable IV(pb, 256, "IV"); + + std::shared_ptr> output; + output.reset(new digest_variable(pb, 256, "output")); + + pb_variable ZERO; + ZERO.allocate(pb, "ZERO"); + pb.val(ZERO) = 0; + + libff::bit_vector left_bv; + libff::bit_vector right_bv; + libff::bit_vector IV_bv; + + for (int i = 0; i < 256; i++) { + left_bv.push_back(libsnarkBigintFromBytesAux(inputs + i*32) == 1); + } + + for (int i = 256; i < 512; i++) { + right_bv.push_back(libsnarkBigintFromBytesAux(inputs + i*32) == 1); + } + + for (int i = 512; i < 768; i++) { + IV_bv.push_back(libsnarkBigintFromBytesAux(inputs + i*32) == 1); + } + + // for (int i = 512; i < 612; i++) { + // IV_bv.push_back(libsnarkBigintFromBytesAux(inputs + i*32) == 1); + // } + // + left.fill_with_bits(pb, left_bv); + right.fill_with_bits(pb, right_bv); + // IV.fill_with_bits(pb, IV_bv); + IV.generate_r1cs_constraints(); + IV.generate_r1cs_witness(IV_bv); + + sha256round g(pb, ZERO, IV.bits, left, right, output); + g.generate_r1cs_constraints(); + g.generate_r1cs_witness(); + + assert(pb.is_satisfied()); + + auto json = array_to_json(pb); + + auto result = new char[json.size()]; + memcpy(result, json.c_str(), json.size() + 1); + return result; +} diff --git a/zokrates_core/lib/wraplibsnarkgadgets.hpp b/zokrates_core/lib/wraplibsnarkgadgets.hpp index d230ef2f..2f78f237 100644 --- a/zokrates_core/lib/wraplibsnarkgadgets.hpp +++ b/zokrates_core/lib/wraplibsnarkgadgets.hpp @@ -18,6 +18,9 @@ char* _sha256Witness(const uint8_t* input, int input_length); char* _shaEth256Constraints(); char* _shaEth256Witness(const uint8_t* input, int input_length); +char* _sha256RoundConstraints(); +char* _sha256RoundWitness(const uint8_t* input, int input_length); + #ifdef __cplusplus } // extern "C" #endif diff --git a/zokrates_core/src/helpers/libsnark_gadget.rs b/zokrates_core/src/helpers/libsnark_gadget.rs index 9e653948..06b4eec7 100644 --- a/zokrates_core/src/helpers/libsnark_gadget.rs +++ b/zokrates_core/src/helpers/libsnark_gadget.rs @@ -1,6 +1,6 @@ use field::Field; use helpers::{Executable, Signed}; -use libsnark::{get_ethsha256_witness, get_sha256_witness}; +use libsnark::{get_ethsha256_witness, get_sha256_witness, get_sha256round_witness}; use serde_json; use standard; use std::fmt; @@ -9,6 +9,7 @@ use std::fmt; pub enum LibsnarkGadgetHelper { Sha256Compress, Sha256Ethereum, + Sha256Round } impl fmt::Display for LibsnarkGadgetHelper { @@ -16,6 +17,7 @@ impl fmt::Display for LibsnarkGadgetHelper { match *self { LibsnarkGadgetHelper::Sha256Compress => write!(f, "Sha256Compress"), LibsnarkGadgetHelper::Sha256Ethereum => write!(f, "Sha256Ethereum"), + LibsnarkGadgetHelper::Sha256Round => write!(f, "Sha256Round"), } } } @@ -29,26 +31,35 @@ impl Executable for LibsnarkGadgetHelper { LibsnarkGadgetHelper::Sha256Ethereum => { serde_json::from_str(&get_ethsha256_witness(inputs)) } + LibsnarkGadgetHelper::Sha256Round => { + serde_json::from_str(&get_sha256round_witness(inputs)) + } }; if let Err(e) = witness_result { return Err(format!("{}", e)); } - Ok(witness_result + let lol : Vec = witness_result .unwrap() .variables .iter() .map(|&i| T::from(i)) - .collect()) + .collect(); + + println!("#Debug Witness size: {:#?}", lol.len()); + println!("#Debug Witness variables: {:#?}", lol); + Ok(lol) } } impl Signed for LibsnarkGadgetHelper { fn get_signature(&self) -> (usize, usize) { match self { - LibsnarkGadgetHelper::Sha256Compress => (512, 25561), + LibsnarkGadgetHelper::Sha256Compress => (512, 25562), LibsnarkGadgetHelper::Sha256Ethereum => (512, 50610), + // LibsnarkGadgetHelper::Sha256Round => (612, 25662) + LibsnarkGadgetHelper::Sha256Round => (768, 25818) } } } diff --git a/zokrates_core/src/helpers/mod.rs b/zokrates_core/src/helpers/mod.rs index a939174e..8fbc9c33 100644 --- a/zokrates_core/src/helpers/mod.rs +++ b/zokrates_core/src/helpers/mod.rs @@ -81,6 +81,7 @@ pub trait Signed { impl Executable for Helper { fn execute(&self, inputs: &Vec) -> Result, String> { let (expected_input_count, expected_output_count) = self.get_signature(); + println!("#Debug Executable {},{}", inputs.len(), expected_input_count ); assert!(inputs.len() == expected_input_count); let result = match self { diff --git a/zokrates_core/src/imports.rs b/zokrates_core/src/imports.rs index c1c97216..b832932e 100644 --- a/zokrates_core/src/imports.rs +++ b/zokrates_core/src/imports.rs @@ -127,7 +127,7 @@ impl Importer { #[cfg(feature = "libsnark")] { use helpers::LibsnarkGadgetHelper; - use libsnark::{get_ethsha256_constraints, get_sha256_constraints}; + use libsnark::{get_ethsha256_constraints, get_sha256_constraints, get_sha256round_constraints}; use serde_json::from_str; use standard::{DirectiveR1CS, R1CS}; use std::io::BufReader; @@ -146,6 +146,19 @@ impl Importer { }; origins.push(CompiledImport::new(compiled, alias)); } + "LIBSNARK/sha256round" => { + let r1cs: R1CS = from_str(&get_sha256round_constraints()).unwrap(); + let dr1cs: DirectiveR1CS = DirectiveR1CS { + r1cs, + directive: LibsnarkGadgetHelper::Sha256Round, + }; + let compiled = FlatProg::from(dr1cs); + let alias = match import.alias { + Some(ref alias) => alias.clone(), + None => String::from("sha256round"), + }; + origins.push(CompiledImport::new(compiled, alias)); + } "LIBSNARK/sha256compression" => { let r1cs: R1CS = from_str(&get_sha256_constraints()).unwrap(); let dr1cs: DirectiveR1CS = DirectiveR1CS { diff --git a/zokrates_core/src/libsnark.rs b/zokrates_core/src/libsnark.rs index 36b9f350..860c641b 100644 --- a/zokrates_core/src/libsnark.rs +++ b/zokrates_core/src/libsnark.rs @@ -4,6 +4,8 @@ // @author Dennis Kuhnert // @date 2017 +//TODO: delte sha256ethereum, add tests + extern crate libc; use self::libc::{c_char, c_int, uint8_t}; @@ -18,6 +20,9 @@ extern "C" { fn _shaEth256Constraints() -> *mut c_char; fn _shaEth256Witness(inputs: *const uint8_t, inputs_length: c_int) -> *mut c_char; + + fn _sha256RoundConstraints() -> *mut c_char; + fn _sha256RoundWitness(inputs: *const uint8_t, inputs_length: c_int) -> *mut c_char; } pub fn get_sha256_constraints() -> String { @@ -58,6 +63,30 @@ pub fn get_ethsha256_witness(inputs: &Vec) -> String { a.into_string().unwrap() } +pub fn get_sha256round_constraints() -> String { + let a = unsafe { CString::from_raw(_sha256RoundConstraints()) }; + a.into_string().unwrap() +} + +pub fn get_sha256round_witness(inputs: &Vec) -> String { + let mut inputs_arr: Vec<[u8; 32]> = vec![[0u8; 32]; inputs.len()]; + println!("#Debug Libsnark {}", inputs.len()); + // let inputs = &inputs[0..512]; + //TODO: vector of arrays or 8*32 bit elements => 256bit + for (index, value) in inputs.into_iter().enumerate() { + inputs_arr[index] = vec_as_u8_32_array(&value.into_byte_vector()); + } + //TODO: what is into_byte_vector? + + let a = unsafe { + CString::from_raw(_sha256RoundWitness( + inputs_arr[0].as_ptr(), + inputs.len() as i32, + )) + }; + a.into_string().unwrap() +} + // utility function. Converts a Fields vector-based byte representation to fixed size array. fn vec_as_u8_32_array(vec: &Vec) -> [u8; 32] { assert!(vec.len() <= 32); diff --git a/zokrates_core/src/standard.rs b/zokrates_core/src/standard.rs index 6bee4a22..47b941c8 100644 --- a/zokrates_core/src/standard.rs +++ b/zokrates_core/src/standard.rs @@ -186,6 +186,17 @@ impl Into> for DirectiveR1CS { }), ); } + + LibsnarkGadgetHelper::Sha256Round => { + statements.insert( + 0, + FlatStatement::Directive(DirectiveStatement { + outputs: variables, + inputs: inputs, + helper: Helper::LibsnarkGadget(LibsnarkGadgetHelper::Sha256Round), + }), + ); + } } // insert a statement to return the subset of the witness From 17db5221085071900c6f631f240b26bf976dfeac Mon Sep 17 00:00:00 2001 From: sdeml Date: Sun, 13 Jan 2019 13:29:31 +0100 Subject: [PATCH 02/30] add tripple round --- sha256/run.sh | 3 ++- sha256/tripple_round.code | 13 +++++++++++++ zokrates_core/src/standard.rs | 2 ++ 3 files changed, 17 insertions(+), 1 deletion(-) create mode 100644 sha256/tripple_round.code diff --git a/sha256/run.sh b/sha256/run.sh index aa21c58d..c34bb965 100755 --- a/sha256/run.sh +++ b/sha256/run.sh @@ -1,5 +1,6 @@ # (cd ..; ./mybuild.sh) -rsync -avzP --delete --exclude=target --exclude=Cargo.toml ~/ZoKrates_mac/ ~/ZoKrates +rsync -avzP --delete --exclude=target --exclude=Cargo.toml --exclude=.git ~/ZoKrates_mac/ ~/ZoKrates +(cd ..; cargo build) ln -s ../target/debug/zokrates . ./zokrates compile -i single_test.code 2>&1 | tee debugcomp ./zokrates compute-witness 2>&1 | tee debugwit \ No newline at end of file diff --git a/sha256/tripple_round.code b/sha256/tripple_round.code new file mode 100644 index 00000000..cde1ded0 --- /dev/null +++ b/sha256/tripple_round.code @@ -0,0 +1,13 @@ +import "./IV_constants.code" as IVconstants +import "./sha_round.code" as sha256 + +def main(field[256] a, field[256] b, field[256] c, field[256] d, field[256] e, field[256] f) -> (field[256]): + + //TODO: add bool check + + IV = IVconstants() + digest1 = sha256(a, b, IV) + digest2 = sha256(c, d, digest1) + digest3 = sha256(e, f, digest2) + + return digest3 \ No newline at end of file diff --git a/zokrates_core/src/standard.rs b/zokrates_core/src/standard.rs index 47b941c8..0d5aa9f5 100644 --- a/zokrates_core/src/standard.rs +++ b/zokrates_core/src/standard.rs @@ -5,6 +5,8 @@ use helpers::{DirectiveStatement, Helper, LibsnarkGadgetHelper}; use reduce::Reduce; use std::collections::{BTreeMap, HashSet}; use types::{Signature, Type}; +use zokrates_field::field::Field; +use std::iter::once; // for r1cs import, can be moved. // r1cs data structure reflecting JSON standard format: From 27d3759a48f3b358433617c58e740fe23c7ab59c Mon Sep 17 00:00:00 2001 From: sdeml Date: Sun, 13 Jan 2019 14:28:49 +0100 Subject: [PATCH 03/30] move to stdlib folder --- {sha256 => stdlib/sha256}/IV_constants.code | 0 {sha256 => stdlib/sha256}/double_round.code | 0 {sha256 => stdlib/sha256}/full_round.code | 0 {sha256 => stdlib/sha256}/run.sh | 3 ++- {sha256 => stdlib/sha256}/sha_round.code | 0 {sha256 => stdlib/sha256}/single_packed.code | 0 {sha256 => stdlib/sha256}/single_round.code | 0 {sha256 => stdlib/sha256}/single_test.code | 0 {sha256 => stdlib/sha256}/tripple_round.code | 0 9 files changed, 2 insertions(+), 1 deletion(-) rename {sha256 => stdlib/sha256}/IV_constants.code (100%) rename {sha256 => stdlib/sha256}/double_round.code (100%) rename {sha256 => stdlib/sha256}/full_round.code (100%) rename {sha256 => stdlib/sha256}/run.sh (68%) rename {sha256 => stdlib/sha256}/sha_round.code (100%) rename {sha256 => stdlib/sha256}/single_packed.code (100%) rename {sha256 => stdlib/sha256}/single_round.code (100%) rename {sha256 => stdlib/sha256}/single_test.code (100%) rename {sha256 => stdlib/sha256}/tripple_round.code (100%) diff --git a/sha256/IV_constants.code b/stdlib/sha256/IV_constants.code similarity index 100% rename from sha256/IV_constants.code rename to stdlib/sha256/IV_constants.code diff --git a/sha256/double_round.code b/stdlib/sha256/double_round.code similarity index 100% rename from sha256/double_round.code rename to stdlib/sha256/double_round.code diff --git a/sha256/full_round.code b/stdlib/sha256/full_round.code similarity index 100% rename from sha256/full_round.code rename to stdlib/sha256/full_round.code diff --git a/sha256/run.sh b/stdlib/sha256/run.sh similarity index 68% rename from sha256/run.sh rename to stdlib/sha256/run.sh index c34bb965..848c586d 100755 --- a/sha256/run.sh +++ b/stdlib/sha256/run.sh @@ -1,6 +1,7 @@ # (cd ..; ./mybuild.sh) +# rsync -avzP --delete --exclude=target --exclude=.git ~/ZoKrates_mac/ ~/ZoKrates rsync -avzP --delete --exclude=target --exclude=Cargo.toml --exclude=.git ~/ZoKrates_mac/ ~/ZoKrates (cd ..; cargo build) -ln -s ../target/debug/zokrates . +ln -s ../../target/debug/zokrates . ./zokrates compile -i single_test.code 2>&1 | tee debugcomp ./zokrates compute-witness 2>&1 | tee debugwit \ No newline at end of file diff --git a/sha256/sha_round.code b/stdlib/sha256/sha_round.code similarity index 100% rename from sha256/sha_round.code rename to stdlib/sha256/sha_round.code diff --git a/sha256/single_packed.code b/stdlib/sha256/single_packed.code similarity index 100% rename from sha256/single_packed.code rename to stdlib/sha256/single_packed.code diff --git a/sha256/single_round.code b/stdlib/sha256/single_round.code similarity index 100% rename from sha256/single_round.code rename to stdlib/sha256/single_round.code diff --git a/sha256/single_test.code b/stdlib/sha256/single_test.code similarity index 100% rename from sha256/single_test.code rename to stdlib/sha256/single_test.code diff --git a/sha256/tripple_round.code b/stdlib/sha256/tripple_round.code similarity index 100% rename from sha256/tripple_round.code rename to stdlib/sha256/tripple_round.code From 4d463c5a18bcbb705c64c95745d9c90c7d112dda Mon Sep 17 00:00:00 2001 From: sdeml Date: Sun, 13 Jan 2019 14:54:29 +0100 Subject: [PATCH 04/30] fix conflicts --- zokrates_cli/src/bin.rs | 1 - zokrates_field/Cargo.toml | 13 +++++++++++++ 2 files changed, 13 insertions(+), 1 deletion(-) create mode 100644 zokrates_field/Cargo.toml diff --git a/zokrates_cli/src/bin.rs b/zokrates_cli/src/bin.rs index cc0521de..283b22d0 100644 --- a/zokrates_cli/src/bin.rs +++ b/zokrates_cli/src/bin.rs @@ -20,7 +20,6 @@ use std::io::{stdin, BufRead, BufReader, BufWriter, Write}; use std::path::{Path, PathBuf}; use std::string::String; use zokrates_core::compile::compile; -use zokrates_core::field::{Field, FieldPrime}; use zokrates_core::ir; #[cfg(feature = "libsnark")] use zokrates_core::ir::r1cs_program; diff --git a/zokrates_field/Cargo.toml b/zokrates_field/Cargo.toml new file mode 100644 index 00000000..3ae5fabc --- /dev/null +++ b/zokrates_field/Cargo.toml @@ -0,0 +1,13 @@ +[package] +name = "zokrates_field" +version = "0.3.0" +authors = ["Guillaume Ballet "] + +[dependencies] + +serde = "1.0" +serde_derive = "1.0" +lazy_static = "0.1.*" +num = {version = "0.1.36", default-features = false} +num-bigint = {version = "0.1.36", default-features = false} +bincode = "0.8.0" \ No newline at end of file From e53197e3c14a97b12ee02a8c6bfc15e35b514d84 Mon Sep 17 00:00:00 2001 From: sdeml Date: Sun, 13 Jan 2019 14:55:11 +0100 Subject: [PATCH 05/30] delete debug statements --- zokrates_cli/src/bin.rs | 1 + 1 file changed, 1 insertion(+) diff --git a/zokrates_cli/src/bin.rs b/zokrates_cli/src/bin.rs index 283b22d0..cc0521de 100644 --- a/zokrates_cli/src/bin.rs +++ b/zokrates_cli/src/bin.rs @@ -20,6 +20,7 @@ use std::io::{stdin, BufRead, BufReader, BufWriter, Write}; use std::path::{Path, PathBuf}; use std::string::String; use zokrates_core::compile::compile; +use zokrates_core::field::{Field, FieldPrime}; use zokrates_core::ir; #[cfg(feature = "libsnark")] use zokrates_core::ir::r1cs_program; From b0e48e03a5fcd924e77f6d9be9b64ad3be2bbaed Mon Sep 17 00:00:00 2001 From: sdeml Date: Sun, 13 Jan 2019 14:55:11 +0100 Subject: [PATCH 06/30] delete debug statements --- zokrates_core/src/helpers/libsnark_gadget.rs | 3 --- 1 file changed, 3 deletions(-) diff --git a/zokrates_core/src/helpers/libsnark_gadget.rs b/zokrates_core/src/helpers/libsnark_gadget.rs index 06b4eec7..84607bc7 100644 --- a/zokrates_core/src/helpers/libsnark_gadget.rs +++ b/zokrates_core/src/helpers/libsnark_gadget.rs @@ -47,8 +47,6 @@ impl Executable for LibsnarkGadgetHelper { .map(|&i| T::from(i)) .collect(); - println!("#Debug Witness size: {:#?}", lol.len()); - println!("#Debug Witness variables: {:#?}", lol); Ok(lol) } } @@ -58,7 +56,6 @@ impl Signed for LibsnarkGadgetHelper { match self { LibsnarkGadgetHelper::Sha256Compress => (512, 25562), LibsnarkGadgetHelper::Sha256Ethereum => (512, 50610), - // LibsnarkGadgetHelper::Sha256Round => (612, 25662) LibsnarkGadgetHelper::Sha256Round => (768, 25818) } } From a1a2de56f35a54b8d2a9e3ca98b3bf6d302c456c Mon Sep 17 00:00:00 2001 From: sdeml Date: Sun, 13 Jan 2019 15:05:13 +0100 Subject: [PATCH 07/30] delete old sha variants --- zokrates_core/lib/wraplibsnarkgadgets.cpp | 293 ------------------- zokrates_core/lib/wraplibsnarkgadgets.hpp | 6 - zokrates_core/src/helpers/libsnark_gadget.rs | 22 +- zokrates_core/src/imports.rs | 28 +- zokrates_core/src/libsnark.rs | 50 ---- zokrates_core/src/standard.rs | 21 -- 6 files changed, 5 insertions(+), 415 deletions(-) diff --git a/zokrates_core/lib/wraplibsnarkgadgets.cpp b/zokrates_core/lib/wraplibsnarkgadgets.cpp index 28491701..4fd55bb2 100644 --- a/zokrates_core/lib/wraplibsnarkgadgets.cpp +++ b/zokrates_core/lib/wraplibsnarkgadgets.cpp @@ -42,140 +42,6 @@ vector bit_list_to_ints(vector bit_list, const size_t words } return res; } - -class ethereum_sha256 : gadget -{ -private: - std::shared_ptr> block1; - std::shared_ptr> block2; - std::shared_ptr> intermediate_hash; - -public: - std::shared_ptr> hasher2; - std::shared_ptr> hasher1; - ethereum_sha256( - protoboard &pb, - pb_variable& ZERO, - pb_variable_array& a, - pb_variable_array& b, - digest_variable result - ) : gadget(pb, "ethereum_sha256") { - - intermediate_hash.reset(new digest_variable(pb, 256, "intermediate")); - - // As the hash is computed on the full 512bit block size - // padding does not fit in the primary block - // => add dummy block (single "1" followed by "0" + total length) - pb_variable_array length_padding = - from_bits({ - //dummy padding block - 1,0,0,0,0,0,0,0, - 0,0,0,0,0,0,0,0, - 0,0,0,0,0,0,0,0, - 0,0,0,0,0,0,0,0, - 0,0,0,0,0,0,0,0, - 0,0,0,0,0,0,0,0, - 0,0,0,0,0,0,0,0, - 0,0,0,0,0,0,0,0, - 0,0,0,0,0,0,0,0, - 0,0,0,0,0,0,0,0, - 0,0,0,0,0,0,0,0, - 0,0,0,0,0,0,0,0, - 0,0,0,0,0,0,0,0, - 0,0,0,0,0,0,0,0, - 0,0,0,0,0,0,0,0, - 0,0,0,0,0,0,0,0, - 0,0,0,0,0,0,0,0, - 0,0,0,0,0,0,0,0, - 0,0,0,0,0,0,0,0, - 0,0,0,0,0,0,0,0, - 0,0,0,0,0,0,0,0, - 0,0,0,0,0,0,0,0, - 0,0,0,0,0,0,0,0, - 0,0,0,0,0,0,0,0, - 0,0,0,0,0,0,0,0, - 0,0,0,0,0,0,0,0, - 0,0,0,0,0,0,0,0, - 0,0,0,0,0,0,0,0, - 0,0,0,0,0,0,0,0, - 0,0,0,0,0,0,0,0, - 0,0,0,0,0,0,0,0, - 0,0,0,0,0,0,0,0, - 0,0,0,0,0,0,0,0, - 0,0,0,0,0,0,0,0, - 0,0,0,0,0,0,0,0, - 0,0,0,0,0,0,0,0, - 0,0,0,0,0,0,0,0, - 0,0,0,0,0,0,0,0, - 0,0,0,0,0,0,0,0, - 0,0,0,0,0,0,0,0, - 0,0,0,0,0,0,0,0, - 0,0,0,0,0,0,0,0, - 0,0,0,0,0,0,0,0, - 0,0,0,0,0,0,0,0, - 0,0,0,0,0,0,0,0, - 0,0,0,0,0,0,0,0, - 0,0,0,0,0,0,0,0, - 0,0,0,0,0,0,0,0, - 0,0,0,0,0,0,0,0, - 0,0,0,0,0,0,0,0, - 0,0,0,0,0,0,0,0, - 0,0,0,0,0,0,0,0, - 0,0,0,0,0,0,0,0, - 0,0,0,0,0,0,0,0, - 0,0,0,0,0,0,0,0, - 0,0,0,0,0,0,0,0, - - //total length of message (512 bits) - 0,0,0,0,0,0,0,0, - 0,0,0,0,0,0,0,0, - 0,0,0,0,0,0,0,0, - 0,0,0,0,0,0,0,0, - 0,0,0,0,0,0,0,0, - 0,0,0,0,0,0,0,0, - 0,0,0,0,0,0,1,0, - 0,0,0,0,0,0,0,0 - }, ZERO); - - block1.reset(new block_variable(pb, { - a, - b - }, "block1")); - - block2.reset(new block_variable(pb, { - length_padding - }, "block2")); - - pb_linear_combination_array IV = SHA256_default_IV(pb); - - hasher1.reset(new sha256_compression_function_gadget( - pb, - IV, - block1->bits, - *intermediate_hash, - "hasher1")); - - pb_linear_combination_array IV2(intermediate_hash->bits); - - hasher2.reset(new sha256_compression_function_gadget( - pb, - IV2, - block2->bits, - result, - "hasher2")); - } - - void generate_r1cs_constraints() { - hasher1->generate_r1cs_constraints(); - hasher2->generate_r1cs_constraints(); - } - - void generate_r1cs_witness() { - hasher1->generate_r1cs_witness(); - hasher2->generate_r1cs_witness(); - } -}; - // conversion byte[32] <-> libsnark bigint. libff::bigint libsnarkBigintFromBytesAux(const uint8_t* _x) { @@ -234,33 +100,6 @@ std::string r1cs_to_json(protoboard pb) return ss.str(); } -char* _shaEth256Constraints() -{ - libff::alt_bn128_pp::init_public_params(); - protoboard pb; - - pb_variable_array left; - left.allocate(pb, 256, "left"); - - pb_variable_array right; - right.allocate(pb, 256, "right"); - - digest_variable output(pb, 256, "output"); - - pb_variable ZERO; - ZERO.allocate(pb, "ZERO"); - pb.val(ZERO) = 0; - - ethereum_sha256 g(pb, ZERO, left, right, output); - g.generate_r1cs_constraints(); - - auto json = r1cs_to_json(pb); - - auto result = new char[json.size()]; - memcpy(result, json.c_str(), json.size() + 1); - return result; -} - std::string array_to_json(protoboard pb) { std::stringstream ss; @@ -284,138 +123,6 @@ std::string array_to_json(protoboard pb) return(ss.str()); } -char* _shaEth256Witness(const uint8_t* inputs, int inputs_length) -{ - - libff::alt_bn128_pp::init_public_params(); - protoboard pb; - - pb_variable_array left; - left.allocate(pb, 256, "left"); - pb_variable_array right; - right.allocate(pb, 256, "right"); -//TODO: replace with digest variable? - digest_variable output(pb, 256, "output"); - - pb_variable ZERO; - ZERO.allocate(pb, "ZERO"); - pb.val(ZERO) = 0; - - libff::bit_vector left_bv; - libff::bit_vector right_bv; - - for (int i = 0; i < inputs_length / 2; i++) { - std::cerr << libsnarkBigintFromBytesAux(inputs + i*32) << "\n"; - left_bv.push_back(libsnarkBigintFromBytesAux(inputs + i*32) == 1); - } - - for (int i = inputs_length / 2; i < inputs_length; i++) { - std::cerr << libsnarkBigintFromBytesAux(inputs + i*32) << "\n"; - right_bv.push_back(libsnarkBigintFromBytesAux(inputs + i*32) == 1); - } - - left.fill_with_bits(pb, left_bv); - right.fill_with_bits(pb, right_bv); - - ethereum_sha256 g(pb, ZERO, left, right, output); - g.generate_r1cs_constraints(); - g.generate_r1cs_witness(); - - assert(pb.is_satisfied()); - - auto json = array_to_json(pb); - - auto result = new char[json.size()]; - memcpy(result, json.c_str(), json.size() + 1); - return result; -} - -char* _sha256Constraints() -{ - libff::alt_bn128_pp::init_public_params(); - protoboard pb; - - digest_variable left(pb, SHA256_digest_size, "left"); - digest_variable right(pb, SHA256_digest_size, "right"); - digest_variable output(pb, SHA256_digest_size, "output"); - - pb_variable single; - single.allocate(pb, "single"); - pb.val(single) = 13373; - - sha256_two_to_one_hash_gadget f(pb, left, right, output, "f"); - f.generate_r1cs_constraints(); - - auto json = r1cs_to_json(pb); - - auto result = new char[json.size()]; - memcpy(result, json.c_str(), json.size() + 1); - return result; -} - -char* _sha256Witness(const uint8_t* inputs, int inputs_length) -{ - - libff::alt_bn128_pp::init_public_params(); - protoboard pb; - - digest_variable left(pb, SHA256_digest_size, "left"); - digest_variable right(pb, SHA256_digest_size, "right"); - digest_variable output(pb, SHA256_digest_size, "output"); - - pb_variable single; - single.allocate(pb, "single"); - pb.val(single) = 13373; - - sha256_two_to_one_hash_gadget f(pb, left, right, output, "f"); - f.generate_r1cs_constraints(true); - - libff::bit_vector left_bv; - libff::bit_vector right_bv; - - for (int i = 0; i < inputs_length / 2; i++) { - left_bv.push_back(libsnarkBigintFromBytesAux(inputs + i*32) == 1); - } - for (int i = inputs_length / 2; i < inputs_length; i++) { - right_bv.push_back(libsnarkBigintFromBytesAux(inputs + i*32) == 1); - } - - left.generate_r1cs_witness(left_bv); - right.generate_r1cs_witness(right_bv); - - f.generate_r1cs_witness(); - - assert(pb.is_satisfied()); - - auto json = array_to_json(pb); - auto result = new char[json.size()]; - memcpy(result, json.c_str(), json.size() + 1); - return result; -} - -const unsigned long mySHA256_H[8] = { - 0x6a09e667, 0xbb67ae85, 0x3c6ef372, 0xa54ff53a, 0x510e527f, 0x9b05688c, 0x1f83d9ab, 0x5be0cd19 -}; - -pb_linear_combination_array SHA256_IV(protoboard &pb) -{ - pb_linear_combination_array result; - result.reserve(SHA256_digest_size); - - for (size_t i = 0; i < SHA256_digest_size; ++i) - { - int iv_val = (mySHA256_H[i / 32] >> (31-(i % 32))) & 1; - - pb_linear_combination iv_element; - iv_element.assign(pb, iv_val * ONE); - iv_element.evaluate(pb); - - result.emplace_back(iv_element); - } - - return result; -} - class sha256round: gadget { private: diff --git a/zokrates_core/lib/wraplibsnarkgadgets.hpp b/zokrates_core/lib/wraplibsnarkgadgets.hpp index 2f78f237..3c0e0e55 100644 --- a/zokrates_core/lib/wraplibsnarkgadgets.hpp +++ b/zokrates_core/lib/wraplibsnarkgadgets.hpp @@ -12,12 +12,6 @@ extern "C" { #include #include -char* _sha256Constraints(); -char* _sha256Witness(const uint8_t* input, int input_length); - -char* _shaEth256Constraints(); -char* _shaEth256Witness(const uint8_t* input, int input_length); - char* _sha256RoundConstraints(); char* _sha256RoundWitness(const uint8_t* input, int input_length); diff --git a/zokrates_core/src/helpers/libsnark_gadget.rs b/zokrates_core/src/helpers/libsnark_gadget.rs index 84607bc7..0a902a25 100644 --- a/zokrates_core/src/helpers/libsnark_gadget.rs +++ b/zokrates_core/src/helpers/libsnark_gadget.rs @@ -1,22 +1,18 @@ use field::Field; use helpers::{Executable, Signed}; -use libsnark::{get_ethsha256_witness, get_sha256_witness, get_sha256round_witness}; +use libsnark::{get_sha256round_witness}; use serde_json; use standard; use std::fmt; #[derive(Clone, PartialEq, Debug, Serialize, Deserialize)] pub enum LibsnarkGadgetHelper { - Sha256Compress, - Sha256Ethereum, Sha256Round } impl fmt::Display for LibsnarkGadgetHelper { fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result { match *self { - LibsnarkGadgetHelper::Sha256Compress => write!(f, "Sha256Compress"), - LibsnarkGadgetHelper::Sha256Ethereum => write!(f, "Sha256Ethereum"), LibsnarkGadgetHelper::Sha256Round => write!(f, "Sha256Round"), } } @@ -25,12 +21,6 @@ impl fmt::Display for LibsnarkGadgetHelper { impl Executable for LibsnarkGadgetHelper { fn execute(&self, inputs: &Vec) -> Result, String> { let witness_result: Result = match self { - LibsnarkGadgetHelper::Sha256Compress => { - serde_json::from_str(&get_sha256_witness(inputs)) - } - LibsnarkGadgetHelper::Sha256Ethereum => { - serde_json::from_str(&get_ethsha256_witness(inputs)) - } LibsnarkGadgetHelper::Sha256Round => { serde_json::from_str(&get_sha256round_witness(inputs)) } @@ -39,23 +29,19 @@ impl Executable for LibsnarkGadgetHelper { if let Err(e) = witness_result { return Err(format!("{}", e)); } - - let lol : Vec = witness_result + + Ok(witness_result .unwrap() .variables .iter() .map(|&i| T::from(i)) - .collect(); - - Ok(lol) + .collect()) } } impl Signed for LibsnarkGadgetHelper { fn get_signature(&self) -> (usize, usize) { match self { - LibsnarkGadgetHelper::Sha256Compress => (512, 25562), - LibsnarkGadgetHelper::Sha256Ethereum => (512, 50610), LibsnarkGadgetHelper::Sha256Round => (768, 25818) } } diff --git a/zokrates_core/src/imports.rs b/zokrates_core/src/imports.rs index b832932e..b70ed35a 100644 --- a/zokrates_core/src/imports.rs +++ b/zokrates_core/src/imports.rs @@ -127,25 +127,12 @@ impl Importer { #[cfg(feature = "libsnark")] { use helpers::LibsnarkGadgetHelper; - use libsnark::{get_ethsha256_constraints, get_sha256_constraints, get_sha256round_constraints}; + use libsnark::{get_sha256round_constraints}; use serde_json::from_str; use standard::{DirectiveR1CS, R1CS}; use std::io::BufReader; match import.source.as_ref() { - "LIBSNARK/sha256" => { - let r1cs: R1CS = from_str(&get_ethsha256_constraints()).unwrap(); - let dr1cs: DirectiveR1CS = DirectiveR1CS { - r1cs, - directive: LibsnarkGadgetHelper::Sha256Ethereum, - }; - let compiled = FlatProg::from(dr1cs); - let alias = match import.alias { - Some(ref alias) => alias.clone(), - None => String::from("sha256"), - }; - origins.push(CompiledImport::new(compiled, alias)); - } "LIBSNARK/sha256round" => { let r1cs: R1CS = from_str(&get_sha256round_constraints()).unwrap(); let dr1cs: DirectiveR1CS = DirectiveR1CS { @@ -159,19 +146,6 @@ impl Importer { }; origins.push(CompiledImport::new(compiled, alias)); } - "LIBSNARK/sha256compression" => { - let r1cs: R1CS = from_str(&get_sha256_constraints()).unwrap(); - let dr1cs: DirectiveR1CS = DirectiveR1CS { - r1cs, - directive: LibsnarkGadgetHelper::Sha256Compress, - }; - let compiled = FlatProg::from(dr1cs); - let alias = match import.alias { - Some(ref alias) => alias.clone(), - None => String::from("sha256compression"), - }; - origins.push(CompiledImport::new(compiled, alias)); - } "LIBSNARK/sha256packed" => { let source = sha_packed_typed(); let mut reader = BufReader::new(source.as_bytes()); diff --git a/zokrates_core/src/libsnark.rs b/zokrates_core/src/libsnark.rs index 860c641b..5340ebc8 100644 --- a/zokrates_core/src/libsnark.rs +++ b/zokrates_core/src/libsnark.rs @@ -4,8 +4,6 @@ // @author Dennis Kuhnert // @date 2017 -//TODO: delte sha256ethereum, add tests - extern crate libc; use self::libc::{c_char, c_int, uint8_t}; @@ -15,54 +13,10 @@ use std::string::String; use field::Field; extern "C" { - fn _sha256Constraints() -> *mut c_char; - fn _sha256Witness(inputs: *const uint8_t, inputs_length: c_int) -> *mut c_char; - - fn _shaEth256Constraints() -> *mut c_char; - fn _shaEth256Witness(inputs: *const uint8_t, inputs_length: c_int) -> *mut c_char; - fn _sha256RoundConstraints() -> *mut c_char; fn _sha256RoundWitness(inputs: *const uint8_t, inputs_length: c_int) -> *mut c_char; } -pub fn get_sha256_constraints() -> String { - let a = unsafe { CString::from_raw(_sha256Constraints()) }; - a.into_string().unwrap() -} - -pub fn get_sha256_witness(inputs: &Vec) -> String { - let mut inputs_arr: Vec<[u8; 32]> = vec![[0u8; 32]; inputs.len()]; - - for (index, value) in inputs.into_iter().enumerate() { - inputs_arr[index] = vec_as_u8_32_array(&value.into_byte_vector()); - } - - let a = - unsafe { CString::from_raw(_sha256Witness(inputs_arr[0].as_ptr(), inputs.len() as i32)) }; - a.into_string().unwrap() -} - -pub fn get_ethsha256_constraints() -> String { - let a = unsafe { CString::from_raw(_shaEth256Constraints()) }; - a.into_string().unwrap() -} - -pub fn get_ethsha256_witness(inputs: &Vec) -> String { - let mut inputs_arr: Vec<[u8; 32]> = vec![[0u8; 32]; inputs.len()]; - - for (index, value) in inputs.into_iter().enumerate() { - inputs_arr[index] = vec_as_u8_32_array(&value.into_byte_vector()); - } - - let a = unsafe { - CString::from_raw(_shaEth256Witness( - inputs_arr[0].as_ptr(), - inputs.len() as i32, - )) - }; - a.into_string().unwrap() -} - pub fn get_sha256round_constraints() -> String { let a = unsafe { CString::from_raw(_sha256RoundConstraints()) }; a.into_string().unwrap() @@ -70,13 +24,9 @@ pub fn get_sha256round_constraints() -> String { pub fn get_sha256round_witness(inputs: &Vec) -> String { let mut inputs_arr: Vec<[u8; 32]> = vec![[0u8; 32]; inputs.len()]; - println!("#Debug Libsnark {}", inputs.len()); - // let inputs = &inputs[0..512]; - //TODO: vector of arrays or 8*32 bit elements => 256bit for (index, value) in inputs.into_iter().enumerate() { inputs_arr[index] = vec_as_u8_32_array(&value.into_byte_vector()); } - //TODO: what is into_byte_vector? let a = unsafe { CString::from_raw(_sha256RoundWitness( diff --git a/zokrates_core/src/standard.rs b/zokrates_core/src/standard.rs index 0d5aa9f5..f877193d 100644 --- a/zokrates_core/src/standard.rs +++ b/zokrates_core/src/standard.rs @@ -167,27 +167,6 @@ impl Into> for DirectiveR1CS { // insert a directive to set the witness based on the libsnark gadget and inputs match self.directive { - LibsnarkGadgetHelper::Sha256Compress => { - statements.insert( - 0, - FlatStatement::Directive(DirectiveStatement { - outputs: variables, - inputs: inputs, - helper: Helper::LibsnarkGadget(LibsnarkGadgetHelper::Sha256Compress), - }), - ); - } - - LibsnarkGadgetHelper::Sha256Ethereum => { - statements.insert( - 0, - FlatStatement::Directive(DirectiveStatement { - outputs: variables, - inputs: inputs, - helper: Helper::LibsnarkGadget(LibsnarkGadgetHelper::Sha256Ethereum), - }), - ); - } LibsnarkGadgetHelper::Sha256Round => { statements.insert( From 1d3f4268e75fbe14a6f3b6411e5cbe62f6a19828 Mon Sep 17 00:00:00 2001 From: sdeml Date: Sun, 13 Jan 2019 15:23:55 +0100 Subject: [PATCH 08/30] fix tests --- .../tests/code/sha_ethereum_libsnark.code | 22 - .../sha_ethereum_libsnark.expected.witness | 256 --------- .../tests/code/sha_libsnark.arguments.json | 1 - zokrates_cli/tests/code/sha_libsnark.code | 6 - .../code/sha_libsnark_null.arguments.json | 1 - .../tests/code/sha_libsnark_null.code | 6 - .../code/sha_libsnark_null.expected.witness | 256 --------- .../code/sha_libsnark_packed.arguments.json | 1 - .../tests/code/sha_libsnark_packed.code | 28 - .../code/sha_libsnark_packed.expected.witness | 2 - ...rguments.json => sha_round.arguments.json} | 0 zokrates_cli/tests/code/sha_round.code | 13 + ...ted.witness => sha_round.expected.witness} | 510 +++++++++--------- zokrates_core/src/imports.rs | 38 -- 14 files changed, 268 insertions(+), 872 deletions(-) delete mode 100644 zokrates_cli/tests/code/sha_ethereum_libsnark.code delete mode 100644 zokrates_cli/tests/code/sha_ethereum_libsnark.expected.witness delete mode 100644 zokrates_cli/tests/code/sha_libsnark.arguments.json delete mode 100644 zokrates_cli/tests/code/sha_libsnark.code delete mode 100644 zokrates_cli/tests/code/sha_libsnark_null.arguments.json delete mode 100644 zokrates_cli/tests/code/sha_libsnark_null.code delete mode 100644 zokrates_cli/tests/code/sha_libsnark_null.expected.witness delete mode 100644 zokrates_cli/tests/code/sha_libsnark_packed.arguments.json delete mode 100644 zokrates_cli/tests/code/sha_libsnark_packed.code delete mode 100644 zokrates_cli/tests/code/sha_libsnark_packed.expected.witness rename zokrates_cli/tests/code/{sha_ethereum_libsnark.arguments.json => sha_round.arguments.json} (100%) create mode 100644 zokrates_cli/tests/code/sha_round.code rename zokrates_cli/tests/code/{sha_libsnark.expected.witness => sha_round.expected.witness} (51%) diff --git a/zokrates_cli/tests/code/sha_ethereum_libsnark.code b/zokrates_cli/tests/code/sha_ethereum_libsnark.code deleted file mode 100644 index fab71fd5..00000000 --- a/zokrates_cli/tests/code/sha_ethereum_libsnark.code +++ /dev/null @@ -1,22 +0,0 @@ -//This example creates the equivalent output as the following solidity code: -//pragma solidity ^0.4.24; -//contract SHA256Test { -// event Success( -// bytes32 indexed _id -// ); -// -// function calc_sha() public returns (bytes32) { -// bytes32 a = 0x5; -// bytes32 b = 0x0; -// bytes32 result = sha256(b,a); -// emit Success(result); -// return result; -// } -//} -// - -import "LIBSNARK/sha256" - -def main(field a) -> (field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field): - o255, o254, o253, o252, o251, o250, o249, o248, o247, o246, o245, o244, o243, o242, o241, o240, o239, o238, o237, o236, o235, o234, o233, o232, o231, o230, o229, o228, o227, o226, o225, o224, o223, o222, o221, o220, o219, o218, o217, o216, o215, o214, o213, o212, o211, o210, o209, o208, o207, o206, o205, o204, o203, o202, o201, o200, o199, o198, o197, o196, o195, o194, o193, o192, o191, o190, o189, o188, o187, o186, o185, o184, o183, o182, o181, o180, o179, o178, o177, o176, o175, o174, o173, o172, o171, o170, o169, o168, o167, o166, o165, o164, o163, o162, o161, o160, o159, o158, o157, o156, o155, o154, o153, o152, o151, o150, o149, o148, o147, o146, o145, o144, o143, o142, o141, o140, o139, o138, o137, o136, o135, o134, o133, o132, o131, o130, o129, o128, o127, o126, o125, o124, o123, o122, o121, o120, o119, o118, o117, o116, o115, o114, o113, o112, o111, o110, o109, o108, o107, o106, o105, o104, o103, o102, o101, o100, o99, o98, o97, o96, o95, o94, o93, o92, o91, o90, o89, o88, o87, o86, o85, o84, o83, o82, o81, o80, o79, o78, o77, o76, o75, o74, o73, o72, o71, o70, o69, o68, o67, o66, o65, o64, o63, o62, o61, o60, o59, o58, o57, o56, o55, o54, o53, o52, o51, o50, o49, o48, o47, o46, o45, o44, o43, o42, o41, o40, o39, o38, o37, o36, o35, o34, o33, o32, o31, o30, o29, o28, o27, o26, o25, o24, o23, o22, o21, o20, o19, o18, o17, o16, o15, o14, o13, o12, o11, o10, o9, o8, o7, o6, o5, o4, o3, o2, o1, o0 = sha256(0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,1) - return o255, o254, o253, o252, o251, o250, o249, o248, o247, o246, o245, o244, o243, o242, o241, o240, o239, o238, o237, o236, o235, o234, o233, o232, o231, o230, o229, o228, o227, o226, o225, o224, o223, o222, o221, o220, o219, o218, o217, o216, o215, o214, o213, o212, o211, o210, o209, o208, o207, o206, o205, o204, o203, o202, o201, o200, o199, o198, o197, o196, o195, o194, o193, o192, o191, o190, o189, o188, o187, o186, o185, o184, o183, o182, o181, o180, o179, o178, o177, o176, o175, o174, o173, o172, o171, o170, o169, o168, o167, o166, o165, o164, o163, o162, o161, o160, o159, o158, o157, o156, o155, o154, o153, o152, o151, o150, o149, o148, o147, o146, o145, o144, o143, o142, o141, o140, o139, o138, o137, o136, o135, o134, o133, o132, o131, o130, o129, o128, o127, o126, o125, o124, o123, o122, o121, o120, o119, o118, o117, o116, o115, o114, o113, o112, o111, o110, o109, o108, o107, o106, o105, o104, o103, o102, o101, o100, o99, o98, o97, o96, o95, o94, o93, o92, o91, o90, o89, o88, o87, o86, o85, o84, o83, o82, o81, o80, o79, o78, o77, o76, o75, o74, o73, o72, o71, o70, o69, o68, o67, o66, o65, o64, o63, o62, o61, o60, o59, o58, o57, o56, o55, o54, o53, o52, o51, o50, o49, o48, o47, o46, o45, o44, o43, o42, o41, o40, o39, o38, o37, o36, o35, o34, o33, o32, o31, o30, o29, o28, o27, o26, o25, o24, o23, o22, o21, o20, o19, o18, o17, o16, o15, o14, o13, o12, o11, o10, o9, o8, o7, o6, o5, o4, o3, o2, o1, o0 diff --git a/zokrates_cli/tests/code/sha_ethereum_libsnark.expected.witness b/zokrates_cli/tests/code/sha_ethereum_libsnark.expected.witness deleted file mode 100644 index 9de5a557..00000000 --- a/zokrates_cli/tests/code/sha_ethereum_libsnark.expected.witness +++ /dev/null @@ -1,256 +0,0 @@ -~out_255 0 -~out_254 0 -~out_253 0 -~out_252 0 -~out_251 1 -~out_250 0 -~out_249 0 -~out_248 0 -~out_247 0 -~out_246 1 -~out_245 1 -~out_244 1 -~out_243 0 -~out_242 0 -~out_241 1 -~out_240 1 -~out_239 1 -~out_238 0 -~out_237 0 -~out_236 1 -~out_235 1 -~out_234 0 -~out_233 1 -~out_232 0 -~out_231 0 -~out_230 0 -~out_229 0 -~out_228 0 -~out_227 0 -~out_226 1 -~out_225 1 -~out_224 1 -~out_223 0 -~out_222 1 -~out_221 0 -~out_220 1 -~out_219 0 -~out_218 1 -~out_217 0 -~out_216 1 -~out_215 0 -~out_214 1 -~out_213 0 -~out_212 1 -~out_211 1 -~out_210 1 -~out_209 1 -~out_208 1 -~out_207 0 -~out_206 1 -~out_205 1 -~out_204 0 -~out_203 0 -~out_202 1 -~out_201 0 -~out_200 1 -~out_199 0 -~out_198 0 -~out_197 1 -~out_196 0 -~out_195 0 -~out_194 0 -~out_193 1 -~out_192 1 -~out_191 1 -~out_190 1 -~out_189 1 -~out_188 0 -~out_187 0 -~out_186 0 -~out_185 0 -~out_184 0 -~out_183 1 -~out_182 1 -~out_181 0 -~out_180 0 -~out_179 1 -~out_178 1 -~out_177 1 -~out_176 1 -~out_175 0 -~out_174 0 -~out_173 1 -~out_172 0 -~out_171 0 -~out_170 0 -~out_169 1 -~out_168 1 -~out_167 1 -~out_166 0 -~out_165 0 -~out_164 1 -~out_163 0 -~out_162 0 -~out_161 0 -~out_160 1 -~out_159 1 -~out_158 1 -~out_157 1 -~out_156 1 -~out_155 1 -~out_154 1 -~out_153 1 -~out_152 1 -~out_151 0 -~out_150 1 -~out_149 1 -~out_148 1 -~out_147 0 -~out_146 1 -~out_145 1 -~out_144 1 -~out_143 0 -~out_142 0 -~out_141 0 -~out_140 0 -~out_139 0 -~out_138 1 -~out_137 0 -~out_136 0 -~out_135 1 -~out_134 0 -~out_133 0 -~out_132 0 -~out_131 1 -~out_130 1 -~out_129 0 -~out_128 0 -~out_127 1 -~out_126 0 -~out_125 1 -~out_124 1 -~out_123 0 -~out_122 1 -~out_121 1 -~out_120 1 -~out_119 0 -~out_118 0 -~out_117 0 -~out_116 1 -~out_115 0 -~out_114 1 -~out_113 1 -~out_112 1 -~out_111 1 -~out_110 0 -~out_109 1 -~out_108 0 -~out_107 0 -~out_106 1 -~out_105 0 -~out_104 1 -~out_103 0 -~out_102 1 -~out_101 0 -~out_100 1 -~out_99 1 -~out_98 1 -~out_97 1 -~out_96 1 -~out_95 0 -~out_94 0 -~out_93 1 -~out_92 1 -~out_91 0 -~out_90 0 -~out_89 0 -~out_88 1 -~out_87 1 -~out_86 1 -~out_85 0 -~out_84 1 -~out_83 0 -~out_82 0 -~out_81 0 -~out_80 0 -~out_79 0 -~out_78 0 -~out_77 0 -~out_76 1 -~out_75 0 -~out_74 1 -~out_73 1 -~out_72 0 -~out_71 1 -~out_70 1 -~out_69 1 -~out_68 1 -~out_67 0 -~out_66 1 -~out_65 0 -~out_64 1 -~out_63 0 -~out_62 0 -~out_61 1 -~out_60 0 -~out_59 0 -~out_58 1 -~out_57 1 -~out_56 0 -~out_55 1 -~out_54 0 -~out_53 0 -~out_52 0 -~out_51 0 -~out_50 0 -~out_49 1 -~out_48 0 -~out_47 1 -~out_46 1 -~out_45 1 -~out_44 1 -~out_43 1 -~out_42 1 -~out_41 1 -~out_40 1 -~out_39 1 -~out_38 0 -~out_37 1 -~out_36 0 -~out_35 0 -~out_34 0 -~out_33 1 -~out_32 1 -~out_31 0 -~out_30 1 -~out_29 0 -~out_28 0 -~out_27 0 -~out_26 1 -~out_25 0 -~out_24 0 -~out_23 0 -~out_22 1 -~out_21 1 -~out_20 1 -~out_19 1 -~out_18 0 -~out_17 0 -~out_16 0 -~out_15 0 -~out_14 0 -~out_13 0 -~out_12 1 -~out_11 0 -~out_10 0 -~out_9 1 -~out_8 0 -~out_7 0 -~out_6 1 -~out_5 1 -~out_4 0 -~out_3 0 -~out_2 0 -~out_1 1 -~out_0 1 \ No newline at end of file diff --git a/zokrates_cli/tests/code/sha_libsnark.arguments.json b/zokrates_cli/tests/code/sha_libsnark.arguments.json deleted file mode 100644 index efb52010..00000000 --- a/zokrates_cli/tests/code/sha_libsnark.arguments.json +++ /dev/null @@ -1 +0,0 @@ -[42] \ No newline at end of file diff --git a/zokrates_cli/tests/code/sha_libsnark.code b/zokrates_cli/tests/code/sha_libsnark.code deleted file mode 100644 index 5c8ef571..00000000 --- a/zokrates_cli/tests/code/sha_libsnark.code +++ /dev/null @@ -1,6 +0,0 @@ -import "LIBSNARK/sha256compression" - -def main(field a) -> (field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field): - o255, o254, o253, o252, o251, o250, o249, o248, o247, o246, o245, o244, o243, o242, o241, o240, o239, o238, o237, o236, o235, o234, o233, o232, o231, o230, o229, o228, o227, o226, o225, o224, o223, o222, o221, o220, o219, o218, o217, o216, o215, o214, o213, o212, o211, o210, o209, o208, o207, o206, o205, o204, o203, o202, o201, o200, o199, o198, o197, o196, o195, o194, o193, o192, o191, o190, o189, o188, o187, o186, o185, o184, o183, o182, o181, o180, o179, o178, o177, o176, o175, o174, o173, o172, o171, o170, o169, o168, o167, o166, o165, o164, o163, o162, o161, o160, o159, o158, o157, o156, o155, o154, o153, o152, o151, o150, o149, o148, o147, o146, o145, o144, o143, o142, o141, o140, o139, o138, o137, o136, o135, o134, o133, o132, o131, o130, o129, o128, o127, o126, o125, o124, o123, o122, o121, o120, o119, o118, o117, o116, o115, o114, o113, o112, o111, o110, o109, o108, o107, o106, o105, o104, o103, o102, o101, o100, o99, o98, o97, o96, o95, o94, o93, o92, o91, o90, o89, o88, o87, o86, o85, o84, o83, o82, o81, o80, o79, o78, o77, o76, o75, o74, o73, o72, o71, o70, o69, o68, o67, o66, o65, o64, o63, o62, o61, o60, o59, o58, o57, o56, o55, o54, o53, o52, o51, o50, o49, o48, o47, o46, o45, o44, o43, o42, o41, o40, o39, o38, o37, o36, o35, o34, o33, o32, o31, o30, o29, o28, o27, o26, o25, o24, o23, o22, o21, o20, o19, o18, o17, o16, o15, o14, o13, o12, o11, o10, o9, o8, o7, o6, o5, o4, o3, o2, o1, o0 = sha256compression(0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,1,0,0,0,0,0,0,0,1,1,0,0,0,0,0,1,0,0,0,0,0,0,0,1,0,1,0,0,0,0,0,1,1,0,0,0,0,0,0,1,1,1,0,0,0,0,1,0,0,0,0,0,0,0,1,0,0,1,0,0,0,0,1,0,1,0,0,0,0,0,1,0,1,1,0,0,0,0,1,1,0,0,0,0,0,0,1,1,0,1,0,0,0,0,1,1,1,0,0,0,0,0,1,1,1,1,0,0,0,1,0,0,0,0,0,0,0,1,0,0,0,1,0,0,0,1,0,0,1,0,0,0,0,1,0,0,1,1,0,0,0,1,0,1,0,0,0,0,0,1,0,1,0,1,0,0,0,1,0,1,1,0,0,0,0,1,0,1,1,1,0,0,0,1,1,0,0,0,0,0,0,1,1,0,0,1,0,0,0,1,1,0,1,0,0,0,0,1,1,0,1,1,0,0,0,1,1,1,0,0,0,0,0,1,1,1,0,1,0,0,0,1,1,1,1,0,0,0,0,1,1,1,1,1,0,0,1,0,0,0,0,0,0,0,1,0,0,0,0,1,0,0,1,0,0,0,1,0,0,0,1,0,0,0,1,1,0,0,1,0,0,1,0,0,0,0,1,0,0,1,0,1,0,0,1,0,0,1,1,0,0,0,1,0,0,1,1,1,0,0,1,0,1,0,0,0,0,0,1,0,1,0,0,1,0,0,1,0,1,0,1,0,0,0,1,0,1,0,1,1,0,0,1,0,1,1,0,0,0,0,1,0,1,1,0,1,0,0,1,0,1,1,1,0,0,0,1,0,1,1,1,1,0,0,1,1,0,0,0,0,0,0,1,1,0,0,0,1,0,0,1,1,0,0,1,0,0,0,1,1,0,0,1,1,0,0,1,1,0,1,0,0,0,0,1,1,0,1,0,1,0,0,1,1,0,1,1,0,0,0,1,1,0,1,1,1,0,0,1,1,1,0,0,0,0,0,1,1,1,0,0,1,0,0,1,1,1,0,1,0,0,0,1,1,1,0,1,1,0,0,1,1,1,1,0,0,0,0,1,1,1,1,0,1,0,0,1,1,1,1,1,0,0,0,1,1,1,1,1,1) - return o255, o254, o253, o252, o251, o250, o249, o248, o247, o246, o245, o244, o243, o242, o241, o240, o239, o238, o237, o236, o235, o234, o233, o232, o231, o230, o229, o228, o227, o226, o225, o224, o223, o222, o221, o220, o219, o218, o217, o216, o215, o214, o213, o212, o211, o210, o209, o208, o207, o206, o205, o204, o203, o202, o201, o200, o199, o198, o197, o196, o195, o194, o193, o192, o191, o190, o189, o188, o187, o186, o185, o184, o183, o182, o181, o180, o179, o178, o177, o176, o175, o174, o173, o172, o171, o170, o169, o168, o167, o166, o165, o164, o163, o162, o161, o160, o159, o158, o157, o156, o155, o154, o153, o152, o151, o150, o149, o148, o147, o146, o145, o144, o143, o142, o141, o140, o139, o138, o137, o136, o135, o134, o133, o132, o131, o130, o129, o128, o127, o126, o125, o124, o123, o122, o121, o120, o119, o118, o117, o116, o115, o114, o113, o112, o111, o110, o109, o108, o107, o106, o105, o104, o103, o102, o101, o100, o99, o98, o97, o96, o95, o94, o93, o92, o91, o90, o89, o88, o87, o86, o85, o84, o83, o82, o81, o80, o79, o78, o77, o76, o75, o74, o73, o72, o71, o70, o69, o68, o67, o66, o65, o64, o63, o62, o61, o60, o59, o58, o57, o56, o55, o54, o53, o52, o51, o50, o49, o48, o47, o46, o45, o44, o43, o42, o41, o40, o39, o38, o37, o36, o35, o34, o33, o32, o31, o30, o29, o28, o27, o26, o25, o24, o23, o22, o21, o20, o19, o18, o17, o16, o15, o14, o13, o12, o11, o10, o9, o8, o7, o6, o5, o4, o3, o2, o1, o0 - diff --git a/zokrates_cli/tests/code/sha_libsnark_null.arguments.json b/zokrates_cli/tests/code/sha_libsnark_null.arguments.json deleted file mode 100644 index efb52010..00000000 --- a/zokrates_cli/tests/code/sha_libsnark_null.arguments.json +++ /dev/null @@ -1 +0,0 @@ -[42] \ No newline at end of file diff --git a/zokrates_cli/tests/code/sha_libsnark_null.code b/zokrates_cli/tests/code/sha_libsnark_null.code deleted file mode 100644 index 664a7915..00000000 --- a/zokrates_cli/tests/code/sha_libsnark_null.code +++ /dev/null @@ -1,6 +0,0 @@ -import "LIBSNARK/sha256compression" - -def main(field a) -> (field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field): - o255, o254, o253, o252, o251, o250, o249, o248, o247, o246, o245, o244, o243, o242, o241, o240, o239, o238, o237, o236, o235, o234, o233, o232, o231, o230, o229, o228, o227, o226, o225, o224, o223, o222, o221, o220, o219, o218, o217, o216, o215, o214, o213, o212, o211, o210, o209, o208, o207, o206, o205, o204, o203, o202, o201, o200, o199, o198, o197, o196, o195, o194, o193, o192, o191, o190, o189, o188, o187, o186, o185, o184, o183, o182, o181, o180, o179, o178, o177, o176, o175, o174, o173, o172, o171, o170, o169, o168, o167, o166, o165, o164, o163, o162, o161, o160, o159, o158, o157, o156, o155, o154, o153, o152, o151, o150, o149, o148, o147, o146, o145, o144, o143, o142, o141, o140, o139, o138, o137, o136, o135, o134, o133, o132, o131, o130, o129, o128, o127, o126, o125, o124, o123, o122, o121, o120, o119, o118, o117, o116, o115, o114, o113, o112, o111, o110, o109, o108, o107, o106, o105, o104, o103, o102, o101, o100, o99, o98, o97, o96, o95, o94, o93, o92, o91, o90, o89, o88, o87, o86, o85, o84, o83, o82, o81, o80, o79, o78, o77, o76, o75, o74, o73, o72, o71, o70, o69, o68, o67, o66, o65, o64, o63, o62, o61, o60, o59, o58, o57, o56, o55, o54, o53, o52, o51, o50, o49, o48, o47, o46, o45, o44, o43, o42, o41, o40, o39, o38, o37, o36, o35, o34, o33, o32, o31, o30, o29, o28, o27, o26, o25, o24, o23, o22, o21, o20, o19, o18, o17, o16, o15, o14, o13, o12, o11, o10, o9, o8, o7, o6, o5, o4, o3, o2, o1, o0 = sha256compression(0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0) - return o255, o254, o253, o252, o251, o250, o249, o248, o247, o246, o245, o244, o243, o242, o241, o240, o239, o238, o237, o236, o235, o234, o233, o232, o231, o230, o229, o228, o227, o226, o225, o224, o223, o222, o221, o220, o219, o218, o217, o216, o215, o214, o213, o212, o211, o210, o209, o208, o207, o206, o205, o204, o203, o202, o201, o200, o199, o198, o197, o196, o195, o194, o193, o192, o191, o190, o189, o188, o187, o186, o185, o184, o183, o182, o181, o180, o179, o178, o177, o176, o175, o174, o173, o172, o171, o170, o169, o168, o167, o166, o165, o164, o163, o162, o161, o160, o159, o158, o157, o156, o155, o154, o153, o152, o151, o150, o149, o148, o147, o146, o145, o144, o143, o142, o141, o140, o139, o138, o137, o136, o135, o134, o133, o132, o131, o130, o129, o128, o127, o126, o125, o124, o123, o122, o121, o120, o119, o118, o117, o116, o115, o114, o113, o112, o111, o110, o109, o108, o107, o106, o105, o104, o103, o102, o101, o100, o99, o98, o97, o96, o95, o94, o93, o92, o91, o90, o89, o88, o87, o86, o85, o84, o83, o82, o81, o80, o79, o78, o77, o76, o75, o74, o73, o72, o71, o70, o69, o68, o67, o66, o65, o64, o63, o62, o61, o60, o59, o58, o57, o56, o55, o54, o53, o52, o51, o50, o49, o48, o47, o46, o45, o44, o43, o42, o41, o40, o39, o38, o37, o36, o35, o34, o33, o32, o31, o30, o29, o28, o27, o26, o25, o24, o23, o22, o21, o20, o19, o18, o17, o16, o15, o14, o13, o12, o11, o10, o9, o8, o7, o6, o5, o4, o3, o2, o1, o0 - \ No newline at end of file diff --git a/zokrates_cli/tests/code/sha_libsnark_null.expected.witness b/zokrates_cli/tests/code/sha_libsnark_null.expected.witness deleted file mode 100644 index 252fe6c3..00000000 --- a/zokrates_cli/tests/code/sha_libsnark_null.expected.witness +++ /dev/null @@ -1,256 +0,0 @@ -~out_0 1 -~out_1 1 -~out_2 0 -~out_3 1 -~out_4 1 -~out_5 0 -~out_6 1 -~out_7 0 -~out_8 0 -~out_9 1 -~out_10 0 -~out_11 1 -~out_12 0 -~out_13 1 -~out_14 1 -~out_15 0 -~out_16 1 -~out_17 0 -~out_18 0 -~out_19 1 -~out_20 1 -~out_21 0 -~out_22 0 -~out_23 0 -~out_24 1 -~out_25 0 -~out_26 1 -~out_27 1 -~out_28 1 -~out_29 1 -~out_30 1 -~out_31 0 -~out_32 0 -~out_33 0 -~out_34 0 -~out_35 1 -~out_36 0 -~out_37 1 -~out_38 1 -~out_39 1 -~out_40 1 -~out_41 0 -~out_42 1 -~out_43 1 -~out_44 1 -~out_45 0 -~out_46 0 -~out_47 1 -~out_48 1 -~out_49 0 -~out_50 1 -~out_51 1 -~out_52 0 -~out_53 1 -~out_54 0 -~out_55 0 -~out_56 0 -~out_57 1 -~out_58 1 -~out_59 0 -~out_60 1 -~out_61 0 -~out_62 0 -~out_63 1 -~out_64 0 -~out_65 1 -~out_66 1 -~out_67 0 -~out_68 0 -~out_69 0 -~out_70 1 -~out_71 0 -~out_72 0 -~out_73 0 -~out_74 1 -~out_75 1 -~out_76 0 -~out_77 0 -~out_78 1 -~out_79 1 -~out_80 0 -~out_81 1 -~out_82 0 -~out_83 1 -~out_84 0 -~out_85 1 -~out_86 1 -~out_87 1 -~out_88 1 -~out_89 0 -~out_90 0 -~out_91 1 -~out_92 1 -~out_93 0 -~out_94 0 -~out_95 1 -~out_96 0 -~out_97 1 -~out_98 1 -~out_99 1 -~out_100 0 -~out_101 1 -~out_102 1 -~out_103 1 -~out_104 1 -~out_105 0 -~out_106 0 -~out_107 1 -~out_108 1 -~out_109 1 -~out_110 1 -~out_111 1 -~out_112 1 -~out_113 0 -~out_114 1 -~out_115 1 -~out_116 1 -~out_117 1 -~out_118 1 -~out_119 0 -~out_120 1 -~out_121 1 -~out_122 0 -~out_123 0 -~out_124 1 -~out_125 0 -~out_126 1 -~out_127 0 -~out_128 1 -~out_129 0 -~out_130 0 -~out_131 0 -~out_132 1 -~out_133 1 -~out_134 0 -~out_135 0 -~out_136 1 -~out_137 1 -~out_138 1 -~out_139 0 -~out_140 0 -~out_141 1 -~out_142 0 -~out_143 1 -~out_144 1 -~out_145 1 -~out_146 0 -~out_147 1 -~out_148 0 -~out_149 1 -~out_150 0 -~out_151 0 -~out_152 1 -~out_153 0 -~out_154 0 -~out_155 1 -~out_156 0 -~out_157 0 -~out_158 0 -~out_159 1 -~out_160 1 -~out_161 1 -~out_162 0 -~out_163 0 -~out_164 0 -~out_165 0 -~out_166 0 -~out_167 0 -~out_168 1 -~out_169 1 -~out_170 0 -~out_171 1 -~out_172 0 -~out_173 0 -~out_174 1 -~out_175 0 -~out_176 0 -~out_177 1 -~out_178 1 -~out_179 0 -~out_180 0 -~out_181 0 -~out_182 1 -~out_183 0 -~out_184 0 -~out_185 1 -~out_186 0 -~out_187 0 -~out_188 0 -~out_189 0 -~out_190 1 -~out_191 1 -~out_192 1 -~out_193 0 -~out_194 1 -~out_195 1 -~out_196 1 -~out_197 0 -~out_198 1 -~out_199 0 -~out_200 1 -~out_201 1 -~out_202 1 -~out_203 1 -~out_204 1 -~out_205 1 -~out_206 1 -~out_207 0 -~out_208 1 -~out_209 1 -~out_210 1 -~out_211 1 -~out_212 1 -~out_213 0 -~out_214 0 -~out_215 1 -~out_216 1 -~out_217 1 -~out_218 1 -~out_219 0 -~out_220 1 -~out_221 0 -~out_222 1 -~out_223 0 -~out_224 0 -~out_225 0 -~out_226 0 -~out_227 1 -~out_228 1 -~out_229 0 -~out_230 0 -~out_231 0 -~out_232 0 -~out_233 0 -~out_234 1 -~out_235 1 -~out_236 0 -~out_237 1 -~out_238 1 -~out_239 1 -~out_240 1 -~out_241 0 -~out_242 1 -~out_243 0 -~out_244 1 -~out_245 0 -~out_246 0 -~out_247 1 -~out_248 1 -~out_249 1 -~out_250 0 -~out_251 1 -~out_252 1 -~out_253 0 -~out_254 0 -~out_255 0 \ No newline at end of file diff --git a/zokrates_cli/tests/code/sha_libsnark_packed.arguments.json b/zokrates_cli/tests/code/sha_libsnark_packed.arguments.json deleted file mode 100644 index 98d20c43..00000000 --- a/zokrates_cli/tests/code/sha_libsnark_packed.arguments.json +++ /dev/null @@ -1 +0,0 @@ -[1, 2, 3, 4] \ No newline at end of file diff --git a/zokrates_cli/tests/code/sha_libsnark_packed.code b/zokrates_cli/tests/code/sha_libsnark_packed.code deleted file mode 100644 index 53814cdd..00000000 --- a/zokrates_cli/tests/code/sha_libsnark_packed.code +++ /dev/null @@ -1,28 +0,0 @@ -// sha256 called with two 254 bits inputs, padded to 256 bits with zeros for most significant bits: -// [0, 0, a_0, ..., a_254, 0, 0, b_0, ..., b_254] -// output is truncated of the two most significant bits, and packed in a field element -// output_packed = 0 + 0 + output_2 * 2**253 + ... + output_256 * 2**0 - -// the behavior can be reproduced in solidity with -// pragma solidity ^0.4.24; -// contract SHA256Test { -// event Success( -// bytes32 indexed _id -// ); -// -// function calc_sha() public returns (bytes32) { -// bytes32 a = 0x5; -// bytes32 b = 0x0; -// bytes32 result = sha256(b,a); -// // set two most significant bits to zero -// bytes32 r = bytes32(uint256(result) & 0x3fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff); -// emit Success(r); -// return r; -// } -// } - -import "LIBSNARK/sha256packed" - -def main(field a, field b, field c, field d) -> (field, field): - e, f = sha256packed(a, b, c, d) - return e, f \ No newline at end of file diff --git a/zokrates_cli/tests/code/sha_libsnark_packed.expected.witness b/zokrates_cli/tests/code/sha_libsnark_packed.expected.witness deleted file mode 100644 index 66e2d113..00000000 --- a/zokrates_cli/tests/code/sha_libsnark_packed.expected.witness +++ /dev/null @@ -1,2 +0,0 @@ -~out_0 6441948221896607572742608488120559578 -~out_1 146139290966201238425928859098213699460 \ No newline at end of file diff --git a/zokrates_cli/tests/code/sha_ethereum_libsnark.arguments.json b/zokrates_cli/tests/code/sha_round.arguments.json similarity index 100% rename from zokrates_cli/tests/code/sha_ethereum_libsnark.arguments.json rename to zokrates_cli/tests/code/sha_round.arguments.json diff --git a/zokrates_cli/tests/code/sha_round.code b/zokrates_cli/tests/code/sha_round.code new file mode 100644 index 00000000..3255fab2 --- /dev/null +++ b/zokrates_cli/tests/code/sha_round.code @@ -0,0 +1,13 @@ +import "LIBSNARK/sha256round" as sha256 + +def main(field[256] a, field[256] b, field[256] IV) -> (field[256]): + + field[256] a = [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0] + field[256] b = [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 1] + field[256] IV = [0, 1, 1, 0, 1, 0, 1, 0, 0, 0, 0, 0, 1, 0, 0, 1, 1, 1, 1, 0, 0, 1, 1, 0, 0, 1, 1, 0, 0, 1, 1, 1, 1, 0, 1, 1, 1, 0, 1, 1, 0, 1, 1, 0, 0, 1, 1, 1, 1, 0, 1, 0, 1, 1, 1, 0, 1, 0, 0, 0, 0, 1, 0, 1, 0, 0, 1, 1, 1, 1, 0, 0, 0, 1, 1, 0, 1, 1, 1, 0, 1, 1, 1, 1, 0, 0, 1, 1, 0, 1, 1, 1, 0, 0, 1, 0, 1, 0, 1, 0, 0, 1, 0, 1, 0, 1, 0, 0, 1, 1, 1, 1, 1, 1, 1, 1, 0, 1, 0, 1, 0, 0, 1, 1, 1, 0, 1, 0, 0, 1, 0, 1, 0, 0, 0, 1, 0, 0, 0, 0, 1, 1, 1, 0, 0, 1, 0, 1, 0, 0, 1, 0, 0, 1, 1, 1, 1, 1, 1, 1, 1, 0, 0, 1, 1, 0, 1, 1, 0, 0, 0, 0, 0, 1, 0, 1, 0, 1, 1, 0, 1, 0, 0, 0, 1, 0, 0, 0, 1, 1, 0, 0, 0, 0, 0, 1, 1, 1, 1, 1, 1, 0, 0, 0, 0, 0, 1, 1, 1, 1, 0, 1, 1, 0, 0, 1, 1, 0, 1, 0, 1, 0, 1, 1, 0, 1, 0, 1, 1, 0, 1, 1, 1, 1, 1, 0, 0, 0, 0, 0, 1, 1, 0, 0, 1, 1, 0, 1, 0, 0, 0, 1, 1, 0, 0, 1] + + o255, o254, o253, o252, o251, o250, o249, o248, o247, o246, o245, o244, o243, o242, o241, o240, o239, o238, o237, o236, o235, o234, o233, o232, o231, o230, o229, o228, o227, o226, o225, o224, o223, o222, o221, o220, o219, o218, o217, o216, o215, o214, o213, o212, o211, o210, o209, o208, o207, o206, o205, o204, o203, o202, o201, o200, o199, o198, o197, o196, o195, o194, o193, o192, o191, o190, o189, o188, o187, o186, o185, o184, o183, o182, o181, o180, o179, o178, o177, o176, o175, o174, o173, o172, o171, o170, o169, o168, o167, o166, o165, o164, o163, o162, o161, o160, o159, o158, o157, o156, o155, o154, o153, o152, o151, o150, o149, o148, o147, o146, o145, o144, o143, o142, o141, o140, o139, o138, o137, o136, o135, o134, o133, o132, o131, o130, o129, o128, o127, o126, o125, o124, o123, o122, o121, o120, o119, o118, o117, o116, o115, o114, o113, o112, o111, o110, o109, o108, o107, o106,o105, o104, o103, o102, o101, o100, o99, o98, o97, o96, o95, o94, o93, o92, o91, o90, o89, o88, o87, o86, o85, o84, o83, o82, o81, o80, o79, o78, o77, o76, o75, o74, o73, o72, o71, o70, o69, o68, o67, o66, o65, o64, o63, o62, o61, o60, o59, o58, o57, o56, o55, o54, o53, o52, o51, o50, o49, o48, o47, o46, o45, o44, o43, o42, o41, o40, o39, o38, o37, o36, o35, o34, o33, o32, o31, o30, o29, o28, o27, o26, o25, o24, o23, o22, o21, o20, o19, o18, o17, o16, o15, o14, o13, o12, o11, o10, o9, o8, o7, o6, o5, o4, o3, o2, o1, o0 = sha256(a[0], a[1], a[2], a[3], a[4], a[5], a[6], a[7], a[8], a[9], a[10], a[11], a[12], a[13], a[14], a[15], a[16], a[17], a[18], a[19], a[20], a[21], a[22], a[23], a[24], a[25], a[26], a[27], a[28], a[29], a[30], a[31], a[32], a[33], a[34], a[35], a[36], a[37], a[38], a[39], a[40], a[41], a[42], a[43], a[44], a[45], a[46], a[47], a[48], a[49], a[50], a[51], a[52], a[53], a[54], a[55], a[56], a[57], a[58], a[59], a[60], a[61], a[62], a[63], a[64], a[65], a[66], a[67], a[68], a[69], a[70], a[71], a[72], a[73], a[74], a[75], a[76], a[77], a[78], a[79], a[80], a[81], a[82], a[83], a[84], a[85], a[86], a[87], a[88], a[89], a[90], a[91], a[92], a[93], a[94], a[95], a[96], a[97], a[98], a[99], a[100], a[101], a[102], a[103], a[104], a[105], a[106], a[107], a[108], a[109], a[110], a[111], a[112], a[113], a[114], a[115], a[116], a[117], a[118], a[119], a[120], a[121], a[122], a[123], a[124], a[125], a[126], a[127], a[128], a[129], a[130], a[131], a[132], a[133], a[134], a[135], a[136], a[137], a[138], a[139], a[140], a[141], a[142], a[143], a[144], a[145], a[146], a[147], a[148], a[149], a[150], a[151], a[152], a[153], a[154], a[155], a[156], a[157], a[158], a[159], a[160], a[161], a[162], a[163], a[164], a[165], a[166], a[167], a[168], a[169], a[170], a[171], a[172], a[173], a[174], a[175], a[176], a[177], a[178], a[179], a[180], a[181], a[182], a[183], a[184], a[185], a[186], a[187], a[188], a[189], a[190], a[191], a[192], a[193], a[194], a[195], a[196], a[197], a[198], a[199], a[200], a[201], a[202], a[203], a[204], a[205], a[206], a[207], a[208], a[209], a[210], a[211], a[212], a[213], a[214], a[215], a[216], a[217], a[218], a[219], a[220], a[221], a[222], a[223], a[224], a[225], a[226], a[227], a[228], a[229], a[230], a[231], a[232], a[233], a[234], a[235], a[236], a[237], a[238], a[239], a[240], a[241], a[242], a[243], a[244], a[245], a[246], a[247], a[248], a[249], a[250], a[251], a[252], a[253], a[254], a[255], b[0], b[1], b[2], b[3], b[4], b[5], b[6], b[7], b[8], b[9], b[10], b[11], b[12], b[13], b[14], b[15], b[16], b[17], b[18], b[19], b[20], b[21], b[22], b[23], b[24], b[25], b[26], b[27], b[28], b[29], b[30], b[31], b[32], b[33], b[34], b[35], b[36], b[37], b[38], b[39], b[40], b[41], b[42], b[43], b[44], b[45], b[46], b[47], b[48], b[49], b[50], b[51], b[52], b[53], b[54], b[55], b[56], b[57], b[58], b[59], b[60], b[61], b[62], b[63], b[64], b[65], b[66], b[67], b[68], b[69], b[70], b[71], b[72], b[73], b[74], b[75], b[76], b[77], b[78], b[79], b[80], b[81], b[82], b[83], b[84], b[85], b[86], b[87], b[88], b[89], b[90], b[91], b[92], b[93], b[94], b[95], b[96], b[97], b[98], b[99], b[100], b[101], b[102], b[103], b[104], b[105], b[106], b[107], b[108], b[109], b[110], b[111], b[112], b[113], b[114], b[115], b[116], b[117], b[118], b[119], b[120], b[121], b[122], b[123], b[124], b[125], b[126], b[127], b[128], b[129], b[130], b[131], b[132], b[133], b[134], b[135], b[136], b[137], b[138], b[139], b[140], b[141], b[142], b[143], b[144], b[145], b[146], b[147], b[148], b[149], b[150], b[151], b[152], b[153], b[154], b[155], b[156], b[157], b[158], b[159], b[160], b[161], b[162], b[163], b[164], b[165], b[166], b[167], b[168], b[169], b[170], b[171], b[172], b[173], b[174], b[175], b[176], b[177], b[178], b[179], b[180], b[181], b[182], b[183], b[184], b[185], b[186], b[187], b[188], b[189], b[190], b[191], b[192], b[193], b[194], b[195], b[196], b[197], b[198], b[199], b[200], b[201], b[202], b[203], b[204], b[205], b[206], b[207], b[208], b[209], b[210], b[211], b[212], b[213], b[214], b[215], b[216], b[217], b[218], b[219], b[220], b[221], b[222], b[223], b[224], b[225], b[226], b[227], b[228], b[229], b[230], b[231], b[232], b[233], b[234], b[235], b[236], b[237], b[238], b[239], b[240], b[241], b[242], b[243], b[244], b[245], b[246], b[247], b[248], b[249], b[250], b[251], b[252], b[253], b[254], b[255], IV[0], IV[1], IV[2], IV[3], IV[4], IV[5], IV[6], IV[7], IV[8], IV[9], IV[10], IV[11], IV[12], IV[13], IV[14], IV[15], IV[16], IV[17], IV[18], IV[19], IV[20], IV[21], IV[22], IV[23], IV[24], IV[25], IV[26], IV[27], IV[28], IV[29], IV[30], IV[31], IV[32], IV[33], IV[34], IV[35], IV[36], IV[37], IV[38], IV[39], IV[40], IV[41], IV[42], IV[43], IV[44], IV[45], IV[46], IV[47], IV[48], IV[49], IV[50], IV[51], IV[52], IV[53], IV[54], IV[55], IV[56], IV[57], IV[58], IV[59], IV[60], IV[61], IV[62], IV[63], IV[64], IV[65], IV[66], IV[67], IV[68], IV[69], IV[70], IV[71], IV[72], IV[73], IV[74], IV[75], IV[76], IV[77], IV[78], IV[79], IV[80], IV[81], IV[82], IV[83], IV[84], IV[85], IV[86], IV[87], IV[88], IV[89], IV[90], IV[91], IV[92], IV[93], IV[94], IV[95], IV[96], IV[97], IV[98], IV[99], IV[100], IV[101], IV[102], IV[103], IV[104], IV[105], IV[106], IV[107], IV[108], IV[109], IV[110], IV[111], IV[112], IV[113], IV[114], IV[115], IV[116], IV[117], IV[118], IV[119], IV[120], IV[121], IV[122], IV[123], IV[124], IV[125], IV[126], IV[127], IV[128], IV[129], IV[130], IV[131], IV[132], IV[133], IV[134], IV[135], IV[136], IV[137], IV[138], IV[139], IV[140], IV[141], IV[142], IV[143], IV[144], IV[145], IV[146], IV[147], IV[148], IV[149], IV[150], IV[151], IV[152], IV[153], IV[154], IV[155], IV[156], IV[157], IV[158], IV[159], IV[160], IV[161], IV[162], IV[163], IV[164], IV[165], IV[166], IV[167], IV[168], IV[169], IV[170], IV[171], IV[172], IV[173], IV[174], IV[175], IV[176], IV[177], IV[178], IV[179], IV[180], IV[181], IV[182], IV[183], IV[184], IV[185], IV[186], IV[187], IV[188], IV[189], IV[190], IV[191], IV[192], IV[193], IV[194], IV[195], IV[196], IV[197], IV[198], IV[199], IV[200], IV[201], IV[202], IV[203], IV[204], IV[205], IV[206], IV[207], IV[208], IV[209], IV[210], IV[211], IV[212], IV[213], IV[214], IV[215], IV[216], IV[217], IV[218], IV[219], IV[220], IV[221], IV[222], IV[223], IV[224], IV[225], IV[226], IV[227], IV[228], IV[229], IV[230], IV[231], IV[232], IV[233], IV[234], IV[235], IV[236], IV[237], IV[238], IV[239], IV[240], IV[241], IV[242], IV[243], IV[244], IV[245], IV[246], IV[247], IV[248], IV[249], IV[250], IV[251], IV[252], IV[253], IV[254], IV[255]) + + field[256] digest = [o255, o254, o253, o252, o251, o250, o249, o248, o247, o246, o245, o244, o243, o242, o241, o240, o239, o238, o237, o236, o235, o234, o233, o232, o231, o230, o229, o228, o227, o226, o225, o224, o223, o222, o221, o220, o219, o218, o217, o216, o215, o214, o213, o212, o211, o210, o209, o208, o207, o206, o205, o204, o203, o202, o201, o200, o199, o198, o197, o196, o195, o194, o193,o192, o191, o190, o189, o188, o187, o186, o185, o184, o183, o182, o181, o180, o179, o178, o177, o176, o175, o174, o173, o172, o171, o170, o169, o168, o167, o166, o165, o164, o163, o162, o161, o160, o159, o158, o157, o156, o155, o154, o153, o152, o151, o150, o149, o148, o147, o146, o145, o144, o143, o142, o141, o140, o139, o138, o137, o136, o135, o134, o133, o132, o131, o130, o129, o128, o127, o126, o125, o124, o123, o122, o121, o120, o119, o118, o117, o116, o115, o114, o113, o112, o111, o110, o109, o108, o107, o106, o105, o104, o103, o102, o101, o100, o99, o98, o97, o96, o95, o94, o93, o92, o91, o90, o89, o88, o87, o86, o85, o84, o83, o82, o81, o80, o79, o78, o77, o76, o75, o74, o73, o72, o71, o70, o69, o68, o67, o66, o65, o64, o63, o62, o61, o60, o59, o58, o57, o56, o55, o54, o53, o52, o51, o50, o49, o48, o47, o46, o45, o44, o43, o42, o41, o40, o39, o38, o37, o36, o35, o34, o33, o32, o31, o30, o29, o28, o27, o26, o25, o24, o23, o22, o21, o20, o19, o18, o17, o16, o15, o14, o13, o12, o11, o10, o9, o8, o7, o6, o5, o4, o3, o2, o1, o0] + + return digest \ No newline at end of file diff --git a/zokrates_cli/tests/code/sha_libsnark.expected.witness b/zokrates_cli/tests/code/sha_round.expected.witness similarity index 51% rename from zokrates_cli/tests/code/sha_libsnark.expected.witness rename to zokrates_cli/tests/code/sha_round.expected.witness index a43a3968..87551cea 100644 --- a/zokrates_cli/tests/code/sha_libsnark.expected.witness +++ b/zokrates_cli/tests/code/sha_round.expected.witness @@ -1,256 +1,256 @@ -~out_0 1 -~out_1 1 -~out_2 1 -~out_3 1 -~out_4 1 -~out_5 1 -~out_6 0 -~out_7 0 -~out_8 1 -~out_9 0 -~out_10 0 -~out_11 1 -~out_12 1 -~out_13 0 -~out_14 0 -~out_15 1 -~out_16 1 -~out_17 0 -~out_18 1 -~out_19 0 -~out_20 0 -~out_21 0 -~out_22 1 -~out_23 0 -~out_24 1 -~out_25 1 -~out_26 0 -~out_27 1 -~out_28 1 -~out_29 1 -~out_30 1 -~out_31 1 -~out_32 1 -~out_33 0 -~out_34 0 -~out_35 0 -~out_36 1 -~out_37 0 -~out_38 0 -~out_39 0 -~out_40 1 -~out_41 1 -~out_42 1 -~out_43 1 -~out_44 0 -~out_45 1 -~out_46 0 -~out_47 0 -~out_48 0 -~out_49 0 -~out_50 1 -~out_51 0 -~out_52 1 -~out_53 0 -~out_54 1 -~out_55 0 -~out_56 0 -~out_57 1 -~out_58 1 -~out_59 1 -~out_60 1 -~out_61 0 -~out_62 1 -~out_63 0 -~out_64 0 -~out_65 1 -~out_66 1 -~out_67 1 -~out_68 1 -~out_69 0 -~out_70 1 -~out_71 1 -~out_72 1 -~out_73 0 -~out_74 1 -~out_75 1 -~out_76 1 -~out_77 0 -~out_78 0 -~out_79 1 -~out_80 1 -~out_81 1 -~out_82 0 -~out_83 1 -~out_84 0 -~out_85 0 -~out_86 0 -~out_87 1 -~out_88 1 -~out_89 0 -~out_90 0 -~out_91 0 -~out_92 0 -~out_93 0 -~out_94 0 -~out_95 0 -~out_96 0 -~out_97 0 -~out_98 1 -~out_99 1 -~out_100 0 -~out_101 0 -~out_102 1 -~out_103 1 -~out_104 1 -~out_105 1 -~out_106 0 -~out_107 0 -~out_108 1 -~out_109 1 -~out_110 0 -~out_111 1 -~out_112 1 -~out_113 1 -~out_114 0 -~out_115 0 -~out_116 0 -~out_117 1 -~out_118 1 -~out_119 0 -~out_120 1 -~out_121 0 -~out_122 1 -~out_123 0 -~out_124 0 -~out_125 0 -~out_126 1 -~out_127 0 -~out_128 0 -~out_129 0 -~out_130 0 -~out_131 0 -~out_132 0 -~out_133 0 -~out_134 1 -~out_135 0 -~out_136 0 -~out_137 1 -~out_138 0 -~out_139 1 -~out_140 0 -~out_141 1 -~out_142 1 -~out_143 0 -~out_144 0 -~out_145 1 -~out_146 1 -~out_147 1 -~out_148 0 -~out_149 1 -~out_150 0 -~out_151 1 -~out_152 0 -~out_153 1 -~out_154 0 -~out_155 1 -~out_156 1 -~out_157 1 -~out_158 1 -~out_159 1 -~out_160 1 -~out_161 0 -~out_162 0 -~out_163 1 -~out_164 1 -~out_165 1 -~out_166 0 -~out_167 1 -~out_168 0 -~out_169 1 -~out_170 0 -~out_171 1 -~out_172 1 -~out_173 0 -~out_174 1 -~out_175 1 -~out_176 1 -~out_177 0 -~out_178 0 -~out_179 1 -~out_180 1 -~out_181 0 -~out_182 1 -~out_183 0 -~out_184 0 -~out_185 1 -~out_186 0 -~out_187 1 -~out_188 0 -~out_189 0 -~out_190 0 -~out_191 0 -~out_192 0 -~out_193 1 -~out_194 0 -~out_195 0 -~out_196 0 -~out_197 1 -~out_198 0 -~out_199 0 -~out_200 1 -~out_201 0 -~out_202 1 -~out_203 0 -~out_204 1 -~out_205 0 -~out_206 0 -~out_207 1 -~out_208 1 -~out_209 1 -~out_210 0 -~out_211 0 -~out_212 1 -~out_213 1 -~out_214 0 -~out_215 0 -~out_216 0 -~out_217 0 -~out_218 1 -~out_219 1 -~out_220 0 -~out_221 0 -~out_222 0 -~out_223 1 -~out_224 0 -~out_225 1 -~out_226 0 -~out_227 1 -~out_228 1 -~out_229 0 -~out_230 1 -~out_231 0 -~out_232 1 -~out_233 0 -~out_234 1 -~out_235 1 -~out_236 1 -~out_237 1 -~out_238 1 -~out_239 0 -~out_240 1 -~out_241 0 -~out_242 0 -~out_243 0 -~out_244 0 -~out_245 1 -~out_246 0 -~out_247 0 -~out_248 1 -~out_249 0 -~out_250 1 -~out_251 0 -~out_252 0 +~out_255 1 +~out_254 0 ~out_253 1 -~out_254 1 -~out_255 1 \ No newline at end of file +~out_252 1 +~out_251 0 +~out_250 1 +~out_249 0 +~out_248 0 +~out_247 1 +~out_246 0 +~out_245 1 +~out_244 1 +~out_243 1 +~out_242 1 +~out_241 0 +~out_240 0 +~out_239 0 +~out_238 0 +~out_237 1 +~out_236 1 +~out_235 0 +~out_234 0 +~out_233 1 +~out_232 1 +~out_231 0 +~out_230 1 +~out_229 0 +~out_228 1 +~out_227 0 +~out_226 1 +~out_225 1 +~out_224 1 +~out_223 1 +~out_222 1 +~out_221 0 +~out_220 1 +~out_219 1 +~out_218 1 +~out_217 1 +~out_216 0 +~out_215 0 +~out_214 0 +~out_213 0 +~out_212 0 +~out_211 0 +~out_210 1 +~out_209 0 +~out_208 1 +~out_207 1 +~out_206 1 +~out_205 0 +~out_204 0 +~out_203 1 +~out_202 0 +~out_201 0 +~out_200 0 +~out_199 1 +~out_198 1 +~out_197 1 +~out_196 1 +~out_195 0 +~out_194 1 +~out_193 1 +~out_192 1 +~out_191 1 +~out_190 0 +~out_189 1 +~out_188 0 +~out_187 1 +~out_186 1 +~out_185 0 +~out_184 0 +~out_183 1 +~out_182 1 +~out_181 1 +~out_180 1 +~out_179 0 +~out_178 0 +~out_177 0 +~out_176 1 +~out_175 1 +~out_174 1 +~out_173 0 +~out_172 0 +~out_171 1 +~out_170 1 +~out_169 1 +~out_168 0 +~out_167 0 +~out_166 1 +~out_165 1 +~out_164 1 +~out_163 0 +~out_162 0 +~out_161 1 +~out_160 0 +~out_159 1 +~out_158 0 +~out_157 0 +~out_156 0 +~out_155 0 +~out_154 1 +~out_153 1 +~out_152 0 +~out_151 0 +~out_150 1 +~out_149 0 +~out_148 0 +~out_147 0 +~out_146 1 +~out_145 1 +~out_144 0 +~out_143 1 +~out_142 0 +~out_141 1 +~out_140 0 +~out_139 1 +~out_138 0 +~out_137 1 +~out_136 0 +~out_135 0 +~out_134 0 +~out_133 0 +~out_132 0 +~out_131 1 +~out_130 0 +~out_129 0 +~out_128 0 +~out_127 0 +~out_126 1 +~out_125 1 +~out_124 0 +~out_123 1 +~out_122 1 +~out_121 0 +~out_120 1 +~out_119 0 +~out_118 0 +~out_117 1 +~out_116 0 +~out_115 1 +~out_114 0 +~out_113 0 +~out_112 0 +~out_111 0 +~out_110 0 +~out_109 1 +~out_108 0 +~out_107 1 +~out_106 0 +~out_105 0 +~out_104 0 +~out_103 0 +~out_102 0 +~out_101 1 +~out_100 1 +~out_99 0 +~out_98 1 +~out_97 0 +~out_96 0 +~out_95 0 +~out_94 1 +~out_93 0 +~out_92 0 +~out_91 1 +~out_90 1 +~out_89 0 +~out_88 0 +~out_87 1 +~out_86 1 +~out_85 0 +~out_84 0 +~out_83 0 +~out_82 1 +~out_81 1 +~out_80 1 +~out_79 0 +~out_78 1 +~out_77 1 +~out_76 1 +~out_75 0 +~out_74 0 +~out_73 0 +~out_72 1 +~out_71 0 +~out_70 0 +~out_69 1 +~out_68 1 +~out_67 1 +~out_66 1 +~out_65 0 +~out_64 0 +~out_63 0 +~out_62 0 +~out_61 1 +~out_60 0 +~out_59 1 +~out_58 0 +~out_57 0 +~out_56 1 +~out_55 0 +~out_54 0 +~out_53 0 +~out_52 1 +~out_51 1 +~out_50 1 +~out_49 0 +~out_48 1 +~out_47 0 +~out_46 1 +~out_45 1 +~out_44 1 +~out_43 1 +~out_42 0 +~out_41 0 +~out_40 0 +~out_39 0 +~out_38 1 +~out_37 0 +~out_36 0 +~out_35 0 +~out_34 0 +~out_33 1 +~out_32 1 +~out_31 0 +~out_30 0 +~out_29 0 +~out_28 1 +~out_27 1 +~out_26 0 +~out_25 0 +~out_24 1 +~out_23 1 +~out_22 1 +~out_21 0 +~out_20 1 +~out_19 0 +~out_18 0 +~out_17 0 +~out_16 1 +~out_15 1 +~out_14 1 +~out_13 0 +~out_12 1 +~out_11 1 +~out_10 1 +~out_9 0 +~out_8 0 +~out_7 1 +~out_6 1 +~out_5 1 +~out_4 1 +~out_3 1 +~out_2 0 +~out_1 0 +~out_0 0 \ No newline at end of file diff --git a/zokrates_core/src/imports.rs b/zokrates_core/src/imports.rs index b70ed35a..d94b0a97 100644 --- a/zokrates_core/src/imports.rs +++ b/zokrates_core/src/imports.rs @@ -146,22 +146,6 @@ impl Importer { }; origins.push(CompiledImport::new(compiled, alias)); } - "LIBSNARK/sha256packed" => { - let source = sha_packed_typed(); - let mut reader = BufReader::new(source.as_bytes()); - let compiled = compile_aux( - &mut reader, - None::, - None::< - fn(&Option, &String) -> Result<(S, String, String), E>, - >, - )?; - let alias = match import.alias { - Some(ref alias) => alias.clone(), - None => String::from("sha256packed"), - }; - origins.push(CompiledImport::new(compiled, alias)); - } s => { return Err(CompileError::ImportError(Error::new(format!( "Gadget {} not found", @@ -227,28 +211,6 @@ impl Importer { } } -#[cfg(feature = "libsnark")] -fn sha_packed_typed() -> String { - String::from(r#" - import "PACKING/pack128" - import "PACKING/unpack128" - import "LIBSNARK/sha256" - - def main(field a, field b, field c, field d) -> (field, field): - a0, a1, a2, a3, a4, a5, a6, a7, a8, a9, a10, a11, a12, a13, a14, a15, a16, a17, a18, a19, a20, a21, a22, a23, a24, a25, a26, a27, a28, a29, a30, a31, a32, a33, a34, a35, a36, a37, a38, a39, a40, a41, a42, a43, a44, a45, a46, a47, a48, a49, a50, a51, a52, a53, a54, a55, a56, a57, a58, a59, a60, a61, a62, a63, a64, a65, a66, a67, a68, a69, a70, a71, a72, a73, a74, a75, a76, a77, a78, a79, a80, a81, a82, a83, a84, a85, a86, a87, a88, a89, a90, a91, a92, a93, a94, a95, a96, a97, a98, a99, a100, a101, a102, a103, a104, a105, a106, a107, a108, a109, a110, a111, a112, a113, a114, a115, a116, a117, a118, a119, a120, a121, a122, a123, a124, a125, a126, a127 = unpack128(a) - b0, b1, b2, b3, b4, b5, b6, b7, b8, b9, b10, b11, b12, b13, b14, b15, b16, b17, b18, b19, b20, b21, b22, b23, b24, b25, b26, b27, b28, b29, b30, b31, b32, b33, b34, b35, b36, b37, b38, b39, b40, b41, b42, b43, b44, b45, b46, b47, b48, b49, b50, b51, b52, b53, b54, b55, b56, b57, b58, b59, b60, b61, b62, b63, b64, b65, b66, b67, b68, b69, b70, b71, b72, b73, b74, b75, b76, b77, b78, b79, b80, b81, b82, b83, b84, b85, b86, b87, b88, b89, b90, b91, b92, b93, b94, b95, b96, b97, b98, b99, b100, b101, b102, b103, b104, b105, b106, b107, b108, b109, b110, b111, b112, b113, b114, b115, b116, b117, b118, b119, b120, b121, b122, b123, b124, b125, b126, b127 = unpack128(b) - c0, c1, c2, c3, c4, c5, c6, c7, c8, c9, c10, c11, c12, c13, c14, c15, c16, c17, c18, c19, c20, c21, c22, c23, c24, c25, c26, c27, c28, c29, c30, c31, c32, c33, c34, c35, c36, c37, c38, c39, c40, c41, c42, c43, c44, c45, c46, c47, c48, c49, c50, c51, c52, c53, c54, c55, c56, c57, c58, c59, c60, c61, c62, c63, c64, c65, c66, c67, c68, c69, c70, c71, c72, c73, c74, c75, c76, c77, c78, c79, c80, c81, c82, c83, c84, c85, c86, c87, c88, c89, c90, c91, c92, c93, c94, c95, c96, c97, c98, c99, c100, c101, c102, c103, c104, c105, c106, c107, c108, c109, c110, c111, c112, c113, c114, c115, c116, c117, c118, c119, c120, c121, c122, c123, c124, c125, c126, c127 = unpack128(c) - d0, d1, d2, d3, d4, d5, d6, d7, d8, d9, d10, d11, d12, d13, d14, d15, d16, d17, d18, d19, d20, d21, d22, d23, d24, d25, d26, d27, d28, d29, d30, d31, d32, d33, d34, d35, d36, d37, d38, d39, d40, d41, d42, d43, d44, d45, d46, d47, d48, d49, d50, d51, d52, d53, d54, d55, d56, d57, d58, d59, d60, d61, d62, d63, d64, d65, d66, d67, d68, d69, d70, d71, d72, d73, d74, d75, d76, d77, d78, d79, d80, d81, d82, d83, d84, d85, d86, d87, d88, d89, d90, d91, d92, d93, d94, d95, d96, d97, d98, d99, d100, d101, d102, d103, d104, d105, d106, d107, d108, d109, d110, d111, d112, d113, d114, d115, d116, d117, d118, d119, d120, d121, d122, d123, d124, d125, d126, d127 = unpack128(d) - - hashed0, hashed1, hashed2, hashed3, hashed4, hashed5, hashed6, hashed7, hashed8, hashed9, hashed10, hashed11, hashed12, hashed13, hashed14, hashed15, hashed16, hashed17, hashed18, hashed19, hashed20, hashed21, hashed22, hashed23, hashed24, hashed25, hashed26, hashed27, hashed28, hashed29, hashed30, hashed31, hashed32, hashed33, hashed34, hashed35, hashed36, hashed37, hashed38, hashed39, hashed40, hashed41, hashed42, hashed43, hashed44, hashed45, hashed46, hashed47, hashed48, hashed49, hashed50, hashed51, hashed52, hashed53, hashed54, hashed55, hashed56, hashed57, hashed58, hashed59, hashed60, hashed61, hashed62, hashed63, hashed64, hashed65, hashed66, hashed67, hashed68, hashed69, hashed70, hashed71, hashed72, hashed73, hashed74, hashed75, hashed76, hashed77, hashed78, hashed79, hashed80, hashed81, hashed82, hashed83, hashed84, hashed85, hashed86, hashed87, hashed88, hashed89, hashed90, hashed91, hashed92, hashed93, hashed94, hashed95, hashed96, hashed97, hashed98, hashed99, hashed100, hashed101, hashed102, hashed103, hashed104, hashed105, hashed106, hashed107, hashed108, hashed109, hashed110, hashed111, hashed112, hashed113, hashed114, hashed115, hashed116, hashed117, hashed118, hashed119, hashed120, hashed121, hashed122, hashed123, hashed124, hashed125, hashed126, hashed127, hashed128, hashed129, hashed130, hashed131, hashed132, hashed133, hashed134, hashed135, hashed136, hashed137, hashed138, hashed139, hashed140, hashed141, hashed142, hashed143, hashed144, hashed145, hashed146, hashed147, hashed148, hashed149, hashed150, hashed151, hashed152, hashed153, hashed154, hashed155, hashed156, hashed157, hashed158, hashed159, hashed160, hashed161, hashed162, hashed163, hashed164, hashed165, hashed166, hashed167, hashed168, hashed169, hashed170, hashed171, hashed172, hashed173, hashed174, hashed175, hashed176, hashed177, hashed178, hashed179, hashed180, hashed181, hashed182, hashed183, hashed184, hashed185, hashed186, hashed187, hashed188, hashed189, hashed190, hashed191, hashed192, hashed193, hashed194, hashed195, hashed196, hashed197, hashed198, hashed199, hashed200, hashed201, hashed202, hashed203, hashed204, hashed205, hashed206, hashed207, hashed208, hashed209, hashed210, hashed211, hashed212, hashed213, hashed214, hashed215, hashed216, hashed217, hashed218, hashed219, hashed220, hashed221, hashed222, hashed223, hashed224, hashed225, hashed226, hashed227, hashed228, hashed229, hashed230, hashed231, hashed232, hashed233, hashed234, hashed235, hashed236, hashed237, hashed238, hashed239, hashed240, hashed241, hashed242, hashed243, hashed244, hashed245, hashed246, hashed247, hashed248, hashed249, hashed250, hashed251, hashed252, hashed253, hashed254, hashed255 = sha256(a0, a1, a2, a3, a4, a5, a6, a7, a8, a9, a10, a11, a12, a13, a14, a15, a16, a17, a18, a19, a20, a21, a22, a23, a24, a25, a26, a27, a28, a29, a30, a31, a32, a33, a34, a35, a36, a37, a38, a39, a40, a41, a42, a43, a44, a45, a46, a47, a48, a49, a50, a51, a52, a53, a54, a55, a56, a57, a58, a59, a60, a61, a62, a63, a64, a65, a66, a67, a68, a69, a70, a71, a72, a73, a74, a75, a76, a77, a78, a79, a80, a81, a82, a83, a84, a85, a86, a87, a88, a89, a90, a91, a92, a93, a94, a95, a96, a97, a98, a99, a100, a101, a102, a103, a104, a105, a106, a107, a108, a109, a110, a111, a112, a113, a114, a115, a116, a117, a118, a119, a120, a121, a122, a123, a124, a125, a126, a127, b0, b1, b2, b3, b4, b5, b6, b7, b8, b9, b10, b11, b12, b13, b14, b15, b16, b17, b18, b19, b20, b21, b22, b23, b24, b25, b26, b27, b28, b29, b30, b31, b32, b33, b34, b35, b36, b37, b38, b39, b40, b41, b42, b43, b44, b45, b46, b47, b48, b49, b50, b51, b52, b53, b54, b55, b56, b57, b58, b59, b60, b61, b62, b63, b64, b65, b66, b67, b68, b69, b70, b71, b72, b73, b74, b75, b76, b77, b78, b79, b80, b81, b82, b83, b84, b85, b86, b87, b88, b89, b90, b91, b92, b93, b94, b95, b96, b97, b98, b99, b100, b101, b102, b103, b104, b105, b106, b107, b108, b109, b110, b111, b112, b113, b114, b115, b116, b117, b118, b119, b120, b121, b122, b123, b124, b125, b126, b127, c0, c1, c2, c3, c4, c5, c6, c7, c8, c9, c10, c11, c12, c13, c14, c15, c16, c17, c18, c19, c20, c21, c22, c23, c24, c25, c26, c27, c28, c29, c30, c31, c32, c33, c34, c35, c36, c37, c38, c39, c40, c41, c42, c43, c44, c45, c46, c47, c48, c49, c50, c51, c52, c53, c54, c55, c56, c57, c58, c59, c60, c61, c62, c63, c64, c65, c66, c67, c68, c69, c70, c71, c72, c73, c74, c75, c76, c77, c78, c79, c80, c81, c82, c83, c84, c85, c86, c87, c88, c89, c90, c91, c92, c93, c94, c95, c96, c97, c98, c99, c100, c101, c102, c103, c104, c105, c106, c107, c108, c109, c110, c111, c112, c113, c114, c115, c116, c117, c118, c119, c120, c121, c122, c123, c124, c125, c126, c127, d0, d1, d2, d3, d4, d5, d6, d7, d8, d9, d10, d11, d12, d13, d14, d15, d16, d17, d18, d19, d20, d21, d22, d23, d24, d25, d26, d27, d28, d29, d30, d31, d32, d33, d34, d35, d36, d37, d38, d39, d40, d41, d42, d43, d44, d45, d46, d47, d48, d49, d50, d51, d52, d53, d54, d55, d56, d57, d58, d59, d60, d61, d62, d63, d64, d65, d66, d67, d68, d69, d70, d71, d72, d73, d74, d75, d76, d77, d78, d79, d80, d81, d82, d83, d84, d85, d86, d87, d88, d89, d90, d91, d92, d93, d94, d95, d96, d97, d98, d99, d100, d101, d102, d103, d104, d105, d106, d107, d108, d109, d110, d111, d112, d113, d114, d115, d116, d117, d118, d119, d120, d121, d122, d123, d124, d125, d126, d127) - - res0 = pack128(hashed0, hashed1, hashed2, hashed3, hashed4, hashed5, hashed6, hashed7, hashed8, hashed9, hashed10, hashed11, hashed12, hashed13, hashed14, hashed15, hashed16, hashed17, hashed18, hashed19, hashed20, hashed21, hashed22, hashed23, hashed24, hashed25, hashed26, hashed27, hashed28, hashed29, hashed30, hashed31, hashed32, hashed33, hashed34, hashed35, hashed36, hashed37, hashed38, hashed39, hashed40, hashed41, hashed42, hashed43, hashed44, hashed45, hashed46, hashed47, hashed48, hashed49, hashed50, hashed51, hashed52, hashed53, hashed54, hashed55, hashed56, hashed57, hashed58, hashed59, hashed60, hashed61, hashed62, hashed63, hashed64, hashed65, hashed66, hashed67, hashed68, hashed69, hashed70, hashed71, hashed72, hashed73, hashed74, hashed75, hashed76, hashed77, hashed78, hashed79, hashed80, hashed81, hashed82, hashed83, hashed84, hashed85, hashed86, hashed87, hashed88, hashed89, hashed90, hashed91, hashed92, hashed93, hashed94, hashed95, hashed96, hashed97, hashed98, hashed99, hashed100, hashed101, hashed102, hashed103, hashed104, hashed105, hashed106, hashed107, hashed108, hashed109, hashed110, hashed111, hashed112, hashed113, hashed114, hashed115, hashed116, hashed117, hashed118, hashed119, hashed120, hashed121, hashed122, hashed123, hashed124, hashed125, hashed126, hashed127) - res1 = pack128(hashed128, hashed129, hashed130, hashed131, hashed132, hashed133, hashed134, hashed135, hashed136, hashed137, hashed138, hashed139, hashed140, hashed141, hashed142, hashed143, hashed144, hashed145, hashed146, hashed147, hashed148, hashed149, hashed150, hashed151, hashed152, hashed153, hashed154, hashed155, hashed156, hashed157, hashed158, hashed159, hashed160, hashed161, hashed162, hashed163, hashed164, hashed165, hashed166, hashed167, hashed168, hashed169, hashed170, hashed171, hashed172, hashed173, hashed174, hashed175, hashed176, hashed177, hashed178, hashed179, hashed180, hashed181, hashed182, hashed183, hashed184, hashed185, hashed186, hashed187, hashed188, hashed189, hashed190, hashed191, hashed192, hashed193, hashed194, hashed195, hashed196, hashed197, hashed198, hashed199, hashed200, hashed201, hashed202, hashed203, hashed204, hashed205, hashed206, hashed207, hashed208, hashed209, hashed210, hashed211, hashed212, hashed213, hashed214, hashed215, hashed216, hashed217, hashed218, hashed219, hashed220, hashed221, hashed222, hashed223, hashed224, hashed225, hashed226, hashed227, hashed228, hashed229, hashed230, hashed231, hashed232, hashed233, hashed234, hashed235, hashed236, hashed237, hashed238, hashed239, hashed240, hashed241, hashed242, hashed243, hashed244, hashed245, hashed246, hashed247, hashed248, hashed249, hashed250, hashed251, hashed252, hashed253, hashed254, hashed255) - - return res0, res1 - "#) -} - #[cfg(test)] mod tests { From e84e0efd97da60a3bc27bd8dced37497b727023b Mon Sep 17 00:00:00 2001 From: sdeml Date: Sun, 13 Jan 2019 16:45:05 +0100 Subject: [PATCH 09/30] fix tests --- zokrates_cli/tests/code/sha_round.code | 2 +- zokrates_core/src/helpers/mod.rs | 15 ++++++++++-- zokrates_core/src/libsnark.rs | 10 ++++---- zokrates_core/src/standard.rs | 32 ++++++++++++++++++++++++++ zokrates_field/src/lib.rs | 8 +++++++ 5 files changed, 59 insertions(+), 8 deletions(-) create mode 100644 zokrates_field/src/lib.rs diff --git a/zokrates_cli/tests/code/sha_round.code b/zokrates_cli/tests/code/sha_round.code index 3255fab2..58f4226c 100644 --- a/zokrates_cli/tests/code/sha_round.code +++ b/zokrates_cli/tests/code/sha_round.code @@ -1,6 +1,6 @@ import "LIBSNARK/sha256round" as sha256 -def main(field[256] a, field[256] b, field[256] IV) -> (field[256]): +def main(field unused) -> (field[256]): field[256] a = [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0] field[256] b = [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 1] diff --git a/zokrates_core/src/helpers/mod.rs b/zokrates_core/src/helpers/mod.rs index 8fbc9c33..8a40f011 100644 --- a/zokrates_core/src/helpers/mod.rs +++ b/zokrates_core/src/helpers/mod.rs @@ -123,7 +123,7 @@ mod tests { #[test] fn execute() { - let sha = LibsnarkGadgetHelper::Sha256Compress; + let sha = LibsnarkGadgetHelper::Sha256Round; // second vector here https://homes.esat.kuleuven.be/~nsmart/MPC/sha-256-test.txt let inputs = vec![ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, @@ -145,11 +145,22 @@ mod tests { 0, 0, 1, 1, 1, 0, 0, 0, 0, 0, 1, 1, 1, 0, 0, 1, 0, 0, 1, 1, 1, 0, 1, 0, 0, 0, 1, 1, 1, 0, 1, 1, 0, 0, 1, 1, 1, 1, 0, 0, 0, 0, 1, 1, 1, 1, 0, 1, 0, 0, 1, 1, 1, 1, 1, 0, 0, 0, 1, 1, 1, 1, 1, 1, + // append SHA256 IV vector (https://en.wikipedia.org/wiki/SHA-2) + 0, 1, 1, 0, 1, 0, 1, 0, 0, 0, 0, 0, 1, 0, 0, 1, 1, 1, 1, 0, 0, 1, 1, 0, 0, 1, 1, 0, + 0, 1, 1, 1, 1, 0, 1, 1, 1, 0, 1, 1, 0, 1, 1, 0, 0, 1, 1, 1, 1, 0, 1, 0, 1, 1, 1, 0, + 1, 0, 0, 0, 0, 1, 0, 1, 0, 0, 1, 1, 1, 1, 0, 0, 0, 1, 1, 0, 1, 1, 1, 0, 1, 1, 1, 1, + 0, 0, 1, 1, 0, 1, 1, 1, 0, 0, 1, 0, 1, 0, 1, 0, 0, 1, 0, 1, 0, 1, 0, 0, 1, 1, 1, 1, + 1, 1, 1, 1, 0, 1, 0, 1, 0, 0, 1, 1, 1, 0, 1, 0, 0, 1, 0, 1, 0, 0, 0, 1, 0, 0, 0, 0, + 1, 1, 1, 0, 0, 1, 0, 1, 0, 0, 1, 0, 0, 1, 1, 1, 1, 1, 1, 1, 1, 0, 0, 1, 1, 0, 1, 1, + 0, 0, 0, 0, 0, 1, 0, 1, 0, 1, 1, 0, 1, 0, 0, 0, 1, 0, 0, 0, 1, 1, 0, 0, 0, 0, 0, 1, + 1, 1, 1, 1, 1, 0, 0, 0, 0, 0, 1, 1, 1, 1, 0, 1, 1, 0, 0, 1, 1, 0, 1, 0, 1, 0, 1, 1, + 0, 1, 0, 1, 1, 0, 1, 1, 1, 1, 1, 0, 0, 0, 0, 0, 1, 1, 0, 0, 1, 1, 0, 1, 0, 0, 0, 1, + 1, 0, 0, 1 ]; let r = sha .execute(&inputs.iter().map(|&i| FieldPrime::from(i)).collect()) .unwrap(); - let r1 = &r[513..769]; // index of the result + let r1 = &r[769..1025]; // index of the result let res: Vec = vec![ 1, 1, 1, 1, 1, 1, 0, 0, 1, 0, 0, 1, 1, 0, 0, 1, 1, 0, 1, 0, 0, 0, 1, 0, 1, 1, 0, 1, 1, 1, 1, 1, 1, 0, 0, 0, 1, 0, 0, 0, 1, 1, 1, 1, 0, 1, 0, 0, 0, 0, 1, 0, 1, 0, 1, 0, diff --git a/zokrates_core/src/libsnark.rs b/zokrates_core/src/libsnark.rs index 5340ebc8..6b0498fd 100644 --- a/zokrates_core/src/libsnark.rs +++ b/zokrates_core/src/libsnark.rs @@ -63,22 +63,22 @@ mod tests { #[test] fn can_get_sha256_constraints() { - let _a = get_sha256_constraints(); + let _a = get_sha256round_constraints(); } #[test] fn can_generate_sha_256_witness_null() { - let inputs = vec![FieldPrime::from(0); 512]; - let _b = get_sha256_witness(&inputs); + let inputs = vec![FieldPrime::from(0); 768]; + let _b = get_sha256round_witness(&inputs); } #[test] fn can_generate_flattened_code() { - let constraints = get_sha256_constraints(); + let constraints = get_sha256round_constraints(); let r1cs: standard::R1CS = serde_json::from_str(&constraints).unwrap(); let _prog: FlatProg = FlatProg::from(standard::DirectiveR1CS { r1cs, - directive: helpers::LibsnarkGadgetHelper::Sha256Compress, + directive: helpers::LibsnarkGadgetHelper::Sha256Round, }); } } diff --git a/zokrates_core/src/standard.rs b/zokrates_core/src/standard.rs index f877193d..aa97005d 100644 --- a/zokrates_core/src/standard.rs +++ b/zokrates_core/src/standard.rs @@ -212,4 +212,36 @@ mod tests { let c: Constraint = serde_json::from_str(constraint).unwrap(); let _statement: FlatStatement = c.into(); } + + #[test] + fn generate_sha256_constraints() { + use flat_absy::FlatProg; + use libsnark::get_sha256round_constraints; + let r1cs: R1CS = serde_json::from_str(&get_sha256round_constraints()).unwrap(); + let v_count = r1cs.variable_count; + + let dr1cs: DirectiveR1CS = DirectiveR1CS { + r1cs, + directive: LibsnarkGadgetHelper::Sha256Round, + }; + let compiled: FlatProg = FlatProg::from(dr1cs); + + // libsnark variable #0: index 0 should equal 1 + assert_eq!( + compiled.functions[0].statements[1], + FlatStatement::Condition( + FlatVariable::new(0).into(), + FlatExpression::Number(FieldPrime::from(1)) + ) + ); + + // libsnark input #0: index 1 should equal zokrates input #0: index v_count + assert_eq!( + compiled.functions[0].statements[2], + FlatStatement::Condition( + FlatVariable::new(1).into(), + FlatVariable::new(v_count).into() + ) + ); + } } diff --git a/zokrates_field/src/lib.rs b/zokrates_field/src/lib.rs new file mode 100644 index 00000000..2a765004 --- /dev/null +++ b/zokrates_field/src/lib.rs @@ -0,0 +1,8 @@ +#[macro_use] +extern crate lazy_static; +extern crate num; +extern crate num_bigint; +extern crate serde; +extern crate bincode; + +pub mod field; From f5911babfbd70e245987083f08b20779e26d9c52 Mon Sep 17 00:00:00 2001 From: sdeml Date: Sun, 13 Jan 2019 18:02:05 +0100 Subject: [PATCH 10/30] delete unused variables --- zokrates_core/lib/wraplibsnarkgadgets.cpp | 31 ++------------------ zokrates_core/src/helpers/libsnark_gadget.rs | 2 +- 2 files changed, 3 insertions(+), 30 deletions(-) diff --git a/zokrates_core/lib/wraplibsnarkgadgets.cpp b/zokrates_core/lib/wraplibsnarkgadgets.cpp index 4fd55bb2..de4c2a71 100644 --- a/zokrates_core/lib/wraplibsnarkgadgets.cpp +++ b/zokrates_core/lib/wraplibsnarkgadgets.cpp @@ -76,11 +76,7 @@ std::string r1cs_to_json(protoboard pb) { r1cs_constraint_system constraints = pb.get_constraint_system(); std::stringstream ss; - // ss << "{\"input_count\":612, \"outputs\":[613,614,615,616,617,618,619,620,621,622,623,624,625,626,627,628,629,630,631,632,633,634,635,636,637,638,639,640,641,642,643,644,645,646,647,648,649,650,651,652,653,654,655,656,657,658,659,660,661,662,663,664,665,666,667,668,669,670,671,672,673,674,675,676,677,678,679,680,681,682,683,684,685,686,687,688,689,690,691,692,693,694,695,696,697,698,699,700,701,702,703,704,705,706,707,708,709,710,711,712,713,714,715,716,717,718,719,720,721,722,723,724,725,726,727,728,729,730,731,732,733,734,735,736,737,738,739,740,741,742,743,744,745,746,747,748,749,750,751,752,753,754,755,756,757,758,759,760,761,762,763,764,765,766,767,768,769,770,771,772,773,774,775,776,777,778,779,780,781,782,783,784,785,786,787,788,789,790,791,792,793,794,795,796,797,798,799,800,801,802,803,804,805,806,807,808,809,810,811,812,813,814,815,816,817,818,819,820,821,822,823,824,825,826,827,828,829,830,831,832,833,834,835,836,837,838,839,840,841,842,843,844,845,846,847,848,849,850,851,852,853,854,855,856,857,858,859,860,861,862,863,864,865,866,867,868],\"constraints\":["; - // ss << "{\"input_count\":612, \"outputs\":[513,514,515,516,517,518,519,520,521,522,523,524,525,526,527,528,529,530,531,532,533,534,535,536,537,538,539,540,541,542,543,544,545,546,547,548,549,550,551,552,553,554,555,556,557,558,559,560,561,562,563,564,565,566,567,568,569,570,571,572,573,574,575,576,577,578,579,580,581,582,583,584,585,586,587,588,589,590,591,592,593,594,595,596,597,598,599,600,601,602,603,604,605,606,607,608,609,610,611,612,613,614,615,616,617,618,619,620,621,622,623,624,625,626,627,628,629,630,631,632,633,634,635,636,637,638,639,640,641,642,643,644,645,646,647,648,649,650,651,652,653,654,655,656,657,658,659,660,661,662,663,664,665,666,667,668,669,670,671,672,673,674,675,676,677,678,679,680,681,682,683,684,685,686,687,688,689,690,691,692,693,694,695,696,697,698,699,700,701,702,703,704,705,706,707,708,709,710,711,712,713,714,715,716,717,718,719,720,721,722,723,724,725,726,727,728,729,730,731,732,733,734,735,736,737,738,739,740,741,742,743,744,745,746,747,748,749,750,751,752,753,754,755,756,757,758,759,760,761,762,763,764,765,766,767,768],\"constraints\":["; - // ss << "{\"input_count\":513, \"outputs\":[514,515,516,517,518,519,520,521,522,523,524,525,526,527,528,529,530,531,532,533,534,535,536,537,538,539,540,541,542,543,544,545,546,547,548,549,550,551,552,553,554,555,556,557,558,559,560,561,562,563,564,565,566,567,568,569,570,571,572,573,574,575,576,577,578,579,580,581,582,583,584,585,586,587,588,589,590,591,592,593,594,595,596,597,598,599,600,601,602,603,604,605,606,607,608,609,610,611,612,613,614,615,616,617,618,619,620,621,622,623,624,625,626,627,628,629,630,631,632,633,634,635,636,637,638,639,640,641,642,643,644,645,646,647,648,649,650,651,652,653,654,655,656,657,658,659,660,661,662,663,664,665,666,667,668,669,670,671,672,673,674,675,676,677,678,679,680,681,682,683,684,685,686,687,688,689,690,691,692,693,694,695,696,697,698,699,700,701,702,703,704,705,706,707,708,709,710,711,712,713,714,715,716,717,718,719,720,721,722,723,724,725,726,727,728,729,730,731,732,733,734,735,736,737,738,739,740,741,742,743,744,745,746,747,748,749,750,751,752,753,754,755,756,757,758,759,760,761,762,763,764,765,766,767,768, 769],\"constraints\":["; ss << "{\"input_count\":768, \"outputs\":[769,770,771,772,773,774,775,776,777,778,779,780,781,782,783,784,785,786,787,788,789,790,791,792,793,794,795,796,797,798,799,800,801,802,803,804,805,806,807,808,809,810,811,812,813,814,815,816,817,818,819,820,821,822,823,824,825,826,827,828,829,830,831,832,833,834,835,836,837,838,839,840,841,842,843,844,845,846,847,848,849,850,851,852,853,854,855,856,857,858,859,860,861,862,863,864,865,866,867,868,869,870,871,872,873,874,875,876,877,878,879,880,881,882,883,884,885,886,887,888,889,890,891,892,893,894,895,896,897,898,899,900,901,902,903,904,905,906,907,908,909,910,911,912,913,914,915,916,917,918,919,920,921,922,923,924,925,926,927,928,929,930,931,932,933,934,935,936,937,938,939,940,941,942,943,944,945,946,947,948,949,950,951,952,953,954,955,956,957,958,959,960,961,962,963,964,965,966,967,968,969,970,971,972,973,974,975,976,977,978,979,980,981,982,983,984,985,986,987,988,989,990,991,992,993,994,995,996,997,998,999,1000,1001,1002,1003,1004,1005,1006,1007,1008,1009,1010,1011,1012,1013,1014,1015,1016,1017,1018,1019,1020,1021,1022,1023,1024],\"constraints\":["; - for (size_t c = 0; c < constraints.num_constraints(); ++c) { ss << "[";// << "\"A\"="; @@ -132,32 +128,17 @@ public: std::shared_ptr> hasher; sha256round( protoboard &pb, - pb_variable& ZERO, pb_variable_array& myIV, pb_variable_array& a, pb_variable_array& b, std::shared_ptr> result ) : gadget(pb, "sha256round") { - // pb_variable_array myIV = - // from_bits({ - // 0,1,1,0,1,0,1,0,0,0,0,0,1,0,0,1,1,1,1,0,0,1,1,0,0,1,1,0,0,1,1,1, - // 1,0,1,1,1,0,1,1,0,1,1,0,0,1,1,1,1,0,1,0,1,1,1,0,1,0,0,0,0,1,0,1, - // 0,0,1,1,1,1,0,0,0,1,1,0,1,1,1,0,1,1,1,1,0,0,1,1,0,1,1,1,0,0,1,0, - // 1,0,1,0,0,1,0,1,0,1,0,0,1,1,1,1,1,1,1,1,0,1,0,1,0,0,1,1,1,0,1,0, - // 0,1,0,1,0,0,0,1,0,0,0,0,1,1,1,0,0,1,0,1,0,0,1,0,0,1,1,1,1,1,1,1, - // 1,0,0,1,1,0,1,1,0,0,0,0,0,1,0,1,0,1,1,0,1,0,0,0,1,0,0,0,1,1,0,0, - // 0,0,0,1,1,1,1,1,1,0,0,0,0,0,1,1,1,1,0,1,1,0,0,1,1,0,1,0,1,0,1,1, - // 0,1,0,1,1,0,1,1,1,1,1,0,0,0,0,0,1,1,0,0,1,1,0,1,0,0,0,1,1,0,0,1 - // }, ZERO); - block.reset(new block_variable(pb, { a, b }, "block")); - // pb_linear_combination_array IV = SHA256_IV(pb); - hasher.reset(new sha256_compression_function_gadget( pb, myIV, @@ -190,11 +171,7 @@ char* _sha256RoundConstraints() std::shared_ptr> output; output.reset(new digest_variable(pb, 256, "output")); - pb_variable ZERO; - ZERO.allocate(pb, "ZERO"); - pb.val(ZERO) = 0; - - sha256round g(pb, ZERO, IV.bits, left, right, output); + sha256round g(pb, IV.bits, left, right, output); g.generate_r1cs_constraints(); IV.generate_r1cs_constraints(); @@ -221,10 +198,6 @@ char* _sha256RoundWitness(const uint8_t* inputs, int inputs_length) std::shared_ptr> output; output.reset(new digest_variable(pb, 256, "output")); - pb_variable ZERO; - ZERO.allocate(pb, "ZERO"); - pb.val(ZERO) = 0; - libff::bit_vector left_bv; libff::bit_vector right_bv; libff::bit_vector IV_bv; @@ -251,7 +224,7 @@ char* _sha256RoundWitness(const uint8_t* inputs, int inputs_length) IV.generate_r1cs_constraints(); IV.generate_r1cs_witness(IV_bv); - sha256round g(pb, ZERO, IV.bits, left, right, output); + sha256round g(pb, IV.bits, left, right, output); g.generate_r1cs_constraints(); g.generate_r1cs_witness(); diff --git a/zokrates_core/src/helpers/libsnark_gadget.rs b/zokrates_core/src/helpers/libsnark_gadget.rs index eb3deaf1..73451f30 100644 --- a/zokrates_core/src/helpers/libsnark_gadget.rs +++ b/zokrates_core/src/helpers/libsnark_gadget.rs @@ -42,7 +42,7 @@ impl Executable for LibsnarkGadgetHelper { impl Signed for LibsnarkGadgetHelper { fn get_signature(&self) -> (usize, usize) { match self { - LibsnarkGadgetHelper::Sha256Round => (768, 25818) + LibsnarkGadgetHelper::Sha256Round => (768, 25817) } } } From c0db24bb793b788f30bf11f207628ec3341a36c8 Mon Sep 17 00:00:00 2001 From: sdeml Date: Tue, 15 Jan 2019 11:47:51 +0100 Subject: [PATCH 11/30] cleaning and adding docs --- .../sha256/{double_round.code => 1024.code} | 5 ++- .../sha256/{tripple_round.code => 1536.code} | 5 ++- stdlib/sha256/512.code | 15 +++++++ .../{single_packed.code => 512_packed.code} | 9 ++-- .../{full_round.code => 512_padded.code} | 4 +- stdlib/sha256/IV_constants.code | 2 + stdlib/sha256/run.sh | 7 --- stdlib/sha256/sha_round.code | 4 ++ stdlib/sha256/single_round.code | 15 ------- stdlib/sha256/single_test.code | 45 ------------------- zokrates_book/src/sha256example.md | 6 +-- zokrates_core/lib/wraplibsnarkgadgets.cpp | 26 +++++------ zokrates_core/src/helpers/mod.rs | 1 - 13 files changed, 48 insertions(+), 96 deletions(-) rename stdlib/sha256/{double_round.code => 1024.code} (64%) rename stdlib/sha256/{tripple_round.code => 1536.code} (69%) create mode 100644 stdlib/sha256/512.code rename stdlib/sha256/{single_packed.code => 512_packed.code} (50%) rename stdlib/sha256/{full_round.code => 512_padded.code} (91%) delete mode 100755 stdlib/sha256/run.sh delete mode 100644 stdlib/sha256/single_round.code delete mode 100644 stdlib/sha256/single_test.code diff --git a/stdlib/sha256/double_round.code b/stdlib/sha256/1024.code similarity index 64% rename from stdlib/sha256/double_round.code rename to stdlib/sha256/1024.code index 753ae879..2102aa7c 100644 --- a/stdlib/sha256/double_round.code +++ b/stdlib/sha256/1024.code @@ -1,10 +1,11 @@ import "./IV_constants.code" as IVconstants import "./sha_round.code" as sha256 +// A function that takes 4 field[256] arrays as inputs +// and applies 2 rounds of sha256 compression. +// It returns an array of 256 field elements. def main(field[256] a, field[256] b, field[256] c, field[256] d) -> (field[256]): - //TODO: add bool check - IV = IVconstants() digest1 = sha256(a, b, IV) digest2 = sha256(c, d, digest1) diff --git a/stdlib/sha256/tripple_round.code b/stdlib/sha256/1536.code similarity index 69% rename from stdlib/sha256/tripple_round.code rename to stdlib/sha256/1536.code index cde1ded0..522cf389 100644 --- a/stdlib/sha256/tripple_round.code +++ b/stdlib/sha256/1536.code @@ -1,10 +1,11 @@ import "./IV_constants.code" as IVconstants import "./sha_round.code" as sha256 +// A function that takes 6 field[256] arrays as inputs +// and applies 3 rounds of sha256 compression. +// It returns an array of 256 field elements. def main(field[256] a, field[256] b, field[256] c, field[256] d, field[256] e, field[256] f) -> (field[256]): - //TODO: add bool check - IV = IVconstants() digest1 = sha256(a, b, IV) digest2 = sha256(c, d, digest1) diff --git a/stdlib/sha256/512.code b/stdlib/sha256/512.code new file mode 100644 index 00000000..501520bd --- /dev/null +++ b/stdlib/sha256/512.code @@ -0,0 +1,15 @@ +import "./IV_constants.code" as IVconstants +import "./sha_round.code" as sha256 + +// A function that takes 2 field[256] arrays as inputs +// and returns their sha256 compression function as an array of 256 field elements. +// In contrast to full_round.code no padding is being applied +def main(field[256] a, field[256] b) -> (field[256]): + + // a and b is NOT checked to be of type bool + + IV = IVconstants() + digest = sha256(a, b, IV) + //digest is constraint to be of type bool + + return digest \ No newline at end of file diff --git a/stdlib/sha256/single_packed.code b/stdlib/sha256/512_packed.code similarity index 50% rename from stdlib/sha256/single_packed.code rename to stdlib/sha256/512_packed.code index e85c3444..c704aa70 100644 --- a/stdlib/sha256/single_packed.code +++ b/stdlib/sha256/512_packed.code @@ -1,14 +1,15 @@ -import "./IV_constants.code" as IVConstant +import "./IV_constants.code" as IVconstants import "./sha_round.code" as sha256 import "PACKING/pack256" as pack256 import "PACKING/unpack256" as unpack256 +// A function that takes 4 field elements as inputs, unpacks each of them to 128 +// bits (big endian), concatenates them and applies sha256. +// It then returns two field elements, each representing 128 bits of the result. def main(field a, field b) -> (field): - //TODO: add bool check - - IV = IVConstant() + IV = IVconstants() field[256] a = unpack256(a) field[256] b = unpack256(b) digest = sha256(a, b, IV) diff --git a/stdlib/sha256/full_round.code b/stdlib/sha256/512_padded.code similarity index 91% rename from stdlib/sha256/full_round.code rename to stdlib/sha256/512_padded.code index 49d511dd..272e0246 100644 --- a/stdlib/sha256/full_round.code +++ b/stdlib/sha256/512_padded.code @@ -1,5 +1,7 @@ -import "./double_round.code" as sha256 +import "./1024.code" as sha256 +// A function that takes 2 field[256] arrays as inputs +// and returns their sha256 compression function as an array of 256 field elements. def main(field[256] a, field[256] b) -> (field[256]): // Hash is computed on the full 512bit block size diff --git a/stdlib/sha256/IV_constants.code b/stdlib/sha256/IV_constants.code index 7cdeccd0..25965fd5 100644 --- a/stdlib/sha256/IV_constants.code +++ b/stdlib/sha256/IV_constants.code @@ -1,3 +1,4 @@ +// SHA2 initial values are taken from here: https://en.wikipedia.org/wiki/SHA-2 def main() -> (field[256]): field[32] h0 = [0, 1, 1, 0, 1, 0, 1, 0, 0, 0, 0, 0, 1, 0, 0, 1, 1, 1, 1, 0, 0, 1, 1, 0, 0, 1, 1, 0, 0, 1, 1, 1] field[32] h1 = [1, 0, 1, 1, 1, 0, 1, 1, 0, 1, 1, 0, 0, 1, 1, 1, 1, 0, 1, 0, 1, 1, 1, 0, 1, 0, 0, 0, 0, 1, 0, 1] @@ -9,4 +10,5 @@ def main() -> (field[256]): field[32] h7 = [0, 1, 0, 1, 1, 0, 1, 1, 1, 1, 1, 0, 0, 0, 0, 0, 1, 1, 0, 0, 1, 1, 0, 1, 0, 0, 0, 1, 1, 0, 0, 1] field[256] IV = [h0[0], h0[1], h0[2], h0[3], h0[4], h0[5], h0[6], h0[7], h0[8], h0[9], h0[10], h0[11], h0[12], h0[13], h0[14], h0[15], h0[16], h0[17], h0[18], h0[19], h0[20], h0[21], h0[22], h0[23], h0[24], h0[25], h0[26], h0[27], h0[28], h0[29], h0[30], h0[31], h1[0], h1[1], h1[2], h1[3], h1[4], h1[5], h1[6], h1[7], h1[8], h1[9], h1[10], h1[11], h1[12], h1[13], h1[14], h1[15], h1[16], h1[17], h1[18], h1[19], h1[20], h1[21], h1[22], h1[23], h1[24], h1[25], h1[26], h1[27], h1[28], h1[29], h1[30], h1[31], h2[0], h2[1], h2[2], h2[3], h2[4], h2[5], h2[6], h2[7], h2[8], h2[9], h2[10], h2[11], h2[12], h2[13], h2[14], h2[15], h2[16], h2[17], h2[18], h2[19], h2[20], h2[21], h2[22], h2[23], h2[24], h2[25], h2[26], h2[27], h2[28], h2[29], h2[30], h2[31], h3[0], h3[1], h3[2], h3[3], h3[4], h3[5], h3[6], h3[7], h3[8], h3[9], h3[10], h3[11], h3[12], h3[13], h3[14], h3[15], h3[16], h3[17], h3[18], h3[19], h3[20], h3[21], h3[22], h3[23], h3[24], h3[25], h3[26], h3[27], h3[28], h3[29], h3[30], h3[31], h4[0], h4[1], h4[2], h4[3], h4[4], h4[5], h4[6], h4[7], h4[8], h4[9], h4[10], h4[11], h4[12], h4[13], h4[14], h4[15], h4[16], h4[17], h4[18], h4[19], h4[20], h4[21], h4[22], h4[23], h4[24], h4[25], h4[26], h4[27], h4[28], h4[29], h4[30], h4[31], h5[0], h5[1], h5[2], h5[3], h5[4], h5[5], h5[6], h5[7], h5[8], h5[9], h5[10], h5[11], h5[12], h5[13], h5[14], h5[15], h5[16], h5[17], h5[18], h5[19], h5[20], h5[21], h5[22], h5[23], h5[24], h5[25], h5[26], h5[27], h5[28], h5[29], h5[30], h5[31], h6[0], h6[1], h6[2], h6[3], h6[4], h6[5], h6[6], h6[7], h6[8], h6[9], h6[10], h6[11], h6[12], h6[13], h6[14], h6[15], h6[16], h6[17], h6[18], h6[19], h6[20], h6[21], h6[22], h6[23], h6[24], h6[25], h6[26], h6[27], h6[28], h6[29], h6[30], h6[31], h7[0], h7[1], h7[2], h7[3], h7[4], h7[5], h7[6], h7[7], h7[8], h7[9], h7[10], h7[11], h7[12], h7[13], h7[14], h7[15], h7[16], h7[17], h7[18], h7[19], h7[20], h7[21], h7[22], h7[23], h7[24], h7[25], h7[26], h7[27], h7[28], h7[29], h7[30], h7[31]] + return IV \ No newline at end of file diff --git a/stdlib/sha256/run.sh b/stdlib/sha256/run.sh deleted file mode 100755 index 848c586d..00000000 --- a/stdlib/sha256/run.sh +++ /dev/null @@ -1,7 +0,0 @@ -# (cd ..; ./mybuild.sh) -# rsync -avzP --delete --exclude=target --exclude=.git ~/ZoKrates_mac/ ~/ZoKrates -rsync -avzP --delete --exclude=target --exclude=Cargo.toml --exclude=.git ~/ZoKrates_mac/ ~/ZoKrates -(cd ..; cargo build) -ln -s ../../target/debug/zokrates . -./zokrates compile -i single_test.code 2>&1 | tee debugcomp -./zokrates compute-witness 2>&1 | tee debugwit \ No newline at end of file diff --git a/stdlib/sha256/sha_round.code b/stdlib/sha256/sha_round.code index 6759f860..a2ee2351 100644 --- a/stdlib/sha256/sha_round.code +++ b/stdlib/sha256/sha_round.code @@ -2,8 +2,12 @@ import "LIBSNARK/sha256round" as sha256 def main(field[256] a, field[256] b, field[256] IV) -> (field[256]): + // a and b is NOT checked to be of type bool + // IV vector is checked to be of type bool + o255, o254, o253, o252, o251, o250, o249, o248, o247, o246, o245, o244, o243, o242, o241, o240, o239, o238, o237, o236, o235, o234, o233, o232, o231, o230, o229, o228, o227, o226, o225, o224, o223, o222, o221, o220, o219, o218, o217, o216, o215, o214, o213, o212, o211, o210, o209, o208, o207, o206, o205, o204, o203, o202, o201, o200, o199, o198, o197, o196, o195, o194, o193, o192, o191, o190, o189, o188, o187, o186, o185, o184, o183, o182, o181, o180, o179, o178, o177, o176, o175, o174, o173, o172, o171, o170, o169, o168, o167, o166, o165, o164, o163, o162, o161, o160, o159, o158, o157, o156, o155, o154, o153, o152, o151, o150, o149, o148, o147, o146, o145, o144, o143, o142, o141, o140, o139, o138, o137, o136, o135, o134, o133, o132, o131, o130, o129, o128, o127, o126, o125, o124, o123, o122, o121, o120, o119, o118, o117, o116, o115, o114, o113, o112, o111, o110, o109, o108, o107, o106,o105, o104, o103, o102, o101, o100, o99, o98, o97, o96, o95, o94, o93, o92, o91, o90, o89, o88, o87, o86, o85, o84, o83, o82, o81, o80, o79, o78, o77, o76, o75, o74, o73, o72, o71, o70, o69, o68, o67, o66, o65, o64, o63, o62, o61, o60, o59, o58, o57, o56, o55, o54, o53, o52, o51, o50, o49, o48, o47, o46, o45, o44, o43, o42, o41, o40, o39, o38, o37, o36, o35, o34, o33, o32, o31, o30, o29, o28, o27, o26, o25, o24, o23, o22, o21, o20, o19, o18, o17, o16, o15, o14, o13, o12, o11, o10, o9, o8, o7, o6, o5, o4, o3, o2, o1, o0 = sha256(a[0], a[1], a[2], a[3], a[4], a[5], a[6], a[7], a[8], a[9], a[10], a[11], a[12], a[13], a[14], a[15], a[16], a[17], a[18], a[19], a[20], a[21], a[22], a[23], a[24], a[25], a[26], a[27], a[28], a[29], a[30], a[31], a[32], a[33], a[34], a[35], a[36], a[37], a[38], a[39], a[40], a[41], a[42], a[43], a[44], a[45], a[46], a[47], a[48], a[49], a[50], a[51], a[52], a[53], a[54], a[55], a[56], a[57], a[58], a[59], a[60], a[61], a[62], a[63], a[64], a[65], a[66], a[67], a[68], a[69], a[70], a[71], a[72], a[73], a[74], a[75], a[76], a[77], a[78], a[79], a[80], a[81], a[82], a[83], a[84], a[85], a[86], a[87], a[88], a[89], a[90], a[91], a[92], a[93], a[94], a[95], a[96], a[97], a[98], a[99], a[100], a[101], a[102], a[103], a[104], a[105], a[106], a[107], a[108], a[109], a[110], a[111], a[112], a[113], a[114], a[115], a[116], a[117], a[118], a[119], a[120], a[121], a[122], a[123], a[124], a[125], a[126], a[127], a[128], a[129], a[130], a[131], a[132], a[133], a[134], a[135], a[136], a[137], a[138], a[139], a[140], a[141], a[142], a[143], a[144], a[145], a[146], a[147], a[148], a[149], a[150], a[151], a[152], a[153], a[154], a[155], a[156], a[157], a[158], a[159], a[160], a[161], a[162], a[163], a[164], a[165], a[166], a[167], a[168], a[169], a[170], a[171], a[172], a[173], a[174], a[175], a[176], a[177], a[178], a[179], a[180], a[181], a[182], a[183], a[184], a[185], a[186], a[187], a[188], a[189], a[190], a[191], a[192], a[193], a[194], a[195], a[196], a[197], a[198], a[199], a[200], a[201], a[202], a[203], a[204], a[205], a[206], a[207], a[208], a[209], a[210], a[211], a[212], a[213], a[214], a[215], a[216], a[217], a[218], a[219], a[220], a[221], a[222], a[223], a[224], a[225], a[226], a[227], a[228], a[229], a[230], a[231], a[232], a[233], a[234], a[235], a[236], a[237], a[238], a[239], a[240], a[241], a[242], a[243], a[244], a[245], a[246], a[247], a[248], a[249], a[250], a[251], a[252], a[253], a[254], a[255], b[0], b[1], b[2], b[3], b[4], b[5], b[6], b[7], b[8], b[9], b[10], b[11], b[12], b[13], b[14], b[15], b[16], b[17], b[18], b[19], b[20], b[21], b[22], b[23], b[24], b[25], b[26], b[27], b[28], b[29], b[30], b[31], b[32], b[33], b[34], b[35], b[36], b[37], b[38], b[39], b[40], b[41], b[42], b[43], b[44], b[45], b[46], b[47], b[48], b[49], b[50], b[51], b[52], b[53], b[54], b[55], b[56], b[57], b[58], b[59], b[60], b[61], b[62], b[63], b[64], b[65], b[66], b[67], b[68], b[69], b[70], b[71], b[72], b[73], b[74], b[75], b[76], b[77], b[78], b[79], b[80], b[81], b[82], b[83], b[84], b[85], b[86], b[87], b[88], b[89], b[90], b[91], b[92], b[93], b[94], b[95], b[96], b[97], b[98], b[99], b[100], b[101], b[102], b[103], b[104], b[105], b[106], b[107], b[108], b[109], b[110], b[111], b[112], b[113], b[114], b[115], b[116], b[117], b[118], b[119], b[120], b[121], b[122], b[123], b[124], b[125], b[126], b[127], b[128], b[129], b[130], b[131], b[132], b[133], b[134], b[135], b[136], b[137], b[138], b[139], b[140], b[141], b[142], b[143], b[144], b[145], b[146], b[147], b[148], b[149], b[150], b[151], b[152], b[153], b[154], b[155], b[156], b[157], b[158], b[159], b[160], b[161], b[162], b[163], b[164], b[165], b[166], b[167], b[168], b[169], b[170], b[171], b[172], b[173], b[174], b[175], b[176], b[177], b[178], b[179], b[180], b[181], b[182], b[183], b[184], b[185], b[186], b[187], b[188], b[189], b[190], b[191], b[192], b[193], b[194], b[195], b[196], b[197], b[198], b[199], b[200], b[201], b[202], b[203], b[204], b[205], b[206], b[207], b[208], b[209], b[210], b[211], b[212], b[213], b[214], b[215], b[216], b[217], b[218], b[219], b[220], b[221], b[222], b[223], b[224], b[225], b[226], b[227], b[228], b[229], b[230], b[231], b[232], b[233], b[234], b[235], b[236], b[237], b[238], b[239], b[240], b[241], b[242], b[243], b[244], b[245], b[246], b[247], b[248], b[249], b[250], b[251], b[252], b[253], b[254], b[255], IV[0], IV[1], IV[2], IV[3], IV[4], IV[5], IV[6], IV[7], IV[8], IV[9], IV[10], IV[11], IV[12], IV[13], IV[14], IV[15], IV[16], IV[17], IV[18], IV[19], IV[20], IV[21], IV[22], IV[23], IV[24], IV[25], IV[26], IV[27], IV[28], IV[29], IV[30], IV[31], IV[32], IV[33], IV[34], IV[35], IV[36], IV[37], IV[38], IV[39], IV[40], IV[41], IV[42], IV[43], IV[44], IV[45], IV[46], IV[47], IV[48], IV[49], IV[50], IV[51], IV[52], IV[53], IV[54], IV[55], IV[56], IV[57], IV[58], IV[59], IV[60], IV[61], IV[62], IV[63], IV[64], IV[65], IV[66], IV[67], IV[68], IV[69], IV[70], IV[71], IV[72], IV[73], IV[74], IV[75], IV[76], IV[77], IV[78], IV[79], IV[80], IV[81], IV[82], IV[83], IV[84], IV[85], IV[86], IV[87], IV[88], IV[89], IV[90], IV[91], IV[92], IV[93], IV[94], IV[95], IV[96], IV[97], IV[98], IV[99], IV[100], IV[101], IV[102], IV[103], IV[104], IV[105], IV[106], IV[107], IV[108], IV[109], IV[110], IV[111], IV[112], IV[113], IV[114], IV[115], IV[116], IV[117], IV[118], IV[119], IV[120], IV[121], IV[122], IV[123], IV[124], IV[125], IV[126], IV[127], IV[128], IV[129], IV[130], IV[131], IV[132], IV[133], IV[134], IV[135], IV[136], IV[137], IV[138], IV[139], IV[140], IV[141], IV[142], IV[143], IV[144], IV[145], IV[146], IV[147], IV[148], IV[149], IV[150], IV[151], IV[152], IV[153], IV[154], IV[155], IV[156], IV[157], IV[158], IV[159], IV[160], IV[161], IV[162], IV[163], IV[164], IV[165], IV[166], IV[167], IV[168], IV[169], IV[170], IV[171], IV[172], IV[173], IV[174], IV[175], IV[176], IV[177], IV[178], IV[179], IV[180], IV[181], IV[182], IV[183], IV[184], IV[185], IV[186], IV[187], IV[188], IV[189], IV[190], IV[191], IV[192], IV[193], IV[194], IV[195], IV[196], IV[197], IV[198], IV[199], IV[200], IV[201], IV[202], IV[203], IV[204], IV[205], IV[206], IV[207], IV[208], IV[209], IV[210], IV[211], IV[212], IV[213], IV[214], IV[215], IV[216], IV[217], IV[218], IV[219], IV[220], IV[221], IV[222], IV[223], IV[224], IV[225], IV[226], IV[227], IV[228], IV[229], IV[230], IV[231], IV[232], IV[233], IV[234], IV[235], IV[236], IV[237], IV[238], IV[239], IV[240], IV[241], IV[242], IV[243], IV[244], IV[245], IV[246], IV[247], IV[248], IV[249], IV[250], IV[251], IV[252], IV[253], IV[254], IV[255]) field[256] digest = [o255, o254, o253, o252, o251, o250, o249, o248, o247, o246, o245, o244, o243, o242, o241, o240, o239, o238, o237, o236, o235, o234, o233, o232, o231, o230, o229, o228, o227, o226, o225, o224, o223, o222, o221, o220, o219, o218, o217, o216, o215, o214, o213, o212, o211, o210, o209, o208, o207, o206, o205, o204, o203, o202, o201, o200, o199, o198, o197, o196, o195, o194, o193,o192, o191, o190, o189, o188, o187, o186, o185, o184, o183, o182, o181, o180, o179, o178, o177, o176, o175, o174, o173, o172, o171, o170, o169, o168, o167, o166, o165, o164, o163, o162, o161, o160, o159, o158, o157, o156, o155, o154, o153, o152, o151, o150, o149, o148, o147, o146, o145, o144, o143, o142, o141, o140, o139, o138, o137, o136, o135, o134, o133, o132, o131, o130, o129, o128, o127, o126, o125, o124, o123, o122, o121, o120, o119, o118, o117, o116, o115, o114, o113, o112, o111, o110, o109, o108, o107, o106, o105, o104, o103, o102, o101, o100, o99, o98, o97, o96, o95, o94, o93, o92, o91, o90, o89, o88, o87, o86, o85, o84, o83, o82, o81, o80, o79, o78, o77, o76, o75, o74, o73, o72, o71, o70, o69, o68, o67, o66, o65, o64, o63, o62, o61, o60, o59, o58, o57, o56, o55, o54, o53, o52, o51, o50, o49, o48, o47, o46, o45, o44, o43, o42, o41, o40, o39, o38, o37, o36, o35, o34, o33, o32, o31, o30, o29, o28, o27, o26, o25, o24, o23, o22, o21, o20, o19, o18, o17, o16, o15, o14, o13, o12, o11, o10, o9, o8, o7, o6, o5, o4, o3, o2, o1, o0] + //digest is constraint to be of type bool return digest \ No newline at end of file diff --git a/stdlib/sha256/single_round.code b/stdlib/sha256/single_round.code deleted file mode 100644 index 2900e597..00000000 --- a/stdlib/sha256/single_round.code +++ /dev/null @@ -1,15 +0,0 @@ -import "./IV_constants.code" as IVconstants -import "./sha_round.code" as sha256 - -def main(field[256] a, field[256] b) -> (field[256]): - -// for index in 0..256 do -// 1 == BOOLCHECK(a[index]) -// 1 == BOOLCHECK(b[index]) -// endfor -// - - IV = IVconstants() - digest = sha256(a, b, IV) - - return digest \ No newline at end of file diff --git a/stdlib/sha256/single_test.code b/stdlib/sha256/single_test.code deleted file mode 100644 index be4e1def..00000000 --- a/stdlib/sha256/single_test.code +++ /dev/null @@ -1,45 +0,0 @@ -import "./IV_constants.code" as IVConstant -//import "LIBSNARK/sha256round" as sha256 -//import "LIBSNARK/sha256compression" as sha256 -//import "LIBSNARK/sha256" as sha256 -//import "./single_round.code" as sha256 -//import "./sha_round.code" as sha256 -import "./full_round.code" as sha256 - -//def main(field[256] a, field[256] b) -> (field): -//def main() -> (field): -// for index in 0..256 do -// 1 == BOOLCHECK(a[index]) -// 1 == BOOLCHECK(b[index]) -// endfor - - // h0, h1, h2, h3, h4, h5, h6, h7 = sha256round(a, b, h0, h1, h2, h3, h4, h5, h6, h7) - -//o255, o254, o253, o252, o251, o250, o249, o248, o247, o246, o245, o244, o243, o242, o241, o240, o239, o238, o237, o236, o235, o234, o233, o232, o231, o230, o229, o228, o227, o226, o225, o224, o223, o222, o221, o220, o219, o218, o217, o216, o215, o214, o213, o212, o211, o210, o209, o208, o207, o206, o205, o204, o203, o202, o201, o200, o199, o198, o197, o196, o195, o194, o193, o192, o191, o190, o189, o188, o187, o186, o185, o184, o183, o182, o181, o180, o179, o178, o177, o176, o175, o174, o173, o172, o171, o170, o169, o168, o167, o166, o165, o164, o163, o162, o161, o160, o159, o158, o157, o156, o155, o154, o153, o152, o151, o150, o149, o148, o147, o146, o145, o144, o143, o142, o141, o140, o139, o138, o137, o136, o135, o134, o133, o132, o131, o130, o129, o128, o127, o126, o125, o124, o123, o122, o121, o120, o119, o118, o117, o116, o115, o114, o113, o112, o111, o110, o109, o108, o107, o106,o105, o104, o103, o102, o101, o100, o99, o98, o97, o96, o95, o94, o93, o92, o91, o90, o89, o88, o87, o86, o85, o84, o83, o82, o81, o80, o79, o78, o77, o76, o75, o74, o73, o72, o71, o70, o69, o68, o67, o66, o65, o64, o63, o62, o61, o60, o59, o58, o57, o56, o55, o54, o53, o52, o51, o50, o49, o48, o47, o46, o45, o44, o43, o42, o41, o40, o39, o38, o37, o36, o35, o34, o33, o32, o31, o30, o29, o28, o27, o26, o25, o24, o23, o22, o21, o20, o19, o18, o17, o16, o15, o14, o13, o12, o11, o10, o9, o8, o7, o6, o5, o4, o3, o2, o1, o0 = sha256round(0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,1,0,0,0,0,0,0,0,1,1,0,0,0,0,0,1,0,0,0,0,0,0,0,1,0,1,0,0,0,0,0,1,1,0,0,0,0,0,0,1,1,1,0,0,0,0,1,0,0,0,0,0,0,0,1,0,0,1,0,0,0,0,1,0,1,0,0,0,0,0,1,0,1,1,0,0,0,0,1,1,0,0,0,0,0,0,1,1,0,1,0,0,0,0,1,1,1,0,0,0,0,0,1,1,1,1,0,0,0,1,0,0,0,0,0,0,0,1,0,0,0,1,0,0,0,1,0,0,1,0,0,0,0,1,0,0,1,1,0,0,0,1,0,1,0,0,0,0,0,1,0,1,0,1,0,0,0,1,0,1,1,0,0,0,0,1,0,1,1,1,0,0,0,1,1,0,0,0,0,0,0,1,1,0,0,1,0,0,0,1,1,0,1,0,0,0,0,1,1,0,1,1,0,0,0,1,1,1,0,0,0,0,0,1,1,1,0,1,0,0,0,1,1,1,1,0,0,0,0,1,1,1,1,1,0,0,1,0,0,0,0,0,0,0,1,0,0,0,0,1,0,0,1,0,0,0,1,0,0,0,1,0,0,0,1,1,0,0,1,0,0,1,0,0,0,0,1,0,0,1,0,1,0,0,1,0,0,1,1,0,0,0,1,0,0,1,1,1,0,0,1,0,1,0,0,0,0,0,1,0,1,0,0,1,0,0,1,0,1,0,1,0,0,0,1,0,1,0,1,1,0,0,1,0,1,1,0,0,0,0,1,0,1,1,0,1,0,0,1,0,1,1,1,0,0,0,1,0,1,1,1,1,0,0,1,1,0,0,0,0,0,0,1,1,0,0,0,1,0,0,1,1,0,0,1,0,0,0,1,1,0,0,1,1,0,0,1,1,0,1,0,0,0,0,1,1,0,1,0,1,0,0,1,1,0,1,1,0,0,0,1,1,0,1,1,1,0,0,1,1,1,0,0,0,0,0,1,1,1,0,0,1,0,0,1,1,1,0,1,0,0,0,1,1,1,0,1,1,0,0,1,1,1,1,0,0,0,0,1,1,1,1,0,1,0,0,1,1,1,1,1,0,0,0,1,1,1,1,1,0) -//h0[0], h0[1], h0[2], h0[3], h0[4], h0[5], h0[6], h0[7], h0[8], h0[9], h0[10], h0[11], h0[12], h0[13], h0[14], h0[15], h0[16], h0[17], h0[18], h0[19], h0[20], h0[21], h0[22], h0[23], h0[24], h0[25], h0[26], h0[27], h0[28], h0[29], h0[30], h0[31], h1[0], h1[1], h1[2], h1[3], h1[4], h1[5], h1[6], h1[7], h1[8], h1[9], h1[10], h1[11], h1[12], h1[13], h1[14], h1[15], h1[16], h1[17], h1[18], h1[19], h1[20], h1[21], h1[22], h1[23], h1[24], h1[25], h1[26], h1[27], h1[28], h1[29], h1[30], h1[31], h2[0], h2[1], h2[2], h2[3], h2[4], h2[5], h2[6], h2[7], h2[8], h2[9], h2[10], h2[11], h2[12], h2[13], h2[14], h2[15], h2[16], h2[17], h2[18], h2[19], h2[20], h2[21], h2[22], h2[23], h2[24], h2[25], h2[26], h2[27], h2[28], h2[29], h2[30], h2[31], h3[0], h3[1], h3[2], h3[3], h3[4], h3[5], h3[6], h3[7], h3[8], h3[9], h3[10], h3[11], h3[12], h3[13], h3[14], h3[15], h3[16], h3[17], h3[18], h3[19], h3[20], h3[21], h3[22], h3[23], h3[24], h3[25], h3[26], h3[27], h3[28], h3[29], h3[30], h3[31], h4[0], h4[1], h4[2], h4[3], h4[4], h4[5], h4[6], h4[7], h4[8], h4[9], h4[10], h4[11], h4[12], h4[13], h4[14], h4[15], h4[16], h4[17], h4[18], h4[19], h4[20], h4[21], h4[22], h4[23], h4[24], h4[25], h4[26], h4[27], h4[28], h4[29], h4[30], h4[31], h5[0], h5[1], h5[2], h5[3], h5[4], h5[5], h5[6], h5[7], h5[8], h5[9], h5[10], h5[11], h5[12], h5[13], h5[14], h5[15], h5[16], h5[17], h5[18], h5[19], h5[20], h5[21], h5[22], h5[23], h5[24], h5[25], h5[26], h5[27], h5[28], h5[29], h5[30], h5[31], h6[0], h6[1], h6[2], h6[3], h6[4], h6[5], h6[6], h6[7], h6[8], h6[9], h6[10], h6[11], h6[12], h6[13], h6[14], h6[15], h6[16], h6[17], h6[18], h6[19], h6[20], h6[21], h6[22], h6[23], h6[24], h6[25], h6[26], h6[27], h6[28], h6[29], h6[30], h6[31], h7[0], h7[1], h7[2], h7[3], h7[4], h7[5], h7[6], h7[7], h7[8], h7[9], h7[10], h7[11], h7[12], h7[13], h7[14], h7[15], h7[16], h7[17], h7[18], h7[19], h7[20], h7[21], h7[22], h7[23], h7[24], h7[25], h7[26], h7[27], h7[28], h7[29], h7[30], h7[31]) -// field[256] hash = [o255, o254, o253, o252, o251, o250, o249, o248, o247, o246, o245, o244, o243, o242, o241, o240, o239, o238, o237, o236, o235, o234, o233, o232, o231, o230, o229, o228, o227, o226, o225, o224, o223, o222, o221, o220, o219, o218, o217, o216, o215, o214, o213, o212, o211, o210, o209, o208, o207, o206, o205, o204, o203, o202, o201, o200, o199, o198, o197, o196, o195, o194, o193,o192, o191, o190, o189, o188, o187, o186, o185, o184, o183, o182, o181, o180, o179, o178, o177, o176, o175, o174, o173, o172, o171, o170, o169, o168, o167, o166, o165, o164, o163, o162, o161, o160, o159, o158, o157, o156, o155, o154, o153, o152, o151, o150, o149, o148, o147, o146, o145, o144, o143, o142, o141, o140, o139, o138, o137, o136, o135, o134, o133, o132, o131, o130, o129, o128, o127, o126, o125, o124, o123, o122, o121, o120, o119, o118, o117, o116, o115, o114, o113, o112, o111, o110, o109, o108, o107, o106, o105, o104, o103, o102, o101, o100, o99, o98, o97, o96, o95, o94, o93, o92, o91, o90, o89, o88, o87, o86, o85, o84, o83, o82, o81, o80, o79, o78, o77, o76, o75, o74, o73, o72, o71, o70, o69, o68, o67, o66, o65, o64, o63, o62, o61, o60, o59, o58, o57, o56, o55, o54, o53, o52, o51, o50, o49, o48, o47, o46, o45, o44, o43, o42, o41, o40, o39, o38, o37, o36, o35, o34, o33, o32, o31, o30, o29, o28, o27, o26, o25, o24, o23, o22, o21, o20, o19, o18, o17, o16, o15, o14, o13, o12, o11, o10, o9, o8, o7, o6, o5, o4, o3, o2, o1, o0] - -// ORIGINAL EXAMPLE -//def main() -> (field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field): -// // h0, h1, h2, h3, h4, h5, h6, h7 = IVConstant() -// o255, o254, o253, o252, o251, o250, o249, o248, o247, o246, o245, o244, o243, o242, o241, o240, o239, o238, o237, o236, o235, o234, o233, o232, o231, o230, o229, o228, o227, o226, o225, o224, o223, o222, o221, o220, o219, o218, o217, o216, o215, o214, o213, o212, o211, o210, o209, o208, o207, o206, o205, o204, o203, o202, o201, o200, o199, o198, o197, o196, o195, o194, o193, o192, o191, o190, o189, o188, o187, o186, o185, o184, o183, o182, o181, o180, o179, o178, o177, o176, o175, o174, o173, o172, o171, o170, o169, o168, o167, o166, o165, o164, o163, o162, o161, o160, o159, o158, o157, o156, o155, o154, o153, o152, o151, o150, o149, o148, o147, o146, o145, o144, o143, o142, o141, o140, o139, o138, o137, o136, o135, o134, o133, o132, o131, o130, o129, o128, o127, o126, o125, o124, o123, o122, o121, o120, o119, o118, o117, o116, o115, o114, o113, o112, o111, o110, o109, o108, o107, o106, o105, o104, o103, o102, o101, o100, o99, o98, o97, o96, o95, o94, o93, o92, o91, o90, o89, o88, o87, o86, o85, o84, o83, o82, o81, o80, o79, o78, o77, o76, o75, o74, o73, o72, o71, o70, o69, o68, o67, o66, o65, o64, o63, o62, o61, o60, o59, o58, o57, o56, o55, o54, o53, o52, o51, o50, o49, o48, o47, o46, o45, o44, o43, o42, o41, o40, o39, o38, o37, o36, o35, o34, o33, o32, o31, o30, o29, o28, o27, o26, o25, o24, o23, o22, o21, o20, o19, o18, o17, o16, o15, o14, o13, o12, o11, o10, o9, o8, o7, o6, o5, o4, o3, o2, o1, o0 = sha256(0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0) -// return o255, o254, o253, o252, o251, o250, o249, o248, o247, o246, o245, o244, o243, o242, o241, o240, o239, o238, o237, o236, o235, o234, o233, o232, o231, o230, o229, o228, o227, o226, o225, o224, o223, o222, o221, o220, o219, o218, o217, o216, o215, o214, o213, o212, o211, o210, o209, o208, o207, o206, o205, o204, o203, o202, o201, o200, o199, o198, o197, o196, o195, o194, o193, o192, o191, o190, o189, o188, o187, o186, o185, o184, o183, o182, o181, o180, o179, o178, o177, o176, o175, o174, o173, o172, o171, o170, o169, o168, o167, o166, o165, o164, o163, o162, o161, o160, o159, o158, o157, o156, o155, o154, o153, o152, o151, o150, o149, o148, o147, o146, o145, o144, o143, o142, o141, o140, o139, o138, o137, o136, o135, o134, o133, o132, o131, o130, o129, o128, o127, o126, o125, o124, o123, o122, o121, o120, o119, o118, o117, o116, o115, o114, o113, o112, o111, o110, o109, o108, o107, o106, o105, o104, o103, o102, o101, o100, o99, o98, o97, o96, o95, o94, o93, o92, o91, o90, o89, o88, o87, o86, o85, o84, o83, o82, o81, o80, o79, o78, o77, o76, o75, o74, o73, o72, o71, o70, o69, o68, o67, o66, o65, o64, o63, o62, o61, o60, o59, o58, o57, o56, o55, o54, o53, o52, o51, o50, o49, o48, o47, o46, o45, o44, o43, o42, o41, o40, o39, o38, o37, o36, o35, o34, o33, o32, o31, o30, o29, o28, o27, o26, o25, o24, o23, o22, o21, o20, o19, o18, o17, o16, o15, o14, o13, o12, o11, o10, o9, o8, o7, o6, o5, o4, o3, o2, o1, o0 - -//FULL IV appended -//def main() -> (field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field): -// // h0, h1, h2, h3, h4, h5, h6, h7 = IVConstant() -// o255, o254, o253, o252, o251, o250, o249, o248, o247, o246, o245, o244, o243, o242, o241, o240, o239, o238, o237, o236, o235, o234, o233, o232, o231, o230, o229, o228, o227, o226, o225, o224, o223, o222, o221, o220, o219, o218, o217, o216, o215, o214, o213, o212, o211, o210, o209, o208, o207, o206, o205, o204, o203, o202, o201, o200, o199, o198, o197, o196, o195, o194, o193, o192, o191, o190, o189, o188, o187, o186, o185, o184, o183, o182, o181, o180, o179, o178, o177, o176, o175, o174, o173, o172, o171, o170, o169, o168, o167, o166, o165, o164, o163, o162, o161, o160, o159, o158, o157, o156, o155, o154, o153, o152, o151, o150, o149, o148, o147, o146, o145, o144, o143, o142, o141, o140, o139, o138, o137, o136, o135, o134, o133, o132, o131, o130, o129, o128, o127, o126, o125, o124, o123, o122, o121, o120, o119, o118, o117, o116, o115, o114, o113, o112, o111, o110, o109, o108, o107, o106, o105, o104, o103, o102, o101, o100, o99, o98, o97, o96, o95, o94, o93, o92, o91, o90, o89, o88, o87, o86, o85, o84, o83, o82, o81, o80, o79, o78, o77, o76, o75, o74, o73, o72, o71, o70, o69, o68, o67, o66, o65, o64, o63, o62, o61, o60, o59, o58, o57, o56, o55, o54, o53, o52, o51, o50, o49, o48, o47, o46, o45, o44, o43, o42, o41, o40, o39, o38, o37, o36, o35, o34, o33, o32, o31, o30, o29, o28, o27, o26, o25, o24, o23, o22, o21, o20, o19, o18, o17, o16, o15, o14, o13, o12, o11, o10, o9, o8, o7, o6, o5, o4, o3, o2, o1, o0 = sha256(0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,1,0,1,1,0,1,0,1,0,0,0,0,0,1,0,0,1,1,1,1,0,0,1,1,0,0,1,1,0,0,1,1,1,1,0,1,1,1,0,1,1,0,1,1,0,0,1,1,1,1,0,1,0,1,1,1,0,1,0,0,0,0,1,0,1,0,0,1,1,1,1,0,0,0,1,1,0,1,1,1,0,1,1,1,1,0,0,1,1,0,1,1,1,0,0,1,0,1,0,1,0,0,1,0,1,0,1,0,0,1,1,1,1,1,1,1,1,0,1,0,1,0,0,1,1,1,0,1,0,0,1,0,1,0,0,0,1,0,0,0,0,1,1,1,0,0,1,0,1,0,0,1,0,0,1,1,1,1,1,1,1,1,0,0,1,1,0,1,1,0,0,0,0,0,1,0,1,0,1,1,0,1,0,0,0,1,0,0,0,1,1,0,0,0,0,0,1,1,1,1,1,1,0,0,0,0,0,1,1,1,1,0,1,1,0,0,1,1,0,1,0,1,0,1,1,0,1,0,1,1,0,1,1,1,1,1,0,0,0,0,0,1,1,0,0,1,1,0,1,0,0,0,1,1,0,0,1) -// return o255, o254, o253, o252, o251, o250, o249, o248, o247, o246, o245, o244, o243, o242, o241, o240, o239, o238, o237, o236, o235, o234, o233, o232, o231, o230, o229, o228, o227, o226, o225, o224, o223, o222, o221, o220, o219, o218, o217, o216, o215, o214, o213, o212, o211, o210, o209, o208, o207, o206, o205, o204, o203, o202, o201, o200, o199, o198, o197, o196, o195, o194, o193, o192, o191, o190, o189, o188, o187, o186, o185, o184, o183, o182, o181, o180, o179, o178, o177, o176, o175, o174, o173, o172, o171, o170, o169, o168, o167, o166, o165, o164, o163, o162, o161, o160, o159, o158, o157, o156, o155, o154, o153, o152, o151, o150, o149, o148, o147, o146, o145, o144, o143, o142, o141, o140, o139, o138, o137, o136, o135, o134, o133, o132, o131, o130, o129, o128, o127, o126, o125, o124, o123, o122, o121, o120, o119, o118, o117, o116, o115, o114, o113, o112, o111, o110, o109, o108, o107, o106, o105, o104, o103, o102, o101, o100, o99, o98, o97, o96, o95, o94, o93, o92, o91, o90, o89, o88, o87, o86, o85, o84, o83, o82, o81, o80, o79, o78, o77, o76, o75, o74, o73, o72, o71, o70, o69, o68, o67, o66, o65, o64, o63, o62, o61, o60, o59, o58, o57, o56, o55, o54, o53, o52, o51, o50, o49, o48, o47, o46, o45, o44, o43, o42, o41, o40, o39, o38, o37, o36, o35, o34, o33, o32, o31, o30, o29, o28, o27, o26, o25, o24, o23, o22, o21, o20, o19, o18, o17, o16, o15, o14, o13, o12, o11, o10, o9, o8, o7, o6, o5, o4, o3, o2, o1, o0 - - // return 1 - -def main() -> (field[256]): - - field[256] a = [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0] - field[256] b = [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 1] - //field[256] IV = [0, 1, 1, 0, 1, 0, 1, 0, 0, 0, 0, 0, 1, 0, 0, 1, 1, 1, 1, 0, 0, 1, 1, 0, 0, 1, 1, 0, 0, 1, 1, 1, 1, 0, 1, 1, 1, 0, 1, 1, 0, 1, 1, 0, 0, 1, 1, 1, 1, 0, 1, 0, 1, 1, 1, 0, 1, 0, 0, 0, 0, 1, 0, 1, 0, 0, 1, 1, 1, 1, 0, 0, 0, 1, 1, 0, 1, 1, 1, 0, 1, 1, 1, 1, 0, 0, 1, 1, 0, 1, 1, 1, 0, 0, 1, 0, 1, 0, 1, 0, 0, 1, 0, 1, 0, 1, 0, 0, 1, 1, 1, 1, 1, 1, 1, 1, 0, 1, 0, 1, 0, 0, 1, 1, 1, 0, 1, 0, 0, 1, 0, 1, 0, 0, 0, 1, 0, 0, 0, 0, 1, 1, 1, 0, 0, 1, 0, 1, 0, 0, 1, 0, 0, 1, 1, 1, 1, 1, 1, 1, 1, 0, 0, 1, 1, 0, 1, 1, 0, 0, 0, 0, 0, 1, 0, 1, 0, 1, 1, 0, 1, 0, 0, 0, 1, 0, 0, 0, 1, 1, 0, 0, 0, 0, 0, 1, 1, 1, 1, 1, 1, 0, 0, 0, 0, 0, 1, 1, 1, 1, 0, 1, 1, 0, 0, 1, 1, 0, 1, 0, 1, 0, 1, 1, 0, 1, 0, 1, 1, 0, 1, 1, 1, 1, 1, 0, 0, 0, 0, 0, 1, 1, 0, 0, 1, 1, 0, 1, 0, 0, 0, 1, 1, 0, 0, 1] - - //digest = sha256(a, b, IV) - digest = sha256(a, b) - - return digest diff --git a/zokrates_book/src/sha256example.md b/zokrates_book/src/sha256example.md index dbf6d368..5eeb9471 100644 --- a/zokrates_book/src/sha256example.md +++ b/zokrates_book/src/sha256example.md @@ -13,10 +13,10 @@ Make sure you have followed the instructions in the [Getting Started](gettingsta We will start this tutorial by using ZoKrates to compute the hash for an arbitrarily chosen preimage, being the number `5` in this example. -First, we create a new file named `hashexample.code` with the following content: +First, make sure that the `zokrates` binary is located in the `ZoKrates` directory. Then, we create a new file named `hashexample.code` with the following content: ```zokrates -import "LIBSNARK/sha256packed" +import "./stdlib/sha256/512_packed.code" as sha256packed def main(private field a, private field b, private field c, private field d) -> (field, field): h0, h1 = sha256packed(a, b, c, d) @@ -74,7 +74,7 @@ To make it work, the two parties have to follow their roles in the protocol: First, Victor has to specify what hash he is interested in. Therefore, we have to adjust the zkSNARK circuit, compiled by ZoKrates, such that in addition to computing the digest, it also validates it against the digest of interest, provided by Victor. This leads to the following update for `hashexample.code`: ```zokrates -import "LIBSNARK/sha256packed" +import "./stdlib/sha256/512_packed.code" as sha256packed def main(private field a, private field b, private field c, private field d) -> (field): h0, h1 = sha256packed(a, b, c, d) diff --git a/zokrates_core/lib/wraplibsnarkgadgets.cpp b/zokrates_core/lib/wraplibsnarkgadgets.cpp index d2c6d8c0..e337418f 100644 --- a/zokrates_core/lib/wraplibsnarkgadgets.cpp +++ b/zokrates_core/lib/wraplibsnarkgadgets.cpp @@ -76,7 +76,6 @@ std::string r1cs_to_json(protoboard pb) { r1cs_constraint_system constraints = pb.get_constraint_system(); std::stringstream ss; - std::stringstream ss; ss << "{\"variable_count\":"; ss << pb.num_variables() + 1; // ~one is not counted in pb.num_variables() @@ -136,7 +135,7 @@ public: pb_variable_array& myIV, pb_variable_array& a, pb_variable_array& b, - std::shared_ptr> result + digest_variable &result ) : gadget(pb, "sha256round") { block.reset(new block_variable(pb, { @@ -148,7 +147,7 @@ public: pb, myIV, block->bits, - *result, + result, "hasher")); } @@ -173,12 +172,13 @@ char* _sha256RoundConstraints() digest_variable IV(pb, 256, "IV"); - std::shared_ptr> output; - output.reset(new digest_variable(pb, 256, "output")); + digest_variable output(pb, 256, "output"); + + IV.generate_r1cs_constraints(); //binary check for IV vector + output.generate_r1cs_constraints(); //binary check for output vector sha256round g(pb, IV.bits, left, right, output); - g.generate_r1cs_constraints(); - IV.generate_r1cs_constraints(); + g.generate_r1cs_constraints(); auto json = r1cs_to_json(pb); @@ -189,6 +189,7 @@ char* _sha256RoundConstraints() char* _sha256RoundWitness(const uint8_t* inputs, int inputs_length) { + assert(inputs_length==768); libff::alt_bn128_pp::init_public_params(); protoboard pb; @@ -200,8 +201,7 @@ char* _sha256RoundWitness(const uint8_t* inputs, int inputs_length) digest_variable IV(pb, 256, "IV"); - std::shared_ptr> output; - output.reset(new digest_variable(pb, 256, "output")); + digest_variable output(pb, 256, "output"); libff::bit_vector left_bv; libff::bit_vector right_bv; @@ -219,18 +219,12 @@ char* _sha256RoundWitness(const uint8_t* inputs, int inputs_length) IV_bv.push_back(libsnarkBigintFromBytesAux(inputs + i*32) == 1); } - // for (int i = 512; i < 612; i++) { - // IV_bv.push_back(libsnarkBigintFromBytesAux(inputs + i*32) == 1); - // } - // left.fill_with_bits(pb, left_bv); right.fill_with_bits(pb, right_bv); - // IV.fill_with_bits(pb, IV_bv); - IV.generate_r1cs_constraints(); + IV.generate_r1cs_witness(IV_bv); sha256round g(pb, IV.bits, left, right, output); - g.generate_r1cs_constraints(); g.generate_r1cs_witness(); assert(pb.is_satisfied()); diff --git a/zokrates_core/src/helpers/mod.rs b/zokrates_core/src/helpers/mod.rs index 819312ad..de427375 100644 --- a/zokrates_core/src/helpers/mod.rs +++ b/zokrates_core/src/helpers/mod.rs @@ -81,7 +81,6 @@ pub trait Signed { impl Executable for Helper { fn execute(&self, inputs: &Vec) -> Result, String> { let (expected_input_count, expected_output_count) = self.get_signature(); - println!("#Debug Executable {},{}", inputs.len(), expected_input_count ); assert!(inputs.len() == expected_input_count); let result = match self { From 809e2f40181ba71672711e522c4d50f38459d114 Mon Sep 17 00:00:00 2001 From: sdeml Date: Tue, 15 Jan 2019 11:53:06 +0100 Subject: [PATCH 12/30] fix fmt --- zokrates_core/src/helpers/libsnark_gadget.rs | 4 ++-- zokrates_core/src/helpers/mod.rs | 2 +- zokrates_core/src/imports.rs | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/zokrates_core/src/helpers/libsnark_gadget.rs b/zokrates_core/src/helpers/libsnark_gadget.rs index 73451f30..27fea433 100644 --- a/zokrates_core/src/helpers/libsnark_gadget.rs +++ b/zokrates_core/src/helpers/libsnark_gadget.rs @@ -7,7 +7,7 @@ use zokrates_field::field::Field; #[derive(Clone, PartialEq, Debug, Serialize, Deserialize)] pub enum LibsnarkGadgetHelper { - Sha256Round + Sha256Round, } impl fmt::Display for LibsnarkGadgetHelper { @@ -42,7 +42,7 @@ impl Executable for LibsnarkGadgetHelper { impl Signed for LibsnarkGadgetHelper { fn get_signature(&self) -> (usize, usize) { match self { - LibsnarkGadgetHelper::Sha256Round => (768, 25817) + LibsnarkGadgetHelper::Sha256Round => (768, 25817), } } } diff --git a/zokrates_core/src/helpers/mod.rs b/zokrates_core/src/helpers/mod.rs index de427375..19546720 100644 --- a/zokrates_core/src/helpers/mod.rs +++ b/zokrates_core/src/helpers/mod.rs @@ -154,7 +154,7 @@ mod tests { 0, 0, 0, 0, 0, 1, 0, 1, 0, 1, 1, 0, 1, 0, 0, 0, 1, 0, 0, 0, 1, 1, 0, 0, 0, 0, 0, 1, 1, 1, 1, 1, 1, 0, 0, 0, 0, 0, 1, 1, 1, 1, 0, 1, 1, 0, 0, 1, 1, 0, 1, 0, 1, 0, 1, 1, 0, 1, 0, 1, 1, 0, 1, 1, 1, 1, 1, 0, 0, 0, 0, 0, 1, 1, 0, 0, 1, 1, 0, 1, 0, 0, 0, 1, - 1, 0, 0, 1 + 1, 0, 0, 1, ]; let r = sha .execute(&inputs.iter().map(|&i| FieldPrime::from(i)).collect()) diff --git a/zokrates_core/src/imports.rs b/zokrates_core/src/imports.rs index afcc7fff..f2fd67d8 100644 --- a/zokrates_core/src/imports.rs +++ b/zokrates_core/src/imports.rs @@ -127,7 +127,7 @@ impl Importer { #[cfg(feature = "libsnark")] { use helpers::LibsnarkGadgetHelper; - use libsnark::{get_sha256round_constraints}; + use libsnark::get_sha256round_constraints; use serde_json::from_str; use standard::{DirectiveR1CS, R1CS}; use std::io::BufReader; From 2ce56e1e3636d63a24550455d3984e126985f06d Mon Sep 17 00:00:00 2001 From: sdeml Date: Tue, 15 Jan 2019 12:01:03 +0100 Subject: [PATCH 13/30] more fmt fixes --- zokrates_core/src/helpers/libsnark_gadget.rs | 4 ++-- zokrates_core/src/helpers/mod.rs | 14 +++++++------- zokrates_core/src/imports.rs | 1 - 3 files changed, 9 insertions(+), 10 deletions(-) diff --git a/zokrates_core/src/helpers/libsnark_gadget.rs b/zokrates_core/src/helpers/libsnark_gadget.rs index 27fea433..3daff33f 100644 --- a/zokrates_core/src/helpers/libsnark_gadget.rs +++ b/zokrates_core/src/helpers/libsnark_gadget.rs @@ -1,5 +1,5 @@ use helpers::{Executable, Signed}; -use libsnark::{get_sha256round_witness}; +use libsnark::get_sha256round_witness; use serde_json; use standard; use std::fmt; @@ -29,7 +29,7 @@ impl Executable for LibsnarkGadgetHelper { if let Err(e) = witness_result { return Err(format!("{}", e)); } - + Ok(witness_result .unwrap() .variables diff --git a/zokrates_core/src/helpers/mod.rs b/zokrates_core/src/helpers/mod.rs index 19546720..dfd8c000 100644 --- a/zokrates_core/src/helpers/mod.rs +++ b/zokrates_core/src/helpers/mod.rs @@ -146,14 +146,14 @@ mod tests { 0, 0, 1, 1, 1, 1, 1, 1, // append SHA256 IV vector (https://en.wikipedia.org/wiki/SHA-2) 0, 1, 1, 0, 1, 0, 1, 0, 0, 0, 0, 0, 1, 0, 0, 1, 1, 1, 1, 0, 0, 1, 1, 0, 0, 1, 1, 0, - 0, 1, 1, 1, 1, 0, 1, 1, 1, 0, 1, 1, 0, 1, 1, 0, 0, 1, 1, 1, 1, 0, 1, 0, 1, 1, 1, 0, + 0, 1, 1, 1, 1, 0, 1, 1, 1, 0, 1, 1, 0, 1, 1, 0, 0, 1, 1, 1, 1, 0, 1, 0, 1, 1, 1, 0, 1, 0, 0, 0, 0, 1, 0, 1, 0, 0, 1, 1, 1, 1, 0, 0, 0, 1, 1, 0, 1, 1, 1, 0, 1, 1, 1, 1, - 0, 0, 1, 1, 0, 1, 1, 1, 0, 0, 1, 0, 1, 0, 1, 0, 0, 1, 0, 1, 0, 1, 0, 0, 1, 1, 1, 1, - 1, 1, 1, 1, 0, 1, 0, 1, 0, 0, 1, 1, 1, 0, 1, 0, 0, 1, 0, 1, 0, 0, 0, 1, 0, 0, 0, 0, - 1, 1, 1, 0, 0, 1, 0, 1, 0, 0, 1, 0, 0, 1, 1, 1, 1, 1, 1, 1, 1, 0, 0, 1, 1, 0, 1, 1, - 0, 0, 0, 0, 0, 1, 0, 1, 0, 1, 1, 0, 1, 0, 0, 0, 1, 0, 0, 0, 1, 1, 0, 0, 0, 0, 0, 1, - 1, 1, 1, 1, 1, 0, 0, 0, 0, 0, 1, 1, 1, 1, 0, 1, 1, 0, 0, 1, 1, 0, 1, 0, 1, 0, 1, 1, - 0, 1, 0, 1, 1, 0, 1, 1, 1, 1, 1, 0, 0, 0, 0, 0, 1, 1, 0, 0, 1, 1, 0, 1, 0, 0, 0, 1, + 0, 0, 1, 1, 0, 1, 1, 1, 0, 0, 1, 0, 1, 0, 1, 0, 0, 1, 0, 1, 0, 1, 0, 0, 1, 1, 1, 1, + 1, 1, 1, 1, 0, 1, 0, 1, 0, 0, 1, 1, 1, 0, 1, 0, 0, 1, 0, 1, 0, 0, 0, 1, 0, 0, 0, 0, + 1, 1, 1, 0, 0, 1, 0, 1, 0, 0, 1, 0, 0, 1, 1, 1, 1, 1, 1, 1, 1, 0, 0, 1, 1, 0, 1, 1, + 0, 0, 0, 0, 0, 1, 0, 1, 0, 1, 1, 0, 1, 0, 0, 0, 1, 0, 0, 0, 1, 1, 0, 0, 0, 0, 0, 1, + 1, 1, 1, 1, 1, 0, 0, 0, 0, 0, 1, 1, 1, 1, 0, 1, 1, 0, 0, 1, 1, 0, 1, 0, 1, 0, 1, 1, + 0, 1, 0, 1, 1, 0, 1, 1, 1, 1, 1, 0, 0, 0, 0, 0, 1, 1, 0, 0, 1, 1, 0, 1, 0, 0, 0, 1, 1, 0, 0, 1, ]; let r = sha diff --git a/zokrates_core/src/imports.rs b/zokrates_core/src/imports.rs index f2fd67d8..87d0ef51 100644 --- a/zokrates_core/src/imports.rs +++ b/zokrates_core/src/imports.rs @@ -130,7 +130,6 @@ impl Importer { use libsnark::get_sha256round_constraints; use serde_json::from_str; use standard::{DirectiveR1CS, R1CS}; - use std::io::BufReader; match import.source.as_ref() { "LIBSNARK/sha256round" => { From e9bdc6dcde24664054c1b2ac4046c5e47dcd9eef Mon Sep 17 00:00:00 2001 From: sdeml Date: Tue, 15 Jan 2019 16:04:22 +0100 Subject: [PATCH 14/30] update mdbook docs --- zokrates_book/src/concepts/stdlib.md | 68 +++++++++++++++++----------- 1 file changed, 42 insertions(+), 26 deletions(-) diff --git a/zokrates_book/src/concepts/stdlib.md b/zokrates_book/src/concepts/stdlib.md index 4d46d664..41c84d46 100644 --- a/zokrates_book/src/concepts/stdlib.md +++ b/zokrates_book/src/concepts/stdlib.md @@ -1,32 +1,16 @@ ## Standard library +>**! The standard library is currently being refactored !** + +> Currently the standard library is split into two parts: +> * Global imports: these functions can be imported without specifying the correct path +> * Relative imports: these functions need the the correct relative path on the file-system + ZoKrates comes with a number of reusable components. For now, these components are: -### sha256 +### Global imports -```zokrates -import "LIBSNARK/sha256" -``` - -A function that takes 512 field elements as inputs, checks that they are all bits, and returns their sha256 hash as 256 field elements. - -### sha256compression - -```zokrates -import "LIBSNARK/sha256compression" -``` - -A function that takes 512 field elements as inputs, checks that they are all bits, and returns the result of applying the sha256 compression function on them. The difference with `sha256` is that no padding is added at the end of the message, which makes it more efficient but also less compatible with Solidity. - -### sha256packed - -```zokrates -import "LIBSNARK/sha256packed" -``` - -A function that takes 4 field elements as inputs, unpacks each of them to 128 bits (big endian), concatenates them and applies sha256. It then returns two field elements, each representing 128 bits of the result. - -### pack128 +#### pack128 ```zokrates import "PACKING/pack128" @@ -34,10 +18,42 @@ import "PACKING/pack128" Packs 128 field elements as one. -### unpack128 +#### unpack128 ```zokrates import "PACKING/unpack128" ``` +Unpacks a field element to 128 field elements. + +### Relative import +>Caution: In order to import these functions the correct relative path with respect to the zokrates binary need to be specified. + +The standard library is located at `./stdlib/` in the ZoKrates root folder. Is solely based on the ZoKrates DSL and can be easily extended. + +#### sha256 + +```zokrates +import "./stlib/512_padded.code" +``` + +A function that takes 2 `field[256]` arrays as inputs and returns their sha256 compression function as an array of 256 field elements. + +#### sha256compression +` +```zokrates +import "./stlib/512.code" +``` + +A function that takes 2 `field[256]` arrays as inputs and returns their sha256 compression function as an array of 256 field elements. +The difference with `sha256` is that no padding is added at the end of the message, which makes it more efficient but also less compatible with Solidity. + +There also is support for 2round (1024bit input) and and 3 round (1536bit input) variants, using `./stlib/1024.code` or `./stlib/1536.code` respectively. + +#### sha256packed + +```zokrates +import "./stlib/512_packed.code" +``` + +A function that takes 4 field elements as inputs, unpacks each of them to 128 bits (big endian), concatenates them and applies sha256. It then returns two field elements, each representing 128 bits of the result. -Unpacks a field element to 128 field elements. \ No newline at end of file From 02dfa019ff1082654b410da85d150426bca79295 Mon Sep 17 00:00:00 2001 From: sdeml Date: Thu, 17 Jan 2019 17:29:46 +0100 Subject: [PATCH 15/30] new test fails --- stdlib/sha256/{1024.code => 1024bit.code} | 0 stdlib/sha256/{1536.code => 1536bit.code} | 0 stdlib/sha256/{512.code => 512bit.code} | 0 .../sha256/{512_packed.code => 512bit_packed.code} | 0 .../sha256/{512_padded.code => 512bit_padded.code} | 2 +- stdlib/test.code | 12 ++++++++++++ zokrates_book/src/concepts/stdlib.md | 2 +- 7 files changed, 14 insertions(+), 2 deletions(-) rename stdlib/sha256/{1024.code => 1024bit.code} (100%) rename stdlib/sha256/{1536.code => 1536bit.code} (100%) rename stdlib/sha256/{512.code => 512bit.code} (100%) rename stdlib/sha256/{512_packed.code => 512bit_packed.code} (100%) rename stdlib/sha256/{512_padded.code => 512bit_padded.code} (98%) create mode 100644 stdlib/test.code diff --git a/stdlib/sha256/1024.code b/stdlib/sha256/1024bit.code similarity index 100% rename from stdlib/sha256/1024.code rename to stdlib/sha256/1024bit.code diff --git a/stdlib/sha256/1536.code b/stdlib/sha256/1536bit.code similarity index 100% rename from stdlib/sha256/1536.code rename to stdlib/sha256/1536bit.code diff --git a/stdlib/sha256/512.code b/stdlib/sha256/512bit.code similarity index 100% rename from stdlib/sha256/512.code rename to stdlib/sha256/512bit.code diff --git a/stdlib/sha256/512_packed.code b/stdlib/sha256/512bit_packed.code similarity index 100% rename from stdlib/sha256/512_packed.code rename to stdlib/sha256/512bit_packed.code diff --git a/stdlib/sha256/512_padded.code b/stdlib/sha256/512bit_padded.code similarity index 98% rename from stdlib/sha256/512_padded.code rename to stdlib/sha256/512bit_padded.code index 272e0246..732ad427 100644 --- a/stdlib/sha256/512_padded.code +++ b/stdlib/sha256/512bit_padded.code @@ -1,4 +1,4 @@ -import "./1024.code" as sha256 +import "./1024bit.code" as sha256 // A function that takes 2 field[256] arrays as inputs // and returns their sha256 compression function as an array of 256 field elements. diff --git a/stdlib/test.code b/stdlib/test.code new file mode 100644 index 00000000..e55552c3 --- /dev/null +++ b/stdlib/test.code @@ -0,0 +1,12 @@ +import "./sha256/512bit.code" as sha256 + +def main() -> (field): + + field[256] leafDigest = [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 1] + field[256] PathDigest0 = [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 1] + field[256] PathDigest1 = [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 1] + + currentDigest = sha256(leafDigest, PathDigest0) + currentDigest2 = sha256(currentDigest, PathDigest1) + + return 1 //return true in success \ No newline at end of file diff --git a/zokrates_book/src/concepts/stdlib.md b/zokrates_book/src/concepts/stdlib.md index 41c84d46..9a07320d 100644 --- a/zokrates_book/src/concepts/stdlib.md +++ b/zokrates_book/src/concepts/stdlib.md @@ -39,7 +39,7 @@ import "./stlib/512_padded.code" A function that takes 2 `field[256]` arrays as inputs and returns their sha256 compression function as an array of 256 field elements. #### sha256compression -` + ```zokrates import "./stlib/512.code" ``` From dba5bc3e4ebae82cf57e00c89aee4b670c555625 Mon Sep 17 00:00:00 2001 From: sdeml Date: Thu, 17 Jan 2019 17:35:58 +0100 Subject: [PATCH 16/30] add merke-tree inclusion proof --- stdlib/merkle_tree/sha256_path_proof.code | 31 +++++++++++++++++++ .../merkle_tree/sha256_path_proof.code.test | 14 +++++++++ stdlib/utils/binary/NOT.code | 2 ++ stdlib/utils/multiplexer/256bit.code | 11 +++++++ stdlib/utils/multiplexer/2bit.code | 11 +++++++ stdlib/utils/multiplexer/2bit.code.test | 13 ++++++++ 6 files changed, 82 insertions(+) create mode 100644 stdlib/merkle_tree/sha256_path_proof.code create mode 100644 stdlib/merkle_tree/sha256_path_proof.code.test create mode 100644 stdlib/utils/binary/NOT.code create mode 100644 stdlib/utils/multiplexer/256bit.code create mode 100644 stdlib/utils/multiplexer/2bit.code create mode 100644 stdlib/utils/multiplexer/2bit.code.test diff --git a/stdlib/merkle_tree/sha256_path_proof.code b/stdlib/merkle_tree/sha256_path_proof.code new file mode 100644 index 00000000..83307df1 --- /dev/null +++ b/stdlib/merkle_tree/sha256_path_proof.code @@ -0,0 +1,31 @@ +import "../sha256/512bit.code" as sha256 +import "../utils/multiplexer/256bit.code" as multiplex +import "../utils/binary/NOT.code" as NOT + +// Merke-Tree inclusion proof for tree depth 3 + +def main(field treeDepth, field[256] rootDigest, private field[256] leafDigest, private field[2] directionSelector, field[256] PathDigest0, private field[256] PathDigest1) -> (field): + + //Setup + field[256] currentDigest = leafDigest + field counter = 0 + field currentDirection = 0 + + //Loop up the tree + currentDirection = directionSelector[0] + lhs = multiplex(currentDirection, currentDigest, PathDigest0) + rhs = multiplex(NOT(currentDirection), currentDigest, PathDigest0) + currentDigest = sha256(lhs, rhs) + counter = counter + 1 + + currentDirection = directionSelector[1] + lhs = multiplex(currentDirection, currentDigest, PathDigest1) + rhs = multiplex(NOT(currentDirection), currentDigest, PathDigest1) + currentDigest = sha256(lhs, rhs) + counter = counter + 1 + + //Asserts + counter == treeDepth + rootDigest == currentDigest + + return 1 //return true in success \ No newline at end of file diff --git a/stdlib/merkle_tree/sha256_path_proof.code.test b/stdlib/merkle_tree/sha256_path_proof.code.test new file mode 100644 index 00000000..2030179e --- /dev/null +++ b/stdlib/merkle_tree/sha256_path_proof.code.test @@ -0,0 +1,14 @@ +import "./sha256_path_proof.code" as merkle_tree_proof + +field main () -> (field): + + field treeDepth = 3 + //TODO: field[256] rootDigest = + field[256] leafDigest = [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 1] + field[2] directionSelector = [0, 0] + field[256] PathDigest0 = [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 1] + field[256] PathDigest1 = [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 1] + + result = merkle_tree_proof(treeDepth,rootDigest,leafDigest,directionSelector,PathDigest0,PathDigest1) + + return 1 \ No newline at end of file diff --git a/stdlib/utils/binary/NOT.code b/stdlib/utils/binary/NOT.code new file mode 100644 index 00000000..96c16278 --- /dev/null +++ b/stdlib/utils/binary/NOT.code @@ -0,0 +1,2 @@ +def main(field x) -> (field): + return 1 - x \ No newline at end of file diff --git a/stdlib/utils/multiplexer/256bit.code b/stdlib/utils/multiplexer/256bit.code new file mode 100644 index 00000000..0f74228b --- /dev/null +++ b/stdlib/utils/multiplexer/256bit.code @@ -0,0 +1,11 @@ +def main(field selector, field[256] lhs, field[256] rhs) -> (field[256]): + + field[256] out = [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0] + + for field i in 0..256 do + + out[i] = if selector == 0 then lhs[i] else rhs[i] fi + + endfor + + return out \ No newline at end of file diff --git a/stdlib/utils/multiplexer/2bit.code b/stdlib/utils/multiplexer/2bit.code new file mode 100644 index 00000000..4d9dcfe8 --- /dev/null +++ b/stdlib/utils/multiplexer/2bit.code @@ -0,0 +1,11 @@ +def main(field selector, field[2] lhs, field[2] rhs) -> (field[2]): + + field[2] out = [0, 0] + + for field i in 0..2 do + + out[i] = if selector == 0 then lhs[i] else rhs[i] fi + + endfor + + return out \ No newline at end of file diff --git a/stdlib/utils/multiplexer/2bit.code.test b/stdlib/utils/multiplexer/2bit.code.test new file mode 100644 index 00000000..4d26a634 --- /dev/null +++ b/stdlib/utils/multiplexer/2bit.code.test @@ -0,0 +1,13 @@ +import "./2bit.code" as multiplex + +def main() -> (field[2]): + field bit = 1 + + field[2] output = [0, 0] + + field[2] a = [0, 1] + field[2] b = [1, 0] + + output = multiplex(bit, a, b) + + return output \ No newline at end of file From 7850ac7dbe753e373d9365e89f23e94dd38aed83 Mon Sep 17 00:00:00 2001 From: sdeml Date: Thu, 17 Jan 2019 21:07:00 +0100 Subject: [PATCH 17/30] fix tests --- stdlib/merkle_tree/sha256_path_proof.code | 2 +- stdlib/merkle_tree/sha256_path_proof.code.test | 2 +- stdlib/test.code | 12 ------------ 3 files changed, 2 insertions(+), 14 deletions(-) delete mode 100644 stdlib/test.code diff --git a/stdlib/merkle_tree/sha256_path_proof.code b/stdlib/merkle_tree/sha256_path_proof.code index 83307df1..1498751a 100644 --- a/stdlib/merkle_tree/sha256_path_proof.code +++ b/stdlib/merkle_tree/sha256_path_proof.code @@ -8,7 +8,7 @@ def main(field treeDepth, field[256] rootDigest, private field[256] leafDigest, //Setup field[256] currentDigest = leafDigest - field counter = 0 + field counter = 1 field currentDirection = 0 //Loop up the tree diff --git a/stdlib/merkle_tree/sha256_path_proof.code.test b/stdlib/merkle_tree/sha256_path_proof.code.test index 2030179e..7eed2013 100644 --- a/stdlib/merkle_tree/sha256_path_proof.code.test +++ b/stdlib/merkle_tree/sha256_path_proof.code.test @@ -3,7 +3,7 @@ import "./sha256_path_proof.code" as merkle_tree_proof field main () -> (field): field treeDepth = 3 - //TODO: field[256] rootDigest = + field[256] rootDigest = [1 ,1 ,1 ,1 ,1 ,0 ,1 ,1 ,1 ,1 ,0 ,1 ,1 ,0 ,0 ,0 ,0 ,1 ,0 ,1 ,1 ,0 ,1 ,1 ,0 ,1 ,1 ,1 ,1 ,1 ,0 ,1 ,1 ,1 ,1 ,1 ,1 ,1 ,1 ,0 ,1 ,1 ,1 ,1 ,0 ,0 ,1 ,1 ,1 ,1 ,0 ,0 ,1 ,0 ,1 ,0 ,1 ,0 ,0 ,1 ,1 ,0 ,0 ,0 ,1 ,1 ,0 ,1 ,0 ,1 ,1 ,0 ,1 ,0 ,1 ,1 ,0 ,0 ,0 ,1 ,1 ,1 ,1 ,1 ,1 ,1 ,0 ,0 ,0 ,0 ,0 ,1 ,1 ,1 ,1 ,1 ,1 ,1 ,1 ,1 ,0 ,1 ,1 ,1 ,1 ,1 ,0 ,1 ,1 ,1 ,0 ,1 ,1 ,0 ,0 ,0 ,0 ,1 ,0 ,0 ,1 ,1 ,0 ,0 ,0 ,0 ,0 ,1 ,0 ,1 ,1 ,1 ,1 ,0 ,0 ,0 ,0 ,0 ,0 ,1 ,1 ,1 ,0 ,1 ,0 ,0 ,0 ,0 ,0 ,1 ,0 ,0 ,1 ,0 ,0 ,1 ,0 ,1 ,1 ,1 ,0 ,1 ,0 ,1 ,0 ,0 ,0 ,0 ,1 ,0 ,1 ,1 ,0 ,1 ,1 ,1 ,1 ,1 ,0 ,0 ,0 ,1 ,1 ,0 ,1 ,0 ,1 ,1 ,0 ,0 ,0 ,1 ,0 ,0 ,0 ,1 ,0 ,0 ,1 ,0 ,1 ,1 ,1 ,1 ,1 ,1 ,1 ,0 ,1 ,0 ,1 ,1 ,0 ,0 ,0 ,0 ,1 ,0 ,0 ,0 ,0 ,0 ,0 ,0 ,0 ,0 ,0 ,1 ,1 ,1 ,1 ,1 ,0 ,0 ,1 ,0 ,0 ,1 ,1 ,0 ,0 ,1 ,0 ,0 ,0 ,0 ,0 ,1 ,0 ,1 ,1 ,1 ,1 ,1 ,1 ,0] field[256] leafDigest = [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 1] field[2] directionSelector = [0, 0] field[256] PathDigest0 = [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 1] diff --git a/stdlib/test.code b/stdlib/test.code deleted file mode 100644 index e55552c3..00000000 --- a/stdlib/test.code +++ /dev/null @@ -1,12 +0,0 @@ -import "./sha256/512bit.code" as sha256 - -def main() -> (field): - - field[256] leafDigest = [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 1] - field[256] PathDigest0 = [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 1] - field[256] PathDigest1 = [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 1] - - currentDigest = sha256(leafDigest, PathDigest0) - currentDigest2 = sha256(currentDigest, PathDigest1) - - return 1 //return true in success \ No newline at end of file From 710eab6eace29d85aeac6f3983ecadf66a574713 Mon Sep 17 00:00:00 2001 From: sdeml Date: Fri, 18 Jan 2019 14:49:12 +0100 Subject: [PATCH 18/30] fix memory overflow --- zokrates_core/lib/wraplibsnarkgadgets.cpp | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/zokrates_core/lib/wraplibsnarkgadgets.cpp b/zokrates_core/lib/wraplibsnarkgadgets.cpp index e337418f..954bd8e3 100644 --- a/zokrates_core/lib/wraplibsnarkgadgets.cpp +++ b/zokrates_core/lib/wraplibsnarkgadgets.cpp @@ -182,7 +182,7 @@ char* _sha256RoundConstraints() auto json = r1cs_to_json(pb); - auto result = new char[json.size()]; + auto result = new char[json.size() + 1]; memcpy(result, json.c_str(), json.size() + 1); return result; } @@ -231,7 +231,7 @@ char* _sha256RoundWitness(const uint8_t* inputs, int inputs_length) auto json = array_to_json(pb); - auto result = new char[json.size()]; + auto result = new char[json.size() + 1]; memcpy(result, json.c_str(), json.size() + 1); return result; } From 91bf2c0ea808e73d5556fdf28d18a358df840ac7 Mon Sep 17 00:00:00 2001 From: sdeml Date: Fri, 18 Jan 2019 17:29:53 +0100 Subject: [PATCH 19/30] fix further memory leaks --- zokrates_core/src/libsnark.rs | 23 ++++++++++++----------- 1 file changed, 12 insertions(+), 11 deletions(-) diff --git a/zokrates_core/src/libsnark.rs b/zokrates_core/src/libsnark.rs index 137afeda..2ffbeb9f 100644 --- a/zokrates_core/src/libsnark.rs +++ b/zokrates_core/src/libsnark.rs @@ -7,7 +7,7 @@ extern crate libc; use self::libc::{c_char, c_int, uint8_t}; -use std::ffi::CString; +use std::ffi::CStr; use std::string::String; use zokrates_field::field::Field; @@ -18,8 +18,11 @@ extern "C" { } pub fn get_sha256round_constraints() -> String { - let a = unsafe { CString::from_raw(_sha256RoundConstraints()) }; - a.into_string().unwrap() + let c_buf: *const c_char = unsafe { _sha256RoundConstraints() }; + let c_str: &CStr = unsafe { CStr::from_ptr(c_buf) }; + let str_slice: &str = c_str.to_str().unwrap(); + let str_buf: String = str_slice.to_owned(); + str_buf } pub fn get_sha256round_witness(inputs: &Vec) -> String { @@ -27,14 +30,12 @@ pub fn get_sha256round_witness(inputs: &Vec) -> String { for (index, value) in inputs.into_iter().enumerate() { inputs_arr[index] = vec_as_u8_32_array(&value.into_byte_vector()); } - - let a = unsafe { - CString::from_raw(_sha256RoundWitness( - inputs_arr[0].as_ptr(), - inputs.len() as i32, - )) - }; - a.into_string().unwrap() + let c_buf: *const c_char = + unsafe { _sha256RoundWitness(inputs_arr[0].as_ptr(), inputs.len() as i32) }; + let c_str: &CStr = unsafe { CStr::from_ptr(c_buf) }; + let str_slice: &str = c_str.to_str().unwrap(); + let str_buf: String = str_slice.to_owned(); + str_buf } // utility function. Converts a Fields vector-based byte representation to fixed size array. From a2a977b75c55c567cdbbf2ab8322a301aa595f1a Mon Sep 17 00:00:00 2001 From: sdeml Date: Fri, 18 Jan 2019 21:05:40 +0100 Subject: [PATCH 20/30] free unused memory / fix memory leak --- zokrates_core/lib/wraplibsnarkgadgets.hpp | 5 +++++ zokrates_core/src/libsnark.rs | 5 ++++- 2 files changed, 9 insertions(+), 1 deletion(-) diff --git a/zokrates_core/lib/wraplibsnarkgadgets.hpp b/zokrates_core/lib/wraplibsnarkgadgets.hpp index 3c0e0e55..1677e57e 100644 --- a/zokrates_core/lib/wraplibsnarkgadgets.hpp +++ b/zokrates_core/lib/wraplibsnarkgadgets.hpp @@ -15,6 +15,11 @@ extern "C" { char* _sha256RoundConstraints(); char* _sha256RoundWitness(const uint8_t* input, int input_length); +// External interface to free memory +void _free_string(char const *str) { + delete[] str; +} + #ifdef __cplusplus } // extern "C" #endif diff --git a/zokrates_core/src/libsnark.rs b/zokrates_core/src/libsnark.rs index 2ffbeb9f..94de8afb 100644 --- a/zokrates_core/src/libsnark.rs +++ b/zokrates_core/src/libsnark.rs @@ -15,13 +15,15 @@ use zokrates_field::field::Field; extern "C" { fn _sha256RoundConstraints() -> *mut c_char; fn _sha256RoundWitness(inputs: *const uint8_t, inputs_length: c_int) -> *mut c_char; + fn _free_string(str: *const c_char); } pub fn get_sha256round_constraints() -> String { let c_buf: *const c_char = unsafe { _sha256RoundConstraints() }; let c_str: &CStr = unsafe { CStr::from_ptr(c_buf) }; let str_slice: &str = c_str.to_str().unwrap(); - let str_buf: String = str_slice.to_owned(); + let str_buf: String = str_slice.to_owned(); //memory allocated in Rust + unsafe { _free_string(c_buf) }; //memory deallocated in Cpp str_buf } @@ -35,6 +37,7 @@ pub fn get_sha256round_witness(inputs: &Vec) -> String { let c_str: &CStr = unsafe { CStr::from_ptr(c_buf) }; let str_slice: &str = c_str.to_str().unwrap(); let str_buf: String = str_slice.to_owned(); + unsafe { _free_string(c_buf) }; str_buf } From 33bb047bf761254020d9af36f3603ac6ff3e5771 Mon Sep 17 00:00:00 2001 From: sdeml Date: Thu, 24 Jan 2019 17:05:19 +0100 Subject: [PATCH 21/30] small refactor & update docs --- stdlib/fortytwo.code | 4 -- stdlib/{ => hashes}/sha256/1024bit.code | 4 +- stdlib/{ => hashes}/sha256/1536bit.code | 4 +- stdlib/{ => hashes}/sha256/512bit.code | 4 +- stdlib/hashes/sha256/512bitPacked.code | 23 ++++++ .../sha256/512bitPadded.code} | 0 .../sha256/IVconstants.code} | 0 .../sha256/shaRound.code} | 0 .../sha256PathProof.code} | 4 +- stdlib/sha256/512bit_packed.code | 18 ----- stdlib/utils/binary/NOT.code | 1 + .../sha256 => stdlib/utils}/binary/and.code | 0 .../utils}/binary/andxorandxorand.code | 0 .../utils}/binary/andxornotand.code | 0 .../utils}/binary/fulladd.code | 0 .../utils}/binary/halfadd.code | 0 stdlib/utils/binary/isbool.code | 3 + .../sha256 => stdlib/utils}/binary/or.code | 0 .../sha256 => stdlib/utils}/binary/xor.code | 0 .../utils}/bitwise/32/and.code | 0 .../utils}/bitwise/32/andxorandxorand.code | 0 .../utils}/bitwise/32/andxornotand.code | 0 .../utils}/bitwise/32/copy.code | 0 .../utils}/bitwise/32/not.code | 0 .../utils}/bitwise/32/xor.code | 0 stdlib/utils/casts/128to256array.code | 5 ++ stdlib/utils/casts/256to128array.code | 6 ++ zokrates_book/src/SUMMARY.md | 1 + zokrates_book/src/concepts/imports.md | 29 ++++++++ zokrates_book/src/concepts/stdlib.md | 71 +++++++++---------- zokrates_book/src/sha256example.md | 10 --- .../TestStdlib/hashes/sha256/test512bit.code | 11 +++ .../hashes/sha256/test512bitPacked.code | 14 ++++ .../hashes/sha256/test512bitPadded.code | 11 +++ .../merkleTree/testsha256PathProof.code | 9 ++- .../utils/multiplexer/test2bit.code | 5 +- zokrates_cli/examples/book/hashexample.code | 8 +-- .../examples/book/hashexample_updated.code | 8 +-- zokrates_cli/examples/sha256/binary/not.code | 3 - 39 files changed, 158 insertions(+), 98 deletions(-) delete mode 100644 stdlib/fortytwo.code rename stdlib/{ => hashes}/sha256/1024bit.code (80%) rename stdlib/{ => hashes}/sha256/1536bit.code (83%) rename stdlib/{ => hashes}/sha256/512bit.code (83%) create mode 100644 stdlib/hashes/sha256/512bitPacked.code rename stdlib/{sha256/512bit_padded.code => hashes/sha256/512bitPadded.code} (100%) rename stdlib/{sha256/IV_constants.code => hashes/sha256/IVconstants.code} (100%) rename stdlib/{sha256/sha_round.code => hashes/sha256/shaRound.code} (100%) rename stdlib/{merkle_tree/sha256_path_proof.code => merkleTree/sha256PathProof.code} (91%) delete mode 100644 stdlib/sha256/512bit_packed.code rename {zokrates_cli/examples/sha256 => stdlib/utils}/binary/and.code (100%) rename {zokrates_cli/examples/sha256 => stdlib/utils}/binary/andxorandxorand.code (100%) rename {zokrates_cli/examples/sha256 => stdlib/utils}/binary/andxornotand.code (100%) rename {zokrates_cli/examples/sha256 => stdlib/utils}/binary/fulladd.code (100%) rename {zokrates_cli/examples/sha256 => stdlib/utils}/binary/halfadd.code (100%) create mode 100644 stdlib/utils/binary/isbool.code rename {zokrates_cli/examples/sha256 => stdlib/utils}/binary/or.code (100%) rename {zokrates_cli/examples/sha256 => stdlib/utils}/binary/xor.code (100%) rename {zokrates_cli/examples/sha256 => stdlib/utils}/bitwise/32/and.code (100%) rename {zokrates_cli/examples/sha256 => stdlib/utils}/bitwise/32/andxorandxorand.code (100%) rename {zokrates_cli/examples/sha256 => stdlib/utils}/bitwise/32/andxornotand.code (100%) rename {zokrates_cli/examples/sha256 => stdlib/utils}/bitwise/32/copy.code (100%) rename {zokrates_cli/examples/sha256 => stdlib/utils}/bitwise/32/not.code (100%) rename {zokrates_cli/examples/sha256 => stdlib/utils}/bitwise/32/xor.code (100%) create mode 100644 stdlib/utils/casts/128to256array.code create mode 100644 stdlib/utils/casts/256to128array.code create mode 100644 zokrates_book/src/concepts/imports.md create mode 100644 zokrates_cli/examples/TestStdlib/hashes/sha256/test512bit.code create mode 100644 zokrates_cli/examples/TestStdlib/hashes/sha256/test512bitPacked.code create mode 100644 zokrates_cli/examples/TestStdlib/hashes/sha256/test512bitPadded.code rename stdlib/merkle_tree/sha256_path_proof.code.test => zokrates_cli/examples/TestStdlib/merkleTree/testsha256PathProof.code (94%) rename stdlib/utils/multiplexer/2bit.code.test => zokrates_cli/examples/TestStdlib/utils/multiplexer/test2bit.code (61%) delete mode 100644 zokrates_cli/examples/sha256/binary/not.code diff --git a/stdlib/fortytwo.code b/stdlib/fortytwo.code deleted file mode 100644 index 3a27ef95..00000000 --- a/stdlib/fortytwo.code +++ /dev/null @@ -1,4 +0,0 @@ -// just as an example, to be removed - -def main() -> (field): - return 42 \ No newline at end of file diff --git a/stdlib/sha256/1024bit.code b/stdlib/hashes/sha256/1024bit.code similarity index 80% rename from stdlib/sha256/1024bit.code rename to stdlib/hashes/sha256/1024bit.code index 2102aa7c..0eff3f1e 100644 --- a/stdlib/sha256/1024bit.code +++ b/stdlib/hashes/sha256/1024bit.code @@ -1,5 +1,5 @@ -import "./IV_constants.code" as IVconstants -import "./sha_round.code" as sha256 +import "./IVconstants.code" as IVconstants +import "./shaRound.code" as sha256 // A function that takes 4 field[256] arrays as inputs // and applies 2 rounds of sha256 compression. diff --git a/stdlib/sha256/1536bit.code b/stdlib/hashes/sha256/1536bit.code similarity index 83% rename from stdlib/sha256/1536bit.code rename to stdlib/hashes/sha256/1536bit.code index 522cf389..a1e2fd2c 100644 --- a/stdlib/sha256/1536bit.code +++ b/stdlib/hashes/sha256/1536bit.code @@ -1,5 +1,5 @@ -import "./IV_constants.code" as IVconstants -import "./sha_round.code" as sha256 +import "./IVconstants.code" as IVconstants +import "./shaRound.code" as sha256 // A function that takes 6 field[256] arrays as inputs // and applies 3 rounds of sha256 compression. diff --git a/stdlib/sha256/512bit.code b/stdlib/hashes/sha256/512bit.code similarity index 83% rename from stdlib/sha256/512bit.code rename to stdlib/hashes/sha256/512bit.code index 501520bd..831d6f67 100644 --- a/stdlib/sha256/512bit.code +++ b/stdlib/hashes/sha256/512bit.code @@ -1,5 +1,5 @@ -import "./IV_constants.code" as IVconstants -import "./sha_round.code" as sha256 +import "./IVconstants.code" as IVconstants +import "./shaRound.code" as sha256 // A function that takes 2 field[256] arrays as inputs // and returns their sha256 compression function as an array of 256 field elements. diff --git a/stdlib/hashes/sha256/512bitPacked.code b/stdlib/hashes/sha256/512bitPacked.code new file mode 100644 index 00000000..77be38eb --- /dev/null +++ b/stdlib/hashes/sha256/512bitPacked.code @@ -0,0 +1,23 @@ +import "PACKING/pack128" as pack128 +import "PACKING/unpack128" as unpack128 +import "./512bit.code" as sha256 +//FIXME: delete packed stldib +// A function that takes an array of 4 field elements as inputs, unpacks each of them to 128 +// bits (big endian), concatenates them and applies sha256. +// It then returns an array of two field elements, each representing 128 bits of the result. +def main(field[4] preimage) -> (field[2]): + + a0, a1, a2, a3, a4, a5, a6, a7, a8, a9, a10, a11, a12, a13, a14, a15, a16, a17, a18, a19, a20, a21, a22, a23, a24, a25, a26, a27, a28, a29, a30, a31, a32, a33, a34, a35, a36, a37, a38, a39, a40, a41, a42, a43, a44, a45, a46, a47, a48, a49, a50, a51, a52, a53, a54, a55, a56, a57, a58, a59, a60, a61, a62, a63, a64, a65, a66, a67, a68, a69, a70, a71, a72, a73, a74, a75, a76, a77, a78, a79, a80, a81, a82, a83, a84, a85, a86, a87, a88, a89, a90, a91, a92, a93, a94, a95, a96, a97, a98, a99, a100, a101, a102, a103, a104, a105, a106, a107, a108, a109, a110, a111, a112, a113, a114, a115, a116, a117, a118, a119, a120, a121, a122, a123, a124, a125, a126, a127 = unpack128(preimage[0]) + b0, b1, b2, b3, b4, b5, b6, b7, b8, b9, b10, b11, b12, b13, b14, b15, b16, b17, b18, b19, b20, b21, b22, b23, b24, b25, b26, b27, b28, b29, b30, b31, b32, b33, b34, b35, b36, b37, b38, b39, b40, b41, b42, b43, b44, b45, b46, b47, b48, b49, b50, b51, b52, b53, b54, b55, b56, b57, b58, b59, b60, b61, b62, b63, b64, b65, b66, b67, b68, b69, b70, b71, b72, b73, b74, b75, b76, b77, b78, b79, b80, b81, b82, b83, b84, b85, b86, b87, b88, b89, b90, b91, b92, b93, b94, b95, b96, b97, b98, b99, b100, b101, b102, b103, b104, b105, b106, b107, b108, b109, b110, b111, b112, b113, b114, b115, b116, b117, b118, b119, b120, b121, b122, b123, b124, b125, b126, b127 = unpack128(preimage[1]) + c0, c1, c2, c3, c4, c5, c6, c7, c8, c9, c10, c11, c12, c13, c14, c15, c16, c17, c18, c19, c20, c21, c22, c23, c24, c25, c26, c27, c28, c29, c30, c31, c32, c33, c34, c35, c36, c37, c38, c39, c40, c41, c42, c43, c44, c45, c46, c47, c48, c49, c50, c51, c52, c53, c54, c55, c56, c57, c58, c59, c60, c61, c62, c63, c64, c65, c66, c67, c68, c69, c70, c71, c72, c73, c74, c75, c76, c77, c78, c79, c80, c81, c82, c83, c84, c85, c86, c87, c88, c89, c90, c91, c92, c93, c94, c95, c96, c97, c98, c99, c100, c101, c102, c103, c104, c105, c106, c107, c108, c109, c110, c111, c112, c113, c114, c115, c116, c117, c118, c119, c120, c121, c122, c123, c124, c125, c126, c127 = unpack128(preimage[2]) + d0, d1, d2, d3, d4, d5, d6, d7, d8, d9, d10, d11, d12, d13, d14, d15, d16, d17, d18, d19, d20, d21, d22, d23, d24, d25, d26, d27, d28, d29, d30, d31, d32, d33, d34, d35, d36, d37, d38, d39, d40, d41, d42, d43, d44, d45, d46, d47, d48, d49, d50, d51, d52, d53, d54, d55, d56, d57, d58, d59, d60, d61, d62, d63, d64, d65, d66, d67, d68, d69, d70, d71, d72, d73, d74, d75, d76, d77, d78, d79, d80, d81, d82, d83, d84, d85, d86, d87, d88, d89, d90, d91, d92, d93, d94, d95, d96, d97, d98, d99, d100, d101, d102, d103, d104, d105, d106, d107, d108, d109, d110, d111, d112, d113, d114, d115, d116, d117, d118, d119, d120, d121, d122, d123, d124, d125, d126, d127 = unpack128(preimage[3]) + + field[256] lhs = [a0, a1, a2, a3, a4, a5, a6, a7, a8, a9, a10, a11, a12, a13, a14, a15, a16, a17, a18, a19, a20, a21, a22, a23, a24, a25, a26, a27, a28, a29, a30, a31, a32, a33, a34, a35, a36, a37, a38, a39, a40, a41, a42, a43, a44, a45, a46, a47, a48, a49, a50, a51, a52, a53, a54, a55, a56, a57, a58, a59, a60, a61, a62, a63, a64, a65, a66, a67, a68, a69, a70, a71, a72, a73, a74, a75, a76, a77, a78, a79, a80, a81, a82, a83, a84, a85, a86, a87, a88, a89, a90, a91, a92, a93, a94, a95, a96, a97, a98, a99, a100, a101, a102, a103, a104, a105, a106, a107, a108, a109, a110, a111, a112, a113, a114, a115, a116, a117, a118, a119, a120, a121, a122, a123, a124, a125, a126, a127, b0, b1, b2, b3, b4, b5, b6, b7, b8, b9, b10, b11, b12, b13, b14, b15, b16, b17, b18, b19, b20, b21, b22, b23, b24, b25, b26, b27, b28, b29, b30, b31, b32, b33, b34, b35, b36, b37, b38, b39, b40, b41, b42, b43, b44, b45, b46, b47, b48, b49, b50, b51, b52, b53, b54, b55, b56, b57, b58, b59, b60, b61, b62, b63, b64, b65, b66, b67, b68, b69, b70, b71, b72, b73, b74, b75, b76, b77, b78, b79, b80, b81, b82, b83, b84, b85, b86, b87, b88, b89, b90, b91, b92, b93, b94, b95, b96, b97, b98, b99, b100, b101, b102, b103, b104, b105, b106, b107, b108, b109, b110, b111, b112, b113, b114, b115, b116, b117, b118, b119, b120, b121, b122, b123, b124, b125, b126, b127] + field[256] rhs = [c0, c1, c2, c3, c4, c5, c6, c7, c8, c9, c10, c11, c12, c13, c14, c15, c16, c17, c18, c19, c20, c21, c22, c23, c24, c25, c26, c27, c28, c29, c30, c31, c32, c33, c34, c35, c36, c37, c38, c39, c40, c41, c42, c43, c44, c45, c46, c47, c48, c49, c50, c51, c52, c53, c54, c55, c56, c57, c58, c59, c60, c61, c62, c63, c64, c65, c66, c67, c68, c69, c70, c71, c72, c73, c74, c75, c76, c77, c78, c79, c80, c81, c82, c83, c84, c85, c86, c87, c88, c89, c90, c91, c92, c93, c94, c95, c96, c97, c98, c99, c100, c101, c102, c103, c104, c105, c106, c107, c108, c109, c110, c111, c112, c113, c114, c115, c116, c117, c118, c119, c120, c121, c122, c123, c124, c125, c126, c127, d0, d1, d2, d3, d4, d5, d6, d7, d8, d9, d10, d11, d12, d13, d14, d15, d16, d17, d18, d19, d20, d21, d22, d23, d24, d25, d26, d27, d28, d29, d30, d31, d32, d33, d34, d35, d36, d37, d38, d39, d40, d41, d42, d43, d44, d45, d46, d47, d48, d49, d50, d51, d52, d53, d54, d55, d56, d57, d58, d59, d60, d61, d62, d63, d64, d65, d66, d67, d68, d69, d70, d71, d72, d73, d74, d75, d76, d77, d78, d79, d80, d81, d82, d83, d84, d85, d86, d87, d88, d89, d90, d91, d92, d93, d94, d95, d96, d97, d98, d99, d100, d101, d102, d103, d104, d105, d106, d107, d108, d109, d110, d111, d112, d113, d114, d115, d116, d117, d118, d119, d120, d121, d122, d123, d124, d125, d126, d127] + + field[256] r = sha256(lhs, rhs) + + res0 = pack128(r[0], r[1], r[2], r[3], r[4], r[5], r[6], r[7], r[8], r[9], r[10], r[11], r[12], r[13], r[14], r[15], r[16], r[17], r[18], r[19], r[20], r[21], r[22], r[23], r[24], r[25], r[26], r[27], r[28], r[29], r[30], r[31], r[32], r[33], r[34], r[35], r[36], r[37], r[38], r[39], r[40], r[41], r[42], r[43], r[44], r[45], r[46], r[47], r[48], r[49], r[50], r[51], r[52], r[53], r[54], r[55], r[56], r[57], r[58], r[59], r[60], r[61], r[62], r[63], r[64], r[65], r[66], r[67], r[68], r[69], r[70], r[71], r[72], r[73], r[74], r[75], r[76], r[77], r[78], r[79], r[80], r[81], r[82], r[83], r[84], r[85], r[86], r[87], r[88], r[89], r[90], r[91], r[92], r[93], r[94], r[95], r[96], r[97], r[98], r[99], r[100], r[101], r[102], r[103], r[104], r[105], r[106], r[107], r[108], r[109], r[110], r[111], r[112], r[113], r[114], r[115], r[116], r[117], r[118], r[119], r[120], r[121], r[122], r[123], r[124], r[125], r[126], r[127]) + res1 = pack128(r[128], r[129], r[130], r[131], r[132], r[133], r[134], r[135], r[136], r[137], r[138], r[139], r[140], r[141], r[142], r[143], r[144], r[145], r[146], r[147], r[148], r[149], r[150], r[151], r[152], r[153], r[154], r[155], r[156], r[157], r[158], r[159], r[160], r[161], r[162], r[163], r[164], r[165], r[166], r[167], r[168], r[169], r[170], r[171], r[172], r[173], r[174], r[175], r[176], r[177], r[178], r[179], r[180], r[181], r[182], r[183], r[184], r[185], r[186], r[187], r[188], r[189], r[190], r[191], r[192], r[193], r[194], r[195], r[196], r[197], r[198], r[199], r[200], r[201], r[202], r[203], r[204], r[205], r[206], r[207], r[208], r[209], r[210], r[211], r[212], r[213], r[214], r[215], r[216], r[217], r[218], r[219], r[220], r[221], r[222], r[223], r[224], r[225], r[226], r[227], r[228], r[229], r[230], r[231], r[232], r[233], r[234], r[235], r[236], r[237], r[238], r[239], r[240], r[241], r[242], r[243], r[244], r[245], r[246], r[247], r[248], r[249], r[250], r[251], r[252], r[253], r[254], r[255]) + + return [res0, res1] \ No newline at end of file diff --git a/stdlib/sha256/512bit_padded.code b/stdlib/hashes/sha256/512bitPadded.code similarity index 100% rename from stdlib/sha256/512bit_padded.code rename to stdlib/hashes/sha256/512bitPadded.code diff --git a/stdlib/sha256/IV_constants.code b/stdlib/hashes/sha256/IVconstants.code similarity index 100% rename from stdlib/sha256/IV_constants.code rename to stdlib/hashes/sha256/IVconstants.code diff --git a/stdlib/sha256/sha_round.code b/stdlib/hashes/sha256/shaRound.code similarity index 100% rename from stdlib/sha256/sha_round.code rename to stdlib/hashes/sha256/shaRound.code diff --git a/stdlib/merkle_tree/sha256_path_proof.code b/stdlib/merkleTree/sha256PathProof.code similarity index 91% rename from stdlib/merkle_tree/sha256_path_proof.code rename to stdlib/merkleTree/sha256PathProof.code index 1498751a..8ffde9fa 100644 --- a/stdlib/merkle_tree/sha256_path_proof.code +++ b/stdlib/merkleTree/sha256PathProof.code @@ -1,6 +1,6 @@ -import "../sha256/512bit.code" as sha256 +import "../hashes/sha256/512bit.code" as sha256 import "../utils/multiplexer/256bit.code" as multiplex -import "../utils/binary/NOT.code" as NOT +import "../utils/binary/not.code" as NOT // Merke-Tree inclusion proof for tree depth 3 diff --git a/stdlib/sha256/512bit_packed.code b/stdlib/sha256/512bit_packed.code deleted file mode 100644 index c704aa70..00000000 --- a/stdlib/sha256/512bit_packed.code +++ /dev/null @@ -1,18 +0,0 @@ - -import "./IV_constants.code" as IVconstants -import "./sha_round.code" as sha256 -import "PACKING/pack256" as pack256 -import "PACKING/unpack256" as unpack256 - -// A function that takes 4 field elements as inputs, unpacks each of them to 128 -// bits (big endian), concatenates them and applies sha256. -// It then returns two field elements, each representing 128 bits of the result. -def main(field a, field b) -> (field): - - IV = IVconstants() - field[256] a = unpack256(a) - field[256] b = unpack256(b) - digest = sha256(a, b, IV) - field c = pack256(digest) - - return c \ No newline at end of file diff --git a/stdlib/utils/binary/NOT.code b/stdlib/utils/binary/NOT.code index 96c16278..d34397fa 100644 --- a/stdlib/utils/binary/NOT.code +++ b/stdlib/utils/binary/NOT.code @@ -1,2 +1,3 @@ +// NOT def main(field x) -> (field): return 1 - x \ No newline at end of file diff --git a/zokrates_cli/examples/sha256/binary/and.code b/stdlib/utils/binary/and.code similarity index 100% rename from zokrates_cli/examples/sha256/binary/and.code rename to stdlib/utils/binary/and.code diff --git a/zokrates_cli/examples/sha256/binary/andxorandxorand.code b/stdlib/utils/binary/andxorandxorand.code similarity index 100% rename from zokrates_cli/examples/sha256/binary/andxorandxorand.code rename to stdlib/utils/binary/andxorandxorand.code diff --git a/zokrates_cli/examples/sha256/binary/andxornotand.code b/stdlib/utils/binary/andxornotand.code similarity index 100% rename from zokrates_cli/examples/sha256/binary/andxornotand.code rename to stdlib/utils/binary/andxornotand.code diff --git a/zokrates_cli/examples/sha256/binary/fulladd.code b/stdlib/utils/binary/fulladd.code similarity index 100% rename from zokrates_cli/examples/sha256/binary/fulladd.code rename to stdlib/utils/binary/fulladd.code diff --git a/zokrates_cli/examples/sha256/binary/halfadd.code b/stdlib/utils/binary/halfadd.code similarity index 100% rename from zokrates_cli/examples/sha256/binary/halfadd.code rename to stdlib/utils/binary/halfadd.code diff --git a/stdlib/utils/binary/isbool.code b/stdlib/utils/binary/isbool.code new file mode 100644 index 00000000..36839018 --- /dev/null +++ b/stdlib/utils/binary/isbool.code @@ -0,0 +1,3 @@ +def main(field a) -> (field): + 0 == (a-1)*a + return 1 \ No newline at end of file diff --git a/zokrates_cli/examples/sha256/binary/or.code b/stdlib/utils/binary/or.code similarity index 100% rename from zokrates_cli/examples/sha256/binary/or.code rename to stdlib/utils/binary/or.code diff --git a/zokrates_cli/examples/sha256/binary/xor.code b/stdlib/utils/binary/xor.code similarity index 100% rename from zokrates_cli/examples/sha256/binary/xor.code rename to stdlib/utils/binary/xor.code diff --git a/zokrates_cli/examples/sha256/bitwise/32/and.code b/stdlib/utils/bitwise/32/and.code similarity index 100% rename from zokrates_cli/examples/sha256/bitwise/32/and.code rename to stdlib/utils/bitwise/32/and.code diff --git a/zokrates_cli/examples/sha256/bitwise/32/andxorandxorand.code b/stdlib/utils/bitwise/32/andxorandxorand.code similarity index 100% rename from zokrates_cli/examples/sha256/bitwise/32/andxorandxorand.code rename to stdlib/utils/bitwise/32/andxorandxorand.code diff --git a/zokrates_cli/examples/sha256/bitwise/32/andxornotand.code b/stdlib/utils/bitwise/32/andxornotand.code similarity index 100% rename from zokrates_cli/examples/sha256/bitwise/32/andxornotand.code rename to stdlib/utils/bitwise/32/andxornotand.code diff --git a/zokrates_cli/examples/sha256/bitwise/32/copy.code b/stdlib/utils/bitwise/32/copy.code similarity index 100% rename from zokrates_cli/examples/sha256/bitwise/32/copy.code rename to stdlib/utils/bitwise/32/copy.code diff --git a/zokrates_cli/examples/sha256/bitwise/32/not.code b/stdlib/utils/bitwise/32/not.code similarity index 100% rename from zokrates_cli/examples/sha256/bitwise/32/not.code rename to stdlib/utils/bitwise/32/not.code diff --git a/zokrates_cli/examples/sha256/bitwise/32/xor.code b/stdlib/utils/bitwise/32/xor.code similarity index 100% rename from zokrates_cli/examples/sha256/bitwise/32/xor.code rename to stdlib/utils/bitwise/32/xor.code diff --git a/stdlib/utils/casts/128to256array.code b/stdlib/utils/casts/128to256array.code new file mode 100644 index 00000000..730b69f7 --- /dev/null +++ b/stdlib/utils/casts/128to256array.code @@ -0,0 +1,5 @@ +def main(field[128] a, field[128] b) -> (field[256]): + + field[256] out = [a[0], a[1], a[2], a[3], a[4], a[5], a[6], a[7], a[8], a[9], a[10], a[11], a[12], a[13], a[14], a[15], a[16], a[17], a[18], a[19], a[20], a[21], a[22], a[23], a[24], a[25], a[26], a[27], a[28], a[29], a[30], a[31], a[32], a[33], a[34], a[35], a[36], a[37], a[38], a[39], a[40], a[41], a[42], a[43], a[44], a[45], a[46], a[47], a[48], a[49], a[50], a[51], a[52], a[53], a[54], a[55], a[56], a[57], a[58], a[59], a[60], a[61], a[62], a[63], a[64], a[65], a[66], a[67], a[68], a[69], a[70], a[71], a[72], a[73], a[74], a[75], a[76], a[77], a[78], a[79], a[80], a[81], a[82], a[83], a[84], a[85], a[86], a[87], a[88], a[89], a[90], a[91], a[92], a[93], a[94], a[95], a[96], a[97], a[98], a[99], a[100], a[101], a[102], a[103], a[104], a[105], a[106], a[107], a[108], a[109], a[110], a[111], a[112], a[113], a[114], a[115], a[116], a[117], a[118], a[119], a[120], a[121], a[122], a[123], a[124], a[125], a[126], a[127], b[0], b[1], b[2], b[3], b[4], b[5], b[6], b[7], b[8], b[9], b[10], b[11], b[12], b[13], b[14], b[15], b[16], b[17], b[18], b[19], b[20], b[21], b[22], b[23], b[24], b[25], b[26], b[27], b[28], b[29], b[30], b[31], b[32], b[33], b[34], b[35], b[36], b[37], b[38], b[39], b[40], b[41], b[42], b[43], b[44], b[45], b[46], b[47], b[48], b[49], b[50], b[51], b[52], b[53], b[54], b[55], b[56], b[57], b[58], b[59], b[60], b[61], b[62], b[63], b[64], b[65], b[66], b[67], b[68], b[69], b[70], b[71], b[72], b[73], b[74], b[75], b[76], b[77], b[78], b[79], b[80], b[81], b[82], b[83], b[84], b[85], b[86], b[87], b[88], b[89], b[90], b[91], b[92], b[93], b[94], b[95], b[96], b[97], b[98], b[99], b[100], b[101], b[102], b[103], b[104], b[105], b[106], b[107], b[108], b[109], b[110], b[111], b[112], b[113], b[114], b[115], b[116], b[117], b[118], b[119], b[120], b[121], b[122], b[123], b[124], b[125], b[126], b[127]] + + return out \ No newline at end of file diff --git a/stdlib/utils/casts/256to128array.code b/stdlib/utils/casts/256to128array.code new file mode 100644 index 00000000..2de9f49a --- /dev/null +++ b/stdlib/utils/casts/256to128array.code @@ -0,0 +1,6 @@ +def main(field[256] a) -> (field[128], field[128]): + + field[128] out1 = [a[0], a[1], a[2], a[3], a[4], a[5], a[6], a[7], a[8], a[9], a[10], a[11], a[12], a[13], a[14], a[15], a[16], a[17], a[18], a[19], a[20], a[21], a[22], a[23], a[24], a[25], a[26], a[27], a[28], a[29], a[30], a[31], a[32], a[33], a[34], a[35], a[36], a[37], a[38], a[39], a[40], a[41], a[42], a[43], a[44], a[45], a[46], a[47], a[48], a[49], a[50], a[51], a[52], a[53], a[54], a[55], a[56], a[57], a[58], a[59], a[60], a[61], a[62], a[63], a[64], a[65], a[66], a[67], a[68], a[69], a[70], a[71], a[72], a[73], a[74], a[75], a[76], a[77], a[78], a[79], a[80], a[81], a[82], a[83], a[84], a[85], a[86], a[87], a[88], a[89], a[90], a[91], a[92], a[93], a[94], a[95], a[96], a[97], a[98], a[99], a[100], a[101], a[102], a[103], a[104], a[105], a[106], a[107], a[108], a[109], a[110], a[111], a[112], a[113], a[114], a[115], a[116], a[117], a[118], a[119], a[120], a[121], a[122], a[123], a[124], a[125], a[126], a[127]] + field[128] out2 = [a[128], a[129], a[130], a[131], a[132], a[133], a[134], a[135], a[136], a[137], a[138], a[139], a[140], a[141], a[142], a[143], a[144], a[145], a[146], a[147], a[148], a[149], a[150], a[151], a[152], a[153], a[154], a[155], a[156], a[157], a[158], a[159], a[160], a[161], a[162], a[163], a[164], a[165], a[166], a[167], a[168], a[169], a[170], a[171], a[172], a[173], a[174], a[175], a[176], a[177], a[178], a[179], a[180], a[181], a[182], a[183], a[184], a[185], a[186], a[187], a[188], a[189], a[190], a[191], a[192], a[193], a[194], a[195], a[196], a[197], a[198], a[199], a[200], a[201], a[202], a[203], a[204], a[205], a[206], a[207], a[208], a[209], a[210], a[211], a[212], a[213], a[214], a[215], a[216], a[217], a[218], a[219], a[220], a[221], a[222], a[223], a[224], a[225], a[226], a[227], a[228], a[229], a[230], a[231], a[232], a[233], a[234], a[235], a[236], a[237], a[238], a[239], a[240], a[241], a[242], a[243], a[244], a[245], a[246], a[247], a[248], a[249], a[250], a[251], a[252], a[253], a[254], a[255]] + + return out1, out2 \ No newline at end of file diff --git a/zokrates_book/src/SUMMARY.md b/zokrates_book/src/SUMMARY.md index d3996b5c..21e2c1b1 100644 --- a/zokrates_book/src/SUMMARY.md +++ b/zokrates_book/src/SUMMARY.md @@ -9,6 +9,7 @@ - [Types](./concepts/types.md) - [Functions](./concepts/functions.md) - [Control flow](./concepts/control_flow.md) + - [Imports](./concepts/imports.md) - [Comments](./concepts/comments.md) - [Standard Library](./concepts/stdlib.md) diff --git a/zokrates_book/src/concepts/imports.md b/zokrates_book/src/concepts/imports.md new file mode 100644 index 00000000..4d325036 --- /dev/null +++ b/zokrates_book/src/concepts/imports.md @@ -0,0 +1,29 @@ +## Imports + +You can separate your code into multiple ZoKrates files using `import` statements: + +### Relative Imports + +You can import a resource in the same folder directly, like this: +```zokrates +import "./mycode.code" +``` + +There also is a handy syntax to import from the parent directory: +```zokrates +import "../mycode.code" +``` + +Also imports further up the file-system are supported: +```zokrates +import "./../../../mycode.code" +``` + +You can also choose to rename the imported resource, like so: +```zokrates +import "./mycode.code" as abc +``` + +### Absolute Imports + +Absolute imports don't start with `./` in the path and are used to import components from the ZoKrates standard library. Please check the according [section](./stdlib.html) for more details. diff --git a/zokrates_book/src/concepts/stdlib.md b/zokrates_book/src/concepts/stdlib.md index 9a07320d..7d75e146 100644 --- a/zokrates_book/src/concepts/stdlib.md +++ b/zokrates_book/src/concepts/stdlib.md @@ -1,14 +1,39 @@ ## Standard library ->**! The standard library is currently being refactored !** +ZoKrates comes with a number of reusable components which are defined at `./stdlib/` in the ZoKrates root folder. The standard library is solely based on the ZoKrates DSL and can be easily extended. -> Currently the standard library is split into two parts: -> * Global imports: these functions can be imported without specifying the correct path -> * Relative imports: these functions need the the correct relative path on the file-system +The following section highlights a subset of available imports: -ZoKrates comes with a number of reusable components. For now, these components are: +#### sha256 -### Global imports +```zokrates +import "hashes/sha256/512Padded.code" +``` + +A function that takes 2 `field[256]` arrays as inputs and returns their sha256 compression function as an array of 256 field elements. + +#### sha256compression + +```zokrates +import "hashes/sha256/512bit.code" +``` + +A function that takes 2 `field[256]` arrays as inputs and returns their sha256 compression function as an array of 256 field elements. +The difference with `sha256` is that no padding is added at the end of the message, which makes it more efficient but also less compatible with Solidity. + +There also is support for 2 round (1024bit input) and and 3 round (1536bit input) variants, using `hashes/1024bit.code` or `hashes/1536bit.code` respectively. + +#### sha256packed + +```zokrates +import "hashes/sha256/512bitPacked.code" +``` + +A function that takes an array of 4 field elements as inputs, unpacks each of them to 128 bits (big endian), concatenates them and applies sha256. It then returns an array of 2 field elements, each representing 128 bits of the result. + +### Direct imports + +Some components of the standard library can not be efficiently represented in the ZoKrates DSL language. Those functions are injected at compile-time and are available by default. #### pack128 @@ -23,37 +48,5 @@ Packs 128 field elements as one. ```zokrates import "PACKING/unpack128" ``` -Unpacks a field element to 128 field elements. - -### Relative import ->Caution: In order to import these functions the correct relative path with respect to the zokrates binary need to be specified. - -The standard library is located at `./stdlib/` in the ZoKrates root folder. Is solely based on the ZoKrates DSL and can be easily extended. - -#### sha256 - -```zokrates -import "./stlib/512_padded.code" -``` - -A function that takes 2 `field[256]` arrays as inputs and returns their sha256 compression function as an array of 256 field elements. - -#### sha256compression - -```zokrates -import "./stlib/512.code" -``` - -A function that takes 2 `field[256]` arrays as inputs and returns their sha256 compression function as an array of 256 field elements. -The difference with `sha256` is that no padding is added at the end of the message, which makes it more efficient but also less compatible with Solidity. - -There also is support for 2round (1024bit input) and and 3 round (1536bit input) variants, using `./stlib/1024.code` or `./stlib/1536.code` respectively. - -#### sha256packed - -```zokrates -import "./stlib/512_packed.code" -``` - -A function that takes 4 field elements as inputs, unpacks each of them to 128 bits (big endian), concatenates them and applies sha256. It then returns two field elements, each representing 128 bits of the result. +Unpacks a field element to 128 field elements. \ No newline at end of file diff --git a/zokrates_book/src/sha256example.md b/zokrates_book/src/sha256example.md index 0126aa89..8ab91956 100644 --- a/zokrates_book/src/sha256example.md +++ b/zokrates_book/src/sha256example.md @@ -70,17 +70,7 @@ To make it work, the two parties have to follow their roles in the protocol: First, Victor has to specify what hash he is interested in. Therefore, we have to adjust the zkSNARK circuit, compiled by ZoKrates, such that in addition to computing the digest, it also validates it against the digest of interest, provided by Victor. This leads to the following update for `hashexample.code`: ```zokrates -<<<<<<< HEAD -import "./stdlib/sha256/512_packed.code" as sha256packed - -def main(private field a, private field b, private field c, private field d) -> (field): - h0, h1 = sha256packed(a, b, c, d) - h0 == 263561599766550617289250058199814760685 - h1 == 65303172752238645975888084098459749904 - return 1 -======= {{#include ../../zokrates_cli/examples/book/hashexample_updated.code}} ->>>>>>> develop ``` Note that we now compare the result of `sha256packed` with the hard-coded correct solution defined by Victor. The lines which we added are treated as assertions: the verifier will not accept a proof where these constraints were not satisfied. Clearly, this program only returns 1 if all of the computed bits are equal. diff --git a/zokrates_cli/examples/TestStdlib/hashes/sha256/test512bit.code b/zokrates_cli/examples/TestStdlib/hashes/sha256/test512bit.code new file mode 100644 index 00000000..cc943342 --- /dev/null +++ b/zokrates_cli/examples/TestStdlib/hashes/sha256/test512bit.code @@ -0,0 +1,11 @@ +import "hashes/sha256/512bit.code" as sha256 +def main() -> (field): + +field[256] a = [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0] +field[256] b = [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 1] + +field[256] digest = sha256(a, b) + +digest == [0 ,0 ,0 ,1 ,1 ,1 ,1 ,1 ,0 ,0 ,1 ,1 ,1 ,0 ,1 ,1 ,1 ,0 ,0 ,0 ,1 ,0 ,1 ,1 ,1 ,0 ,0 ,1 ,1 ,0 ,0 ,0 ,1 ,1 ,0 ,0 ,0 ,0 ,1 ,0 ,0 ,0 ,0 ,1 ,1 ,1 ,1 ,0 ,1 ,0 ,1 ,1 ,1 ,0 ,0 ,0 ,1 ,0 ,0 ,1 ,0 ,1 ,0 ,0 ,0 ,0 ,1 ,1 ,1 ,1 ,0 ,0 ,1 ,0 ,0 ,0 ,1 ,1 ,1 ,0 ,1 ,1 ,1 ,0 ,0 ,0 ,1 ,1 ,0 ,0 ,1 ,1 ,0 ,0 ,1 ,0 ,0 ,0 ,1 ,0 ,1 ,1 ,0 ,0 ,0 ,0 ,0 ,1 ,0 ,1 ,0 ,0 ,0 ,0 ,0 ,1 ,0 ,1 ,0 ,0 ,1 ,0 ,1 ,1 ,0 ,1 ,1 ,0 ,0 ,0 ,0 ,1 ,0 ,0 ,0 ,0 ,0 ,1 ,0 ,1 ,0 ,1 ,0 ,1 ,0 ,1 ,1 ,0 ,0 ,0 ,1 ,0 ,0 ,1 ,1 ,0 ,0 ,0 ,0 ,1 ,0 ,1 ,0 ,0 ,1 ,1 ,1 ,0 ,0 ,1 ,1 ,1 ,0 ,0 ,1 ,1 ,1 ,0 ,0 ,0 ,1 ,1 ,1 ,1 ,0 ,0 ,1 ,1 ,0 ,1 ,0 ,1 ,1 ,1 ,1 ,0 ,1 ,1 ,1 ,1 ,0 ,0 ,0 ,1 ,0 ,0 ,1 ,1 ,1 ,0 ,1 ,0 ,0 ,0 ,0 ,0 ,0 ,1 ,1 ,1 ,1 ,0 ,1 ,1 ,1 ,1 ,1 ,0 ,1 ,0 ,1 ,0 ,1 ,1 ,0 ,0 ,1 ,1 ,0 ,0 ,0 ,0 ,1 ,1 ,1 ,1 ,0 ,1 ,0 ,0 ,1 ,0 ,1 ,1 ,0 ,1] + +return 1 \ No newline at end of file diff --git a/zokrates_cli/examples/TestStdlib/hashes/sha256/test512bitPacked.code b/zokrates_cli/examples/TestStdlib/hashes/sha256/test512bitPacked.code new file mode 100644 index 00000000..2baf6af9 --- /dev/null +++ b/zokrates_cli/examples/TestStdlib/hashes/sha256/test512bitPacked.code @@ -0,0 +1,14 @@ +import "hashes/sha256/512bitPacked.code" as sha256packed +def main() -> (field): + + field a = 0 + field b = 0 + field c = 0 + field d = 5 + + h = sha256packed([a, b, c, d]) + + h[0] == 263561599766550617289250058199814760685 + h[1] == 65303172752238645975888084098459749904 + + return 1 \ No newline at end of file diff --git a/zokrates_cli/examples/TestStdlib/hashes/sha256/test512bitPadded.code b/zokrates_cli/examples/TestStdlib/hashes/sha256/test512bitPadded.code new file mode 100644 index 00000000..3c6f2939 --- /dev/null +++ b/zokrates_cli/examples/TestStdlib/hashes/sha256/test512bitPadded.code @@ -0,0 +1,11 @@ +import "hashes/sha256/512bitPadded.code" as sha256 +def main() -> (field): + + field[256] a = [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0] + field[256] b = [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 1] + + field[256] digest = sha256(a, b) + + digest == [1 ,1 ,0 ,0 ,0 ,1 ,1 ,0 ,0 ,1 ,0 ,0 ,1 ,0 ,0 ,0 ,0 ,0 ,0 ,1 ,1 ,1 ,1 ,0 ,0 ,0 ,1 ,0 ,0 ,0 ,1 ,0 ,1 ,1 ,0 ,0 ,0 ,1 ,0 ,1 ,1 ,1 ,1 ,1 ,1 ,1 ,1 ,1 ,0 ,1 ,0 ,0 ,0 ,0 ,0 ,1 ,0 ,1 ,1 ,0 ,0 ,1 ,0 ,0 ,1 ,0 ,1 ,0 ,1 ,1 ,1 ,1 ,0 ,1 ,1 ,0 ,1 ,0 ,0 ,0 ,0 ,0 ,0 ,0 ,1 ,0 ,1 ,1 ,1 ,0 ,0 ,0 ,1 ,1 ,0 ,0 ,1 ,1 ,1 ,1 ,1 ,0 ,1 ,0 ,1 ,0 ,1 ,0 ,0 ,1 ,0 ,1 ,1 ,1 ,1 ,0 ,1 ,0 ,0 ,0 ,1 ,1 ,1 ,0 ,1 ,1 ,0 ,1 ,0 ,0 ,1 ,1 ,0 ,0 ,0 ,1 ,0 ,0 ,1 ,0 ,0 ,0 ,0 ,0 ,1 ,1 ,1 ,0 ,1 ,1 ,1 ,0 ,1 ,1 ,1 ,1 ,1 ,1 ,1 ,1 ,1 ,0 ,0 ,0 ,1 ,0 ,0 ,1 ,1 ,1 ,0 ,0 ,0 ,1 ,0 ,0 ,1 ,1 ,1 ,1 ,0 ,0 ,1 ,1 ,0 ,0 ,0 ,0 ,0 ,1 ,1 ,1 ,1 ,1 ,0 ,0 ,0 ,1 ,0 ,0 ,1 ,0 ,1 ,0 ,0 ,1 ,1 ,0 ,1 ,1 ,1 ,1 ,1 ,0 ,1 ,0 ,1 ,0 ,1 ,0 ,1 ,0 ,1 ,0 ,1 ,1 ,1 ,0 ,0 ,0 ,0 ,0 ,0 ,1 ,0 ,1 ,1 ,0 ,0 ,1 ,1 ,1 ,0 ,0 ,1 ,1 ,1 ,0 ,0 ,0 ,0 ,1 ,0 ,0 ,0 ,0] + + return 1 \ No newline at end of file diff --git a/stdlib/merkle_tree/sha256_path_proof.code.test b/zokrates_cli/examples/TestStdlib/merkleTree/testsha256PathProof.code similarity index 94% rename from stdlib/merkle_tree/sha256_path_proof.code.test rename to zokrates_cli/examples/TestStdlib/merkleTree/testsha256PathProof.code index 7eed2013..8350d85d 100644 --- a/stdlib/merkle_tree/sha256_path_proof.code.test +++ b/zokrates_cli/examples/TestStdlib/merkleTree/testsha256PathProof.code @@ -1,6 +1,5 @@ -import "./sha256_path_proof.code" as merkle_tree_proof - -field main () -> (field): +import "merkleTree/sha256PathProof.code" as merkleTreeProof +def main() -> (field): field treeDepth = 3 field[256] rootDigest = [1 ,1 ,1 ,1 ,1 ,0 ,1 ,1 ,1 ,1 ,0 ,1 ,1 ,0 ,0 ,0 ,0 ,1 ,0 ,1 ,1 ,0 ,1 ,1 ,0 ,1 ,1 ,1 ,1 ,1 ,0 ,1 ,1 ,1 ,1 ,1 ,1 ,1 ,1 ,0 ,1 ,1 ,1 ,1 ,0 ,0 ,1 ,1 ,1 ,1 ,0 ,0 ,1 ,0 ,1 ,0 ,1 ,0 ,0 ,1 ,1 ,0 ,0 ,0 ,1 ,1 ,0 ,1 ,0 ,1 ,1 ,0 ,1 ,0 ,1 ,1 ,0 ,0 ,0 ,1 ,1 ,1 ,1 ,1 ,1 ,1 ,0 ,0 ,0 ,0 ,0 ,1 ,1 ,1 ,1 ,1 ,1 ,1 ,1 ,1 ,0 ,1 ,1 ,1 ,1 ,1 ,0 ,1 ,1 ,1 ,0 ,1 ,1 ,0 ,0 ,0 ,0 ,1 ,0 ,0 ,1 ,1 ,0 ,0 ,0 ,0 ,0 ,1 ,0 ,1 ,1 ,1 ,1 ,0 ,0 ,0 ,0 ,0 ,0 ,1 ,1 ,1 ,0 ,1 ,0 ,0 ,0 ,0 ,0 ,1 ,0 ,0 ,1 ,0 ,0 ,1 ,0 ,1 ,1 ,1 ,0 ,1 ,0 ,1 ,0 ,0 ,0 ,0 ,1 ,0 ,1 ,1 ,0 ,1 ,1 ,1 ,1 ,1 ,0 ,0 ,0 ,1 ,1 ,0 ,1 ,0 ,1 ,1 ,0 ,0 ,0 ,1 ,0 ,0 ,0 ,1 ,0 ,0 ,1 ,0 ,1 ,1 ,1 ,1 ,1 ,1 ,1 ,0 ,1 ,0 ,1 ,1 ,0 ,0 ,0 ,0 ,1 ,0 ,0 ,0 ,0 ,0 ,0 ,0 ,0 ,0 ,0 ,1 ,1 ,1 ,1 ,1 ,0 ,0 ,1 ,0 ,0 ,1 ,1 ,0 ,0 ,1 ,0 ,0 ,0 ,0 ,0 ,1 ,0 ,1 ,1 ,1 ,1 ,1 ,1 ,0] @@ -9,6 +8,6 @@ field main () -> (field): field[256] PathDigest0 = [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 1] field[256] PathDigest1 = [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 1] - result = merkle_tree_proof(treeDepth,rootDigest,leafDigest,directionSelector,PathDigest0,PathDigest1) - + field out = merkleTreeProof(treeDepth,rootDigest,leafDigest,directionSelector,PathDigest0,PathDigest1) + return 1 \ No newline at end of file diff --git a/stdlib/utils/multiplexer/2bit.code.test b/zokrates_cli/examples/TestStdlib/utils/multiplexer/test2bit.code similarity index 61% rename from stdlib/utils/multiplexer/2bit.code.test rename to zokrates_cli/examples/TestStdlib/utils/multiplexer/test2bit.code index 4d26a634..7a720e60 100644 --- a/stdlib/utils/multiplexer/2bit.code.test +++ b/zokrates_cli/examples/TestStdlib/utils/multiplexer/test2bit.code @@ -1,5 +1,4 @@ -import "./2bit.code" as multiplex - +import "utils/multiplexer/2bit.code" as multiplex def main() -> (field[2]): field bit = 1 @@ -8,6 +7,6 @@ def main() -> (field[2]): field[2] a = [0, 1] field[2] b = [1, 0] - output = multiplex(bit, a, b) + output == multiplex(bit, a, b) return output \ No newline at end of file diff --git a/zokrates_cli/examples/book/hashexample.code b/zokrates_cli/examples/book/hashexample.code index fc7a2572..94cc3d88 100644 --- a/zokrates_cli/examples/book/hashexample.code +++ b/zokrates_cli/examples/book/hashexample.code @@ -1,5 +1,5 @@ -import "LIBSNARK/sha256packed" +import "hashes/sha256/512bitPacked.code" as sha256packed -def main(private field a, private field b, private field c, private field d) -> (field, field): - h0, h1 = sha256packed(a, b, c, d) - return h0, h1 \ No newline at end of file +def main(private field a, private field b, private field c, private field d) -> (field[2]): + h = sha256packed([a, b, c, d]) + return h \ No newline at end of file diff --git a/zokrates_cli/examples/book/hashexample_updated.code b/zokrates_cli/examples/book/hashexample_updated.code index 63f9f36c..e396cb1e 100644 --- a/zokrates_cli/examples/book/hashexample_updated.code +++ b/zokrates_cli/examples/book/hashexample_updated.code @@ -1,7 +1,7 @@ -import "LIBSNARK/sha256packed" +import "hashes/sha256/512bitPacked.code" as sha256packed def main(private field a, private field b, private field c, private field d) -> (field): - h0, h1 = sha256packed(a, b, c, d) - h0 == 263561599766550617289250058199814760685 - h1 == 65303172752238645975888084098459749904 + h = sha256packed([a, b, c, d]) + h[0] == 263561599766550617289250058199814760685 + h[1] == 65303172752238645975888084098459749904 return 1 \ No newline at end of file diff --git a/zokrates_cli/examples/sha256/binary/not.code b/zokrates_cli/examples/sha256/binary/not.code deleted file mode 100644 index d34397fa..00000000 --- a/zokrates_cli/examples/sha256/binary/not.code +++ /dev/null @@ -1,3 +0,0 @@ -// NOT -def main(field x) -> (field): - return 1 - x \ No newline at end of file From 178572bbfe0b26ff29030f187d27fcd602b1e71f Mon Sep 17 00:00:00 2001 From: sdeml Date: Thu, 24 Jan 2019 17:20:31 +0100 Subject: [PATCH 22/30] set ENV ZOKRATES_HOME for circleci --- .circleci/config.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.circleci/config.yml b/.circleci/config.yml index 7b8f4e07..356236c7 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -21,6 +21,9 @@ jobs: - run: name: Download wasm32 target command: rustup target add wasm32-unknown-unknown + - run: + name: Set ZOKRATES_HOME + command: export ZOKRATES_HOME=$HOME/zokrates/.zokrates - run: name: Build libsnark command: LIBSNARK_SOURCE_PATH=$HOME/libsnark ./build_libsnark.sh From 6f163bcdb6ae52cfceb203c9400123897d9b0238 Mon Sep 17 00:00:00 2001 From: sdeml Date: Thu, 24 Jan 2019 17:38:32 +0100 Subject: [PATCH 23/30] fix tests --- .circleci/config.yml | 6 +++--- zokrates_cli/examples/sha256/utils/32/add.code | 2 +- zokrates_cli/examples/sha256/utils/32/ar17xar19xars10.code | 2 +- zokrates_cli/examples/sha256/utils/32/ar2xar13xar22.code | 2 +- zokrates_cli/examples/sha256/utils/32/ar6xar11xar25.code | 2 +- zokrates_cli/examples/sha256/utils/32/ar7xar18xars3.code | 2 +- .../examples/sha256/utils/32/compression_round.code | 4 ++-- 7 files changed, 10 insertions(+), 10 deletions(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index 356236c7..4e727710 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -21,15 +21,15 @@ jobs: - run: name: Download wasm32 target command: rustup target add wasm32-unknown-unknown - - run: - name: Set ZOKRATES_HOME - command: export ZOKRATES_HOME=$HOME/zokrates/.zokrates - run: name: Build libsnark command: LIBSNARK_SOURCE_PATH=$HOME/libsnark ./build_libsnark.sh - run: name: Build command: WITH_LIBSNARK=1 LIBSNARK_SOURCE_PATH=$HOME/libsnark RUSTFLAGS="-D warnings" ./build.sh + - run: + name: Set ZOKRATES_HOME + command: export ZOKRATES_HOME=$(pwd)/stdlib/ - run: name: Run tests command: WITH_LIBSNARK=1 LIBSNARK_SOURCE_PATH=$HOME/libsnark RUSTFLAGS="-D warnings" cargo test --release -- --test-threads=1 diff --git a/zokrates_cli/examples/sha256/utils/32/add.code b/zokrates_cli/examples/sha256/utils/32/add.code index 50fbde59..26ee3ffe 100644 --- a/zokrates_cli/examples/sha256/utils/32/add.code +++ b/zokrates_cli/examples/sha256/utils/32/add.code @@ -1,6 +1,6 @@ // ADD -import "./../../binary/fulladd.code" as FULLADD +import "utils/binary/fulladd.code" as FULLADD def main(field[32] b, field[32] c) -> (field[32]): field[33] car = [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0] diff --git a/zokrates_cli/examples/sha256/utils/32/ar17xar19xars10.code b/zokrates_cli/examples/sha256/utils/32/ar17xar19xars10.code index 7a799892..e5cf428e 100644 --- a/zokrates_cli/examples/sha256/utils/32/ar17xar19xars10.code +++ b/zokrates_cli/examples/sha256/utils/32/ar17xar19xars10.code @@ -1,6 +1,6 @@ // AR17XAR19XAR10 -import "./../../bitwise/32/xor.code" as XOR +import "utils/bitwise/32/xor.code" as XOR def RR17(field[32] b) -> (field[32]): return [b[15], b[16], b[17], b[18], b[19], b[20], b[21], b[22], b[23], b[24], b[25], b[26], b[27], b[28], b[29], b[30], b[31], b[0], b[1], b[2], b[3], b[4], b[5], b[6], b[7], b[8], b[9], b[10], b[11], b[12], b[13], b[14]] diff --git a/zokrates_cli/examples/sha256/utils/32/ar2xar13xar22.code b/zokrates_cli/examples/sha256/utils/32/ar2xar13xar22.code index 82735b30..c8b95580 100644 --- a/zokrates_cli/examples/sha256/utils/32/ar2xar13xar22.code +++ b/zokrates_cli/examples/sha256/utils/32/ar2xar13xar22.code @@ -1,6 +1,6 @@ // AR2XAR13XAR22 -import "./../../bitwise/32/xor.code" as XOR +import "utils/bitwise/32/xor.code" as XOR def RR2(field[32] b) -> (field[32]): return [b[30], b[31], b[0], b[1], b[2], b[3], b[4], b[5], b[6], b[7], b[8], b[9], b[10], b[11], b[12], b[13], b[14], b[15], b[16], b[17], b[18], b[19], b[20], b[21], b[22], b[23], b[24], b[25], b[26], b[27], b[28], b[29]] diff --git a/zokrates_cli/examples/sha256/utils/32/ar6xar11xar25.code b/zokrates_cli/examples/sha256/utils/32/ar6xar11xar25.code index 7eae3d28..2c3aa50d 100644 --- a/zokrates_cli/examples/sha256/utils/32/ar6xar11xar25.code +++ b/zokrates_cli/examples/sha256/utils/32/ar6xar11xar25.code @@ -1,6 +1,6 @@ // AR6XAR11XAR25 -import "./../../bitwise/32/xor.code" as XOR +import "utils/bitwise/32/xor.code" as XOR def RR6(field[32] b) -> (field[32]): return [b[26], b[27], b[28], b[29], b[30], b[31], b[0], b[1], b[2], b[3], b[4], b[5], b[6], b[7], b[8], b[9], b[10], b[11], b[12], b[13], b[14], b[15], b[16], b[17], b[18], b[19], b[20], b[21], b[22], b[23], b[24], b[25]] diff --git a/zokrates_cli/examples/sha256/utils/32/ar7xar18xars3.code b/zokrates_cli/examples/sha256/utils/32/ar7xar18xars3.code index e86e590c..99a27760 100644 --- a/zokrates_cli/examples/sha256/utils/32/ar7xar18xars3.code +++ b/zokrates_cli/examples/sha256/utils/32/ar7xar18xars3.code @@ -1,6 +1,6 @@ // AR7XAR18XAR3 -import "./../../bitwise/32/xor.code" as XOR +import "utils/bitwise/32/xor.code" as XOR def RR7(field[32] b) -> (field[32]): return [b[25], b[26], b[27], b[28], b[29], b[30], b[31], b[0], b[1], b[2], b[3], b[4], b[5], b[6], b[7], b[8], b[9], b[10], b[11], b[12], b[13], b[14], b[15], b[16], b[17], b[18], b[19], b[20], b[21], b[22], b[23], b[24]] diff --git a/zokrates_cli/examples/sha256/utils/32/compression_round.code b/zokrates_cli/examples/sha256/utils/32/compression_round.code index 762871b9..a933de3d 100644 --- a/zokrates_cli/examples/sha256/utils/32/compression_round.code +++ b/zokrates_cli/examples/sha256/utils/32/compression_round.code @@ -2,8 +2,8 @@ import "./ar6xar11xar25.code" as AR6XAR11XAR25 import "./ar2xar13xar22.code" as AR2XAR13XAR22 -import "./../../bitwise/32/andxornotand.code" as ANDXORNOTAND -import "./../../bitwise/32/andxorandxorand.code" as ANDXORANDXORAND +import "utils/bitwise/32/andxornotand.code" as ANDXORNOTAND +import "utils/bitwise/32/andxorandxorand.code" as ANDXORANDXORAND import "./add.code" as ADD2 def ADD5(field[32] a, field[32] b, field[32] c, field[32] d, field[32] e) -> (field[32]): From 2b80b6ccd0c2e385a08c53774375792dca46acf9 Mon Sep 17 00:00:00 2001 From: sdeml Date: Thu, 24 Jan 2019 18:09:29 +0100 Subject: [PATCH 24/30] fix circleci --- .circleci/config.yml | 9 +++------ 1 file changed, 3 insertions(+), 6 deletions(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index 4e727710..d03d7c61 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -27,18 +27,15 @@ jobs: - run: name: Build command: WITH_LIBSNARK=1 LIBSNARK_SOURCE_PATH=$HOME/libsnark RUSTFLAGS="-D warnings" ./build.sh - - run: - name: Set ZOKRATES_HOME - command: export ZOKRATES_HOME=$(pwd)/stdlib/ - run: name: Run tests - command: WITH_LIBSNARK=1 LIBSNARK_SOURCE_PATH=$HOME/libsnark RUSTFLAGS="-D warnings" cargo test --release -- --test-threads=1 + command: ZOKRATES_HOME=$HOME/ZoKrates/stdlib WITH_LIBSNARK=1 LIBSNARK_SOURCE_PATH=$HOME/libsnark RUSTFLAGS="-D warnings" cargo test --release -- --test-threads=1 - run: name: Run tests with WASM enabled - command: cd zokrates_core && cargo test --release --features wasm -- --test-threads=1 + command: ZOKRATES_HOME=$HOME/ZoKrates/stdlib cd zokrates_core && cargo test --release --features wasm -- --test-threads=1 - run: name: Run integration tests - command: WITH_LIBSNARK=1 LIBSNARK_SOURCE_PATH=$HOME/libsnark RUSTFLAGS="-D warnings" cargo test --release -- --ignored + command: ZOKRATES_HOME=$HOME/ZoKrates/stdlib/ WITH_LIBSNARK=1 LIBSNARK_SOURCE_PATH=$HOME/libsnark RUSTFLAGS="-D warnings" cargo test --release -- --ignored - run: name: Generate code coverage report command: ./scripts/cov.sh From 3de75f9a3a0c9d5e0c0cc86f8f2ae1a26c3098f3 Mon Sep 17 00:00:00 2001 From: sdeml Date: Thu, 24 Jan 2019 19:52:59 +0100 Subject: [PATCH 25/30] fix ZOKRATES_HOME path --- .circleci/config.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index d03d7c61..638186f1 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -29,13 +29,13 @@ jobs: command: WITH_LIBSNARK=1 LIBSNARK_SOURCE_PATH=$HOME/libsnark RUSTFLAGS="-D warnings" ./build.sh - run: name: Run tests - command: ZOKRATES_HOME=$HOME/ZoKrates/stdlib WITH_LIBSNARK=1 LIBSNARK_SOURCE_PATH=$HOME/libsnark RUSTFLAGS="-D warnings" cargo test --release -- --test-threads=1 + command: ZOKRATES_HOME=$(pwd)/stdlib/ WITH_LIBSNARK=1 LIBSNARK_SOURCE_PATH=$HOME/libsnark RUSTFLAGS="-D warnings" cargo test --release -- --test-threads=1 - run: name: Run tests with WASM enabled - command: ZOKRATES_HOME=$HOME/ZoKrates/stdlib cd zokrates_core && cargo test --release --features wasm -- --test-threads=1 + command: ZOKRATES_HOME=$(pwd)/stdlib/ cd zokrates_core && cargo test --release --features wasm -- --test-threads=1 - run: name: Run integration tests - command: ZOKRATES_HOME=$HOME/ZoKrates/stdlib/ WITH_LIBSNARK=1 LIBSNARK_SOURCE_PATH=$HOME/libsnark RUSTFLAGS="-D warnings" cargo test --release -- --ignored + command: ZOKRATES_HOME=$(pwd)/stdlib/ WITH_LIBSNARK=1 LIBSNARK_SOURCE_PATH=$HOME/libsnark RUSTFLAGS="-D warnings" cargo test --release -- --ignored - run: name: Generate code coverage report command: ./scripts/cov.sh From 277be7e6b9840e9e72c15c907ad0f87a6b375d45 Mon Sep 17 00:00:00 2001 From: sdeml Date: Thu, 24 Jan 2019 21:58:33 +0100 Subject: [PATCH 26/30] clear cache --- .circleci/config.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index 638186f1..b88418ec 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -14,7 +14,7 @@ jobs: command: cargo generate-lockfile - restore_cache: keys: - - v4-cargo-cache-{{ arch }}-{{ checksum "Cargo.lock" }} + - v5-cargo-cache-{{ arch }}-{{ checksum "Cargo.lock" }} - run: name: Check format command: rustup component add rustfmt-preview; cargo fmt --all -- --check @@ -48,4 +48,4 @@ jobs: - target/debug/.fingerprint - target/debug/build - target/debug/deps - key: v4-cargo-cache-{{ arch }}-{{ checksum "Cargo.lock" }} + key: v5-cargo-cache-{{ arch }}-{{ checksum "Cargo.lock" }} From d604faea370baf9e168665c08b0cd5c24426b6eb Mon Sep 17 00:00:00 2001 From: schaeff Date: Thu, 24 Jan 2019 22:28:48 +0100 Subject: [PATCH 27/30] rename NOT.code to not.code (yeah macos, I'm looking at you) --- stdlib/utils/binary/{NOT.code => not.code} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename stdlib/utils/binary/{NOT.code => not.code} (100%) diff --git a/stdlib/utils/binary/NOT.code b/stdlib/utils/binary/not.code similarity index 100% rename from stdlib/utils/binary/NOT.code rename to stdlib/utils/binary/not.code From 94f855ede8907706b2a7a50d7de96e8910b67555 Mon Sep 17 00:00:00 2001 From: sdeml Date: Thu, 31 Jan 2019 13:29:16 +0100 Subject: [PATCH 28/30] fix PR comments --- stdlib/hashes/sha256/1024bit.code | 2 +- stdlib/hashes/sha256/1536bit.code | 2 +- stdlib/hashes/sha256/512bit.code | 2 +- stdlib/hashes/sha256/512bitPadded.code | 2 +- .../{shaRound.code => shaRoundNoBoolCheck.code} | 6 ++---- ...a256PathProof.code => sha256PathProof3.code} | 0 stdlib/utils/binary/andxornotand.code | 8 -------- stdlib/utils/bitwise/32/copy.code | 4 ---- stdlib/utils/multiplexer/256bit.code | 2 -- stdlib/utils/multiplexer/2bit.code | 2 -- zokrates_book/src/concepts/imports.md | 5 +++-- zokrates_book/src/concepts/stdlib.md | 4 ++-- zokrates_book/src/sha256example.md | 2 +- zokrates_cli/Cargo.toml | 1 - .../hashes/sha256/test512bitPacked.code | 17 +++++++++++++++++ ...PathProof.code => testsha256PathProof3.code} | 2 +- .../sha256}/binary/andxorandxorand.code | 4 ++-- .../examples/sha256/binary/andxornotand.code | 8 ++++++++ .../examples/sha256}/binary/fulladd.code | 2 +- .../examples/sha256}/binary/halfadd.code | 4 ++-- .../examples/sha256}/bitwise/32/and.code | 2 +- .../sha256}/bitwise/32/andxorandxorand.code | 0 .../sha256}/bitwise/32/andxornotand.code | 0 .../examples/sha256}/bitwise/32/not.code | 2 +- .../examples/sha256}/bitwise/32/xor.code | 2 +- zokrates_cli/examples/sha256/utils/32/add.code | 2 +- .../sha256/utils/32/ar17xar19xars10.code | 2 +- .../examples/sha256/utils/32/ar2xar13xar22.code | 2 +- .../examples/sha256/utils/32/ar6xar11xar25.code | 2 +- .../examples/sha256/utils/32/ar7xar18xars3.code | 2 +- .../sha256/utils/32/compression_round.code | 4 ++-- 31 files changed, 53 insertions(+), 46 deletions(-) rename stdlib/hashes/sha256/{shaRound.code => shaRoundNoBoolCheck.code} (98%) rename stdlib/merkleTree/{sha256PathProof.code => sha256PathProof3.code} (100%) delete mode 100644 stdlib/utils/binary/andxornotand.code delete mode 100644 stdlib/utils/bitwise/32/copy.code rename zokrates_cli/examples/TestStdlib/merkleTree/{testsha256PathProof.code => testsha256PathProof3.code} (98%) rename {stdlib/utils => zokrates_cli/examples/sha256}/binary/andxorandxorand.code (60%) create mode 100644 zokrates_cli/examples/sha256/binary/andxornotand.code rename {stdlib/utils => zokrates_cli/examples/sha256}/binary/fulladd.code (85%) rename {stdlib/utils => zokrates_cli/examples/sha256}/binary/halfadd.code (53%) rename {stdlib/utils => zokrates_cli/examples/sha256}/bitwise/32/and.code (86%) rename {stdlib/utils => zokrates_cli/examples/sha256}/bitwise/32/andxorandxorand.code (100%) rename {stdlib/utils => zokrates_cli/examples/sha256}/bitwise/32/andxornotand.code (100%) rename {stdlib/utils => zokrates_cli/examples/sha256}/bitwise/32/not.code (85%) rename {stdlib/utils => zokrates_cli/examples/sha256}/bitwise/32/xor.code (86%) diff --git a/stdlib/hashes/sha256/1024bit.code b/stdlib/hashes/sha256/1024bit.code index 0eff3f1e..49b48007 100644 --- a/stdlib/hashes/sha256/1024bit.code +++ b/stdlib/hashes/sha256/1024bit.code @@ -1,5 +1,5 @@ import "./IVconstants.code" as IVconstants -import "./shaRound.code" as sha256 +import "./shaRoundNoBoolCheck.code" as sha256 // A function that takes 4 field[256] arrays as inputs // and applies 2 rounds of sha256 compression. diff --git a/stdlib/hashes/sha256/1536bit.code b/stdlib/hashes/sha256/1536bit.code index a1e2fd2c..176b4c99 100644 --- a/stdlib/hashes/sha256/1536bit.code +++ b/stdlib/hashes/sha256/1536bit.code @@ -1,5 +1,5 @@ import "./IVconstants.code" as IVconstants -import "./shaRound.code" as sha256 +import "./shaRoundNoBoolCheck.code" as sha256 // A function that takes 6 field[256] arrays as inputs // and applies 3 rounds of sha256 compression. diff --git a/stdlib/hashes/sha256/512bit.code b/stdlib/hashes/sha256/512bit.code index 831d6f67..1b54b001 100644 --- a/stdlib/hashes/sha256/512bit.code +++ b/stdlib/hashes/sha256/512bit.code @@ -1,5 +1,5 @@ import "./IVconstants.code" as IVconstants -import "./shaRound.code" as sha256 +import "./shaRoundNoBoolCheck.code" as sha256 // A function that takes 2 field[256] arrays as inputs // and returns their sha256 compression function as an array of 256 field elements. diff --git a/stdlib/hashes/sha256/512bitPadded.code b/stdlib/hashes/sha256/512bitPadded.code index 732ad427..da271974 100644 --- a/stdlib/hashes/sha256/512bitPadded.code +++ b/stdlib/hashes/sha256/512bitPadded.code @@ -1,7 +1,7 @@ import "./1024bit.code" as sha256 // A function that takes 2 field[256] arrays as inputs -// and returns their sha256 compression function as an array of 256 field elements. +// and returns their sha256 full round output as an array of 256 field elements. def main(field[256] a, field[256] b) -> (field[256]): // Hash is computed on the full 512bit block size diff --git a/stdlib/hashes/sha256/shaRound.code b/stdlib/hashes/sha256/shaRoundNoBoolCheck.code similarity index 98% rename from stdlib/hashes/sha256/shaRound.code rename to stdlib/hashes/sha256/shaRoundNoBoolCheck.code index a2ee2351..a622390c 100644 --- a/stdlib/hashes/sha256/shaRound.code +++ b/stdlib/hashes/sha256/shaRoundNoBoolCheck.code @@ -1,10 +1,8 @@ import "LIBSNARK/sha256round" as sha256 - +// a and b is NOT checked to be of type bool +// IV vector is checked to be of type bool def main(field[256] a, field[256] b, field[256] IV) -> (field[256]): - // a and b is NOT checked to be of type bool - // IV vector is checked to be of type bool - o255, o254, o253, o252, o251, o250, o249, o248, o247, o246, o245, o244, o243, o242, o241, o240, o239, o238, o237, o236, o235, o234, o233, o232, o231, o230, o229, o228, o227, o226, o225, o224, o223, o222, o221, o220, o219, o218, o217, o216, o215, o214, o213, o212, o211, o210, o209, o208, o207, o206, o205, o204, o203, o202, o201, o200, o199, o198, o197, o196, o195, o194, o193, o192, o191, o190, o189, o188, o187, o186, o185, o184, o183, o182, o181, o180, o179, o178, o177, o176, o175, o174, o173, o172, o171, o170, o169, o168, o167, o166, o165, o164, o163, o162, o161, o160, o159, o158, o157, o156, o155, o154, o153, o152, o151, o150, o149, o148, o147, o146, o145, o144, o143, o142, o141, o140, o139, o138, o137, o136, o135, o134, o133, o132, o131, o130, o129, o128, o127, o126, o125, o124, o123, o122, o121, o120, o119, o118, o117, o116, o115, o114, o113, o112, o111, o110, o109, o108, o107, o106,o105, o104, o103, o102, o101, o100, o99, o98, o97, o96, o95, o94, o93, o92, o91, o90, o89, o88, o87, o86, o85, o84, o83, o82, o81, o80, o79, o78, o77, o76, o75, o74, o73, o72, o71, o70, o69, o68, o67, o66, o65, o64, o63, o62, o61, o60, o59, o58, o57, o56, o55, o54, o53, o52, o51, o50, o49, o48, o47, o46, o45, o44, o43, o42, o41, o40, o39, o38, o37, o36, o35, o34, o33, o32, o31, o30, o29, o28, o27, o26, o25, o24, o23, o22, o21, o20, o19, o18, o17, o16, o15, o14, o13, o12, o11, o10, o9, o8, o7, o6, o5, o4, o3, o2, o1, o0 = sha256(a[0], a[1], a[2], a[3], a[4], a[5], a[6], a[7], a[8], a[9], a[10], a[11], a[12], a[13], a[14], a[15], a[16], a[17], a[18], a[19], a[20], a[21], a[22], a[23], a[24], a[25], a[26], a[27], a[28], a[29], a[30], a[31], a[32], a[33], a[34], a[35], a[36], a[37], a[38], a[39], a[40], a[41], a[42], a[43], a[44], a[45], a[46], a[47], a[48], a[49], a[50], a[51], a[52], a[53], a[54], a[55], a[56], a[57], a[58], a[59], a[60], a[61], a[62], a[63], a[64], a[65], a[66], a[67], a[68], a[69], a[70], a[71], a[72], a[73], a[74], a[75], a[76], a[77], a[78], a[79], a[80], a[81], a[82], a[83], a[84], a[85], a[86], a[87], a[88], a[89], a[90], a[91], a[92], a[93], a[94], a[95], a[96], a[97], a[98], a[99], a[100], a[101], a[102], a[103], a[104], a[105], a[106], a[107], a[108], a[109], a[110], a[111], a[112], a[113], a[114], a[115], a[116], a[117], a[118], a[119], a[120], a[121], a[122], a[123], a[124], a[125], a[126], a[127], a[128], a[129], a[130], a[131], a[132], a[133], a[134], a[135], a[136], a[137], a[138], a[139], a[140], a[141], a[142], a[143], a[144], a[145], a[146], a[147], a[148], a[149], a[150], a[151], a[152], a[153], a[154], a[155], a[156], a[157], a[158], a[159], a[160], a[161], a[162], a[163], a[164], a[165], a[166], a[167], a[168], a[169], a[170], a[171], a[172], a[173], a[174], a[175], a[176], a[177], a[178], a[179], a[180], a[181], a[182], a[183], a[184], a[185], a[186], a[187], a[188], a[189], a[190], a[191], a[192], a[193], a[194], a[195], a[196], a[197], a[198], a[199], a[200], a[201], a[202], a[203], a[204], a[205], a[206], a[207], a[208], a[209], a[210], a[211], a[212], a[213], a[214], a[215], a[216], a[217], a[218], a[219], a[220], a[221], a[222], a[223], a[224], a[225], a[226], a[227], a[228], a[229], a[230], a[231], a[232], a[233], a[234], a[235], a[236], a[237], a[238], a[239], a[240], a[241], a[242], a[243], a[244], a[245], a[246], a[247], a[248], a[249], a[250], a[251], a[252], a[253], a[254], a[255], b[0], b[1], b[2], b[3], b[4], b[5], b[6], b[7], b[8], b[9], b[10], b[11], b[12], b[13], b[14], b[15], b[16], b[17], b[18], b[19], b[20], b[21], b[22], b[23], b[24], b[25], b[26], b[27], b[28], b[29], b[30], b[31], b[32], b[33], b[34], b[35], b[36], b[37], b[38], b[39], b[40], b[41], b[42], b[43], b[44], b[45], b[46], b[47], b[48], b[49], b[50], b[51], b[52], b[53], b[54], b[55], b[56], b[57], b[58], b[59], b[60], b[61], b[62], b[63], b[64], b[65], b[66], b[67], b[68], b[69], b[70], b[71], b[72], b[73], b[74], b[75], b[76], b[77], b[78], b[79], b[80], b[81], b[82], b[83], b[84], b[85], b[86], b[87], b[88], b[89], b[90], b[91], b[92], b[93], b[94], b[95], b[96], b[97], b[98], b[99], b[100], b[101], b[102], b[103], b[104], b[105], b[106], b[107], b[108], b[109], b[110], b[111], b[112], b[113], b[114], b[115], b[116], b[117], b[118], b[119], b[120], b[121], b[122], b[123], b[124], b[125], b[126], b[127], b[128], b[129], b[130], b[131], b[132], b[133], b[134], b[135], b[136], b[137], b[138], b[139], b[140], b[141], b[142], b[143], b[144], b[145], b[146], b[147], b[148], b[149], b[150], b[151], b[152], b[153], b[154], b[155], b[156], b[157], b[158], b[159], b[160], b[161], b[162], b[163], b[164], b[165], b[166], b[167], b[168], b[169], b[170], b[171], b[172], b[173], b[174], b[175], b[176], b[177], b[178], b[179], b[180], b[181], b[182], b[183], b[184], b[185], b[186], b[187], b[188], b[189], b[190], b[191], b[192], b[193], b[194], b[195], b[196], b[197], b[198], b[199], b[200], b[201], b[202], b[203], b[204], b[205], b[206], b[207], b[208], b[209], b[210], b[211], b[212], b[213], b[214], b[215], b[216], b[217], b[218], b[219], b[220], b[221], b[222], b[223], b[224], b[225], b[226], b[227], b[228], b[229], b[230], b[231], b[232], b[233], b[234], b[235], b[236], b[237], b[238], b[239], b[240], b[241], b[242], b[243], b[244], b[245], b[246], b[247], b[248], b[249], b[250], b[251], b[252], b[253], b[254], b[255], IV[0], IV[1], IV[2], IV[3], IV[4], IV[5], IV[6], IV[7], IV[8], IV[9], IV[10], IV[11], IV[12], IV[13], IV[14], IV[15], IV[16], IV[17], IV[18], IV[19], IV[20], IV[21], IV[22], IV[23], IV[24], IV[25], IV[26], IV[27], IV[28], IV[29], IV[30], IV[31], IV[32], IV[33], IV[34], IV[35], IV[36], IV[37], IV[38], IV[39], IV[40], IV[41], IV[42], IV[43], IV[44], IV[45], IV[46], IV[47], IV[48], IV[49], IV[50], IV[51], IV[52], IV[53], IV[54], IV[55], IV[56], IV[57], IV[58], IV[59], IV[60], IV[61], IV[62], IV[63], IV[64], IV[65], IV[66], IV[67], IV[68], IV[69], IV[70], IV[71], IV[72], IV[73], IV[74], IV[75], IV[76], IV[77], IV[78], IV[79], IV[80], IV[81], IV[82], IV[83], IV[84], IV[85], IV[86], IV[87], IV[88], IV[89], IV[90], IV[91], IV[92], IV[93], IV[94], IV[95], IV[96], IV[97], IV[98], IV[99], IV[100], IV[101], IV[102], IV[103], IV[104], IV[105], IV[106], IV[107], IV[108], IV[109], IV[110], IV[111], IV[112], IV[113], IV[114], IV[115], IV[116], IV[117], IV[118], IV[119], IV[120], IV[121], IV[122], IV[123], IV[124], IV[125], IV[126], IV[127], IV[128], IV[129], IV[130], IV[131], IV[132], IV[133], IV[134], IV[135], IV[136], IV[137], IV[138], IV[139], IV[140], IV[141], IV[142], IV[143], IV[144], IV[145], IV[146], IV[147], IV[148], IV[149], IV[150], IV[151], IV[152], IV[153], IV[154], IV[155], IV[156], IV[157], IV[158], IV[159], IV[160], IV[161], IV[162], IV[163], IV[164], IV[165], IV[166], IV[167], IV[168], IV[169], IV[170], IV[171], IV[172], IV[173], IV[174], IV[175], IV[176], IV[177], IV[178], IV[179], IV[180], IV[181], IV[182], IV[183], IV[184], IV[185], IV[186], IV[187], IV[188], IV[189], IV[190], IV[191], IV[192], IV[193], IV[194], IV[195], IV[196], IV[197], IV[198], IV[199], IV[200], IV[201], IV[202], IV[203], IV[204], IV[205], IV[206], IV[207], IV[208], IV[209], IV[210], IV[211], IV[212], IV[213], IV[214], IV[215], IV[216], IV[217], IV[218], IV[219], IV[220], IV[221], IV[222], IV[223], IV[224], IV[225], IV[226], IV[227], IV[228], IV[229], IV[230], IV[231], IV[232], IV[233], IV[234], IV[235], IV[236], IV[237], IV[238], IV[239], IV[240], IV[241], IV[242], IV[243], IV[244], IV[245], IV[246], IV[247], IV[248], IV[249], IV[250], IV[251], IV[252], IV[253], IV[254], IV[255]) field[256] digest = [o255, o254, o253, o252, o251, o250, o249, o248, o247, o246, o245, o244, o243, o242, o241, o240, o239, o238, o237, o236, o235, o234, o233, o232, o231, o230, o229, o228, o227, o226, o225, o224, o223, o222, o221, o220, o219, o218, o217, o216, o215, o214, o213, o212, o211, o210, o209, o208, o207, o206, o205, o204, o203, o202, o201, o200, o199, o198, o197, o196, o195, o194, o193,o192, o191, o190, o189, o188, o187, o186, o185, o184, o183, o182, o181, o180, o179, o178, o177, o176, o175, o174, o173, o172, o171, o170, o169, o168, o167, o166, o165, o164, o163, o162, o161, o160, o159, o158, o157, o156, o155, o154, o153, o152, o151, o150, o149, o148, o147, o146, o145, o144, o143, o142, o141, o140, o139, o138, o137, o136, o135, o134, o133, o132, o131, o130, o129, o128, o127, o126, o125, o124, o123, o122, o121, o120, o119, o118, o117, o116, o115, o114, o113, o112, o111, o110, o109, o108, o107, o106, o105, o104, o103, o102, o101, o100, o99, o98, o97, o96, o95, o94, o93, o92, o91, o90, o89, o88, o87, o86, o85, o84, o83, o82, o81, o80, o79, o78, o77, o76, o75, o74, o73, o72, o71, o70, o69, o68, o67, o66, o65, o64, o63, o62, o61, o60, o59, o58, o57, o56, o55, o54, o53, o52, o51, o50, o49, o48, o47, o46, o45, o44, o43, o42, o41, o40, o39, o38, o37, o36, o35, o34, o33, o32, o31, o30, o29, o28, o27, o26, o25, o24, o23, o22, o21, o20, o19, o18, o17, o16, o15, o14, o13, o12, o11, o10, o9, o8, o7, o6, o5, o4, o3, o2, o1, o0] diff --git a/stdlib/merkleTree/sha256PathProof.code b/stdlib/merkleTree/sha256PathProof3.code similarity index 100% rename from stdlib/merkleTree/sha256PathProof.code rename to stdlib/merkleTree/sha256PathProof3.code diff --git a/stdlib/utils/binary/andxornotand.code b/stdlib/utils/binary/andxornotand.code deleted file mode 100644 index e1609fa1..00000000 --- a/stdlib/utils/binary/andxornotand.code +++ /dev/null @@ -1,8 +0,0 @@ -// ANDXORNOTAND - -import "./and.code" as AND -import "./xor.code" as XOR -import "./not.code" as NOT - -def main(field a, field b, field c) -> (field): - return XOR(AND(a, b), AND(NOT(a), c)) diff --git a/stdlib/utils/bitwise/32/copy.code b/stdlib/utils/bitwise/32/copy.code deleted file mode 100644 index aeae0669..00000000 --- a/stdlib/utils/bitwise/32/copy.code +++ /dev/null @@ -1,4 +0,0 @@ -// COPY - -def main(field[32] b) -> (field[32]): - return b diff --git a/stdlib/utils/multiplexer/256bit.code b/stdlib/utils/multiplexer/256bit.code index 0f74228b..faced036 100644 --- a/stdlib/utils/multiplexer/256bit.code +++ b/stdlib/utils/multiplexer/256bit.code @@ -3,9 +3,7 @@ def main(field selector, field[256] lhs, field[256] rhs) -> (field[256]): field[256] out = [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0] for field i in 0..256 do - out[i] = if selector == 0 then lhs[i] else rhs[i] fi - endfor return out \ No newline at end of file diff --git a/stdlib/utils/multiplexer/2bit.code b/stdlib/utils/multiplexer/2bit.code index 4d9dcfe8..09d4b5c6 100644 --- a/stdlib/utils/multiplexer/2bit.code +++ b/stdlib/utils/multiplexer/2bit.code @@ -3,9 +3,7 @@ def main(field selector, field[2] lhs, field[2] rhs) -> (field[2]): field[2] out = [0, 0] for field i in 0..2 do - out[i] = if selector == 0 then lhs[i] else rhs[i] fi - endfor return out \ No newline at end of file diff --git a/zokrates_book/src/concepts/imports.md b/zokrates_book/src/concepts/imports.md index 4d325036..a8e93b6d 100644 --- a/zokrates_book/src/concepts/imports.md +++ b/zokrates_book/src/concepts/imports.md @@ -16,7 +16,7 @@ import "../mycode.code" Also imports further up the file-system are supported: ```zokrates -import "./../../../mycode.code" +import "../../../mycode.code" ``` You can also choose to rename the imported resource, like so: @@ -26,4 +26,5 @@ import "./mycode.code" as abc ### Absolute Imports -Absolute imports don't start with `./` in the path and are used to import components from the ZoKrates standard library. Please check the according [section](./stdlib.html) for more details. +Absolute imports don't start with `./` or `../` in the path and are used to import components from the ZoKrates standard library. Please check the according [section](./stdlib.html) for more details. +` \ No newline at end of file diff --git a/zokrates_book/src/concepts/stdlib.md b/zokrates_book/src/concepts/stdlib.md index 7d75e146..98c6e1cb 100644 --- a/zokrates_book/src/concepts/stdlib.md +++ b/zokrates_book/src/concepts/stdlib.md @@ -1,6 +1,6 @@ ## Standard library -ZoKrates comes with a number of reusable components which are defined at `./stdlib/` in the ZoKrates root folder. The standard library is solely based on the ZoKrates DSL and can be easily extended. +ZoKrates comes with a number of reusable components which are defined at `./stdlib/` in the ZoKrates root repository. In order to import the standard library as described in the [imports](./imports.html) section the `$ZOKRATES_HOME` environment variable needs to be set to the `stdlib` folder. The standard library is solely based on the ZoKrates DSL and can be easily extended. The following section highlights a subset of available imports: @@ -33,7 +33,7 @@ A function that takes an array of 4 field elements as inputs, unpacks each of th ### Direct imports -Some components of the standard library can not be efficiently represented in the ZoKrates DSL language. Those functions are injected at compile-time and are available by default. +Some components of the standard library cannot yet be efficiently represented in the ZoKrates DSL language. Those functions are injected at compile-time and are available by default. #### pack128 diff --git a/zokrates_book/src/sha256example.md b/zokrates_book/src/sha256example.md index 8ab91956..8be38552 100644 --- a/zokrates_book/src/sha256example.md +++ b/zokrates_book/src/sha256example.md @@ -13,7 +13,7 @@ Make sure you have followed the instructions in the [Getting Started](gettingsta We will start this tutorial by using ZoKrates to compute the hash for an arbitrarily chosen preimage, being the number `5` in this example. -First, make sure that the `zokrates` binary is located in the `ZoKrates` directory. Then, we create a new file named `hashexample.code` with the following content: +First, we create a new file named `hashexample.code` with the following content: ```zokrates {{#include ../../zokrates_cli/examples/book/hashexample.code}} diff --git a/zokrates_cli/Cargo.toml b/zokrates_cli/Cargo.toml index 95011a70..89fec598 100644 --- a/zokrates_cli/Cargo.toml +++ b/zokrates_cli/Cargo.toml @@ -6,7 +6,6 @@ repository = "https://github.com/JacobEberhardt/ZoKrates.git" edition = "2018" [features] -# default = [] default = ["libsnark"] libsnark = ["zokrates_core/libsnark"] diff --git a/zokrates_cli/examples/TestStdlib/hashes/sha256/test512bitPacked.code b/zokrates_cli/examples/TestStdlib/hashes/sha256/test512bitPacked.code index 2baf6af9..569b44b7 100644 --- a/zokrates_cli/examples/TestStdlib/hashes/sha256/test512bitPacked.code +++ b/zokrates_cli/examples/TestStdlib/hashes/sha256/test512bitPacked.code @@ -1,3 +1,20 @@ +// Python code used to create test vector: +// import hashlib + +// preimage = bytes.fromhex('00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\ +// 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 05') + +// bin(int(preimage.hex(), 16)) +// # '0b101' + +// digest = hashlib.sha256(preimage).hexdigest() +// # digest = 'c6481e22c5ff4164af680b8cfaa5e8ed3120eeff89c4f307c4a6faaae059ce10' + +// int(digest[:32], 16) +// # 263561599766550617289250058199814760685 +// int(digest[32:], 16) +// # 65303172752238645975888084098459749904 + import "hashes/sha256/512bitPacked.code" as sha256packed def main() -> (field): diff --git a/zokrates_cli/examples/TestStdlib/merkleTree/testsha256PathProof.code b/zokrates_cli/examples/TestStdlib/merkleTree/testsha256PathProof3.code similarity index 98% rename from zokrates_cli/examples/TestStdlib/merkleTree/testsha256PathProof.code rename to zokrates_cli/examples/TestStdlib/merkleTree/testsha256PathProof3.code index 8350d85d..6c2389f0 100644 --- a/zokrates_cli/examples/TestStdlib/merkleTree/testsha256PathProof.code +++ b/zokrates_cli/examples/TestStdlib/merkleTree/testsha256PathProof3.code @@ -1,4 +1,4 @@ -import "merkleTree/sha256PathProof.code" as merkleTreeProof +import "merkleTree/sha256PathProof3.code" as merkleTreeProof def main() -> (field): field treeDepth = 3 diff --git a/stdlib/utils/binary/andxorandxorand.code b/zokrates_cli/examples/sha256/binary/andxorandxorand.code similarity index 60% rename from stdlib/utils/binary/andxorandxorand.code rename to zokrates_cli/examples/sha256/binary/andxorandxorand.code index 4375c498..1da72b7a 100644 --- a/stdlib/utils/binary/andxorandxorand.code +++ b/zokrates_cli/examples/sha256/binary/andxorandxorand.code @@ -1,7 +1,7 @@ // ANDXORANDXORAND -import "./xor.code" as XOR -import "./and.code" as AND +import "utils/binary/xor.code" as XOR +import "utils/binary/and.code" as AND def main(field a, field b, field c) -> (field): return XOR(XOR(AND(a, b), AND(a, c)), AND(b, c)) \ No newline at end of file diff --git a/zokrates_cli/examples/sha256/binary/andxornotand.code b/zokrates_cli/examples/sha256/binary/andxornotand.code new file mode 100644 index 00000000..41bb5737 --- /dev/null +++ b/zokrates_cli/examples/sha256/binary/andxornotand.code @@ -0,0 +1,8 @@ +// ANDXORNOTAND + +import "utils/binary/and.code" as AND +import "utils/binary/xor.code" as XOR +import "utils/binary/not.code" as NOT + +def main(field a, field b, field c) -> (field): + return XOR(AND(a, b), AND(NOT(a), c)) diff --git a/stdlib/utils/binary/fulladd.code b/zokrates_cli/examples/sha256/binary/fulladd.code similarity index 85% rename from stdlib/utils/binary/fulladd.code rename to zokrates_cli/examples/sha256/binary/fulladd.code index 08186583..375b8506 100644 --- a/stdlib/utils/binary/fulladd.code +++ b/zokrates_cli/examples/sha256/binary/fulladd.code @@ -1,7 +1,7 @@ // FULLADD import "./halfadd.code" as HALFADD -import "./or.code" as OR +import "utils/binary/or.code" as OR def main(field a, field b, field car) -> (field, field): out1, car1 = HALFADD(a, b) diff --git a/stdlib/utils/binary/halfadd.code b/zokrates_cli/examples/sha256/binary/halfadd.code similarity index 53% rename from stdlib/utils/binary/halfadd.code rename to zokrates_cli/examples/sha256/binary/halfadd.code index 75e19833..4cfc96a7 100644 --- a/stdlib/utils/binary/halfadd.code +++ b/zokrates_cli/examples/sha256/binary/halfadd.code @@ -1,7 +1,7 @@ // HALFADD -import "./xor.code" as XOR -import "./and.code" as AND +import "utils/binary/xor.code" as XOR +import "utils/binary/and.code" as AND def main(field a, field b) -> (field, field): return XOR(a, b), AND(a, b) \ No newline at end of file diff --git a/stdlib/utils/bitwise/32/and.code b/zokrates_cli/examples/sha256/bitwise/32/and.code similarity index 86% rename from stdlib/utils/bitwise/32/and.code rename to zokrates_cli/examples/sha256/bitwise/32/and.code index 711f1b2f..f92320fe 100644 --- a/stdlib/utils/bitwise/32/and.code +++ b/zokrates_cli/examples/sha256/bitwise/32/and.code @@ -1,6 +1,6 @@ // AND -import "./../../binary/and.code" as AND +import "utils/binary/and.code" as AND def main(field[32] b, field[32] c) -> (field[32]): field[32] result = [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0] diff --git a/stdlib/utils/bitwise/32/andxorandxorand.code b/zokrates_cli/examples/sha256/bitwise/32/andxorandxorand.code similarity index 100% rename from stdlib/utils/bitwise/32/andxorandxorand.code rename to zokrates_cli/examples/sha256/bitwise/32/andxorandxorand.code diff --git a/stdlib/utils/bitwise/32/andxornotand.code b/zokrates_cli/examples/sha256/bitwise/32/andxornotand.code similarity index 100% rename from stdlib/utils/bitwise/32/andxornotand.code rename to zokrates_cli/examples/sha256/bitwise/32/andxornotand.code diff --git a/stdlib/utils/bitwise/32/not.code b/zokrates_cli/examples/sha256/bitwise/32/not.code similarity index 85% rename from stdlib/utils/bitwise/32/not.code rename to zokrates_cli/examples/sha256/bitwise/32/not.code index 860f3e60..ce235a0d 100644 --- a/stdlib/utils/bitwise/32/not.code +++ b/zokrates_cli/examples/sha256/bitwise/32/not.code @@ -1,6 +1,6 @@ // NOT -import "./../../binary/not.code" as NOT +import "utils/binary/not.code" as NOT def main(field[32] b) -> (field[32]): field[32] result = [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0] diff --git a/stdlib/utils/bitwise/32/xor.code b/zokrates_cli/examples/sha256/bitwise/32/xor.code similarity index 86% rename from stdlib/utils/bitwise/32/xor.code rename to zokrates_cli/examples/sha256/bitwise/32/xor.code index 70fef5dd..6cd0d324 100644 --- a/stdlib/utils/bitwise/32/xor.code +++ b/zokrates_cli/examples/sha256/bitwise/32/xor.code @@ -1,6 +1,6 @@ // XOR -import "./../../binary/xor.code" as XOR +import "utils/binary/xor.code" as XOR def main(field[32] b, field[32] c) -> (field[32]): field[32] result = [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0] diff --git a/zokrates_cli/examples/sha256/utils/32/add.code b/zokrates_cli/examples/sha256/utils/32/add.code index 26ee3ffe..61b76142 100644 --- a/zokrates_cli/examples/sha256/utils/32/add.code +++ b/zokrates_cli/examples/sha256/utils/32/add.code @@ -1,6 +1,6 @@ // ADD -import "utils/binary/fulladd.code" as FULLADD +import "../../binary/fulladd.code" as FULLADD def main(field[32] b, field[32] c) -> (field[32]): field[33] car = [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0] diff --git a/zokrates_cli/examples/sha256/utils/32/ar17xar19xars10.code b/zokrates_cli/examples/sha256/utils/32/ar17xar19xars10.code index e5cf428e..3e7cc187 100644 --- a/zokrates_cli/examples/sha256/utils/32/ar17xar19xars10.code +++ b/zokrates_cli/examples/sha256/utils/32/ar17xar19xars10.code @@ -1,6 +1,6 @@ // AR17XAR19XAR10 -import "utils/bitwise/32/xor.code" as XOR +import "../../bitwise/32/xor.code" as XOR def RR17(field[32] b) -> (field[32]): return [b[15], b[16], b[17], b[18], b[19], b[20], b[21], b[22], b[23], b[24], b[25], b[26], b[27], b[28], b[29], b[30], b[31], b[0], b[1], b[2], b[3], b[4], b[5], b[6], b[7], b[8], b[9], b[10], b[11], b[12], b[13], b[14]] diff --git a/zokrates_cli/examples/sha256/utils/32/ar2xar13xar22.code b/zokrates_cli/examples/sha256/utils/32/ar2xar13xar22.code index c8b95580..bcea4d75 100644 --- a/zokrates_cli/examples/sha256/utils/32/ar2xar13xar22.code +++ b/zokrates_cli/examples/sha256/utils/32/ar2xar13xar22.code @@ -1,6 +1,6 @@ // AR2XAR13XAR22 -import "utils/bitwise/32/xor.code" as XOR +import "../../bitwise/32/xor.code" as XOR def RR2(field[32] b) -> (field[32]): return [b[30], b[31], b[0], b[1], b[2], b[3], b[4], b[5], b[6], b[7], b[8], b[9], b[10], b[11], b[12], b[13], b[14], b[15], b[16], b[17], b[18], b[19], b[20], b[21], b[22], b[23], b[24], b[25], b[26], b[27], b[28], b[29]] diff --git a/zokrates_cli/examples/sha256/utils/32/ar6xar11xar25.code b/zokrates_cli/examples/sha256/utils/32/ar6xar11xar25.code index 2c3aa50d..f70779bd 100644 --- a/zokrates_cli/examples/sha256/utils/32/ar6xar11xar25.code +++ b/zokrates_cli/examples/sha256/utils/32/ar6xar11xar25.code @@ -1,6 +1,6 @@ // AR6XAR11XAR25 -import "utils/bitwise/32/xor.code" as XOR +import "../../bitwise/32/xor.code" as XOR def RR6(field[32] b) -> (field[32]): return [b[26], b[27], b[28], b[29], b[30], b[31], b[0], b[1], b[2], b[3], b[4], b[5], b[6], b[7], b[8], b[9], b[10], b[11], b[12], b[13], b[14], b[15], b[16], b[17], b[18], b[19], b[20], b[21], b[22], b[23], b[24], b[25]] diff --git a/zokrates_cli/examples/sha256/utils/32/ar7xar18xars3.code b/zokrates_cli/examples/sha256/utils/32/ar7xar18xars3.code index 99a27760..772075b1 100644 --- a/zokrates_cli/examples/sha256/utils/32/ar7xar18xars3.code +++ b/zokrates_cli/examples/sha256/utils/32/ar7xar18xars3.code @@ -1,6 +1,6 @@ // AR7XAR18XAR3 -import "utils/bitwise/32/xor.code" as XOR +import "../../bitwise/32/xor.code" as XOR def RR7(field[32] b) -> (field[32]): return [b[25], b[26], b[27], b[28], b[29], b[30], b[31], b[0], b[1], b[2], b[3], b[4], b[5], b[6], b[7], b[8], b[9], b[10], b[11], b[12], b[13], b[14], b[15], b[16], b[17], b[18], b[19], b[20], b[21], b[22], b[23], b[24]] diff --git a/zokrates_cli/examples/sha256/utils/32/compression_round.code b/zokrates_cli/examples/sha256/utils/32/compression_round.code index a933de3d..7816202f 100644 --- a/zokrates_cli/examples/sha256/utils/32/compression_round.code +++ b/zokrates_cli/examples/sha256/utils/32/compression_round.code @@ -2,8 +2,8 @@ import "./ar6xar11xar25.code" as AR6XAR11XAR25 import "./ar2xar13xar22.code" as AR2XAR13XAR22 -import "utils/bitwise/32/andxornotand.code" as ANDXORNOTAND -import "utils/bitwise/32/andxorandxorand.code" as ANDXORANDXORAND +import "../../bitwise/32/andxornotand.code" as ANDXORNOTAND +import "../../bitwise/32/andxorandxorand.code" as ANDXORANDXORAND import "./add.code" as ADD2 def ADD5(field[32] a, field[32] b, field[32] c, field[32] d, field[32] e) -> (field[32]): From fe6396950be9b7e74d4c2d3b8d7ff0aea9fbfb2e Mon Sep 17 00:00:00 2001 From: sdeml Date: Thu, 31 Jan 2019 21:06:43 +0100 Subject: [PATCH 29/30] resolve PR comments --- .circleci/config.yml | 2 +- stdlib/hashes/sha256/512bitPacked.code | 1 - .../TestStdlib/hashes/sha256/test512bitPadded.code | 14 ++++++++++++++ 3 files changed, 15 insertions(+), 2 deletions(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index b92a302e..ee59e825 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -14,7 +14,7 @@ jobs: command: cargo generate-lockfile - restore_cache: keys: - - v5-cargo-cache-{{ arch }}-{{ checksum "Cargo.lock" }} + - v4-cargo-cache-{{ arch }}-{{ checksum "Cargo.lock" }} - run: name: Build libsnark command: LIBSNARK_SOURCE_PATH=$HOME/libsnark ./build_libsnark.sh diff --git a/stdlib/hashes/sha256/512bitPacked.code b/stdlib/hashes/sha256/512bitPacked.code index 77be38eb..21da2f77 100644 --- a/stdlib/hashes/sha256/512bitPacked.code +++ b/stdlib/hashes/sha256/512bitPacked.code @@ -1,7 +1,6 @@ import "PACKING/pack128" as pack128 import "PACKING/unpack128" as unpack128 import "./512bit.code" as sha256 -//FIXME: delete packed stldib // A function that takes an array of 4 field elements as inputs, unpacks each of them to 128 // bits (big endian), concatenates them and applies sha256. // It then returns an array of two field elements, each representing 128 bits of the result. diff --git a/zokrates_cli/examples/TestStdlib/hashes/sha256/test512bitPadded.code b/zokrates_cli/examples/TestStdlib/hashes/sha256/test512bitPadded.code index 3c6f2939..06ba66e2 100644 --- a/zokrates_cli/examples/TestStdlib/hashes/sha256/test512bitPadded.code +++ b/zokrates_cli/examples/TestStdlib/hashes/sha256/test512bitPadded.code @@ -1,3 +1,17 @@ +// Python code used to create test vector: +// import hashlib + +// preimage = bytes.fromhex('00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\ +// 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 05') + +// bin(int(preimage.hex(), 16)) +// # '0b101' + +// digest = hashlib.sha256(preimage).hexdigest() +// # digest = 'c6481e22c5ff4164af680b8cfaa5e8ed3120eeff89c4f307c4a6faaae059ce10' + +// bin(int(digest, 16)) +// # '0b1100011001001000000111100010001011000101111111110100000101100100101011110110100000001011100011001111101010100101111010001110110100110001001000001110111011111111100010011100010011110011000001111100010010100110111110101010101011100000010110011100111000010000' import "hashes/sha256/512bitPadded.code" as sha256 def main() -> (field): From a25dd44975aba041b9cefa3a066aad2a6ee13f74 Mon Sep 17 00:00:00 2001 From: sdeml Date: Fri, 1 Feb 2019 10:30:43 +0100 Subject: [PATCH 30/30] move merkle tree gadget to example folder --- .../examples}/merkleTree/sha256PathProof3.code | 6 +++--- .../{TestStdlib => }/merkleTree/testsha256PathProof3.code | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) rename {stdlib => zokrates_cli/examples}/merkleTree/sha256PathProof3.code (86%) rename zokrates_cli/examples/{TestStdlib => }/merkleTree/testsha256PathProof3.code (98%) diff --git a/stdlib/merkleTree/sha256PathProof3.code b/zokrates_cli/examples/merkleTree/sha256PathProof3.code similarity index 86% rename from stdlib/merkleTree/sha256PathProof3.code rename to zokrates_cli/examples/merkleTree/sha256PathProof3.code index 8ffde9fa..901ff5d3 100644 --- a/stdlib/merkleTree/sha256PathProof3.code +++ b/zokrates_cli/examples/merkleTree/sha256PathProof3.code @@ -1,6 +1,6 @@ -import "../hashes/sha256/512bit.code" as sha256 -import "../utils/multiplexer/256bit.code" as multiplex -import "../utils/binary/not.code" as NOT +import "hashes/sha256/512bit.code" as sha256 +import "utils/multiplexer/256bit.code" as multiplex +import "utils/binary/not.code" as NOT // Merke-Tree inclusion proof for tree depth 3 diff --git a/zokrates_cli/examples/TestStdlib/merkleTree/testsha256PathProof3.code b/zokrates_cli/examples/merkleTree/testsha256PathProof3.code similarity index 98% rename from zokrates_cli/examples/TestStdlib/merkleTree/testsha256PathProof3.code rename to zokrates_cli/examples/merkleTree/testsha256PathProof3.code index 6c2389f0..60ef13c0 100644 --- a/zokrates_cli/examples/TestStdlib/merkleTree/testsha256PathProof3.code +++ b/zokrates_cli/examples/merkleTree/testsha256PathProof3.code @@ -1,4 +1,4 @@ -import "merkleTree/sha256PathProof3.code" as merkleTreeProof +import "./sha256PathProof3.code" as merkleTreeProof def main() -> (field): field treeDepth = 3