github-mig/ZoKrates
github-mig/ZoKrates
1
0
Fork 0
mirror of synced 2025-09-23 12:18:44 +00:00
Code Issues Projects Releases Wiki Activity

update code for new semantics

Browse source
This commit is contained in:
schaeff 2020-04-14 16:32:14 +02:00
parent c71c58b3a8
commit ba54e346f2
34 changed files with 59 additions and 294 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
zokrates_cli/examples/merkleTree/pedersenPathProof3.zok
View file

@ -1,18 +1,19 @@
import "hashes/pedersen/512bit" as hash
import "ecc/edwardsCompress" as edwardsCompress
import "ecc/babyjubjubParams" as context
from "ecc/babyjubjubParams" import BabyJubJubParams
import "hashes/utils/256bitsDirectionHelper" as multiplex
import "utils/binary/not" as NOT
// Merke-Tree inclusion proof for tree depth 3 using SNARK efficient pedersen hashes
// directionSelector=> 1/true if current digest is on the rhs of the hash
def main(field[256] rootDigest, private field[256] leafDigest, private field[3] directionSelector, field[256] PathDigest0, private field[256] PathDigest1, private field[256] PathDigest2) -> (field):
context = context()
BabyJubJubParams context = context()
//Setup
field[256] currentDigest = leafDigest
//Loop up the tree
preimage = multiplex(directionSelector[0], currentDigest, PathDigest0)
field[512] preimage = multiplex(directionSelector[0], currentDigest, PathDigest0)
currentDigest = hash(preimage)
preimage = multiplex(directionSelector[1], currentDigest, PathDigest1)

4
zokrates_cli/examples/merkleTree/sha256PathProof3.zok
View file

@ -13,8 +13,8 @@ def main(field treeDepth, field[256] rootDigest, private field[256] leafDigest,
//Loop up the tree
currentDirection = directionSelector[0]
lhs = multiplex(currentDirection, currentDigest, PathDigest0)
rhs = multiplex(NOT(currentDirection), currentDigest, PathDigest0)
field[256] lhs = multiplex(currentDirection, currentDigest, PathDigest0)
field[256] rhs = multiplex(NOT(currentDirection), currentDigest, PathDigest0)
currentDigest = sha256(lhs, rhs)
counter = counter + 1

2
zokrates_cli/examples/propagate_call.zok
View file

@ -3,5 +3,5 @@ def foo(field a, field b) -> (field, field):
return a, b
def main() -> (field):
a, b = foo(1, 1)
field a, field b = foo(1, 1)
return a + b

7
zokrates_cli/examples/sha256/binary/andxorandxorand.zok
View file

@ -1,7 +0,0 @@
// ANDXORANDXORAND
import "utils/binary/xor" as XOR
import "utils/binary/and" as AND
def main(field a, field b, field c) -> (field):
return XOR(XOR(AND(a, b), AND(a, c)), AND(b, c))

8
zokrates_cli/examples/sha256/binary/andxornotand.zok
View file

@ -1,8 +0,0 @@
// ANDXORNOTAND
import "utils/binary/and" as AND
import "utils/binary/xor" as XOR
import "utils/binary/not" as NOT
def main(field a, field b, field c) -> (field):
return XOR(AND(a, b), AND(NOT(a), c))

10
zokrates_cli/examples/sha256/binary/fulladd.zok
View file

@ -1,10 +0,0 @@
// FULLADD
import "./halfadd" as HALFADD
import "utils/binary/or" as OR
def main(field a, field b, field car) -> (field, field):
out1, car1 = HALFADD(a, b)
out2, car2 = HALFADD(out1, car)
car3 = OR(car1, car2)
return out2, car3

7
zokrates_cli/examples/sha256/binary/halfadd.zok
View file

@ -1,7 +0,0 @@
// HALFADD
import "utils/binary/xor" as XOR
import "utils/binary/and" as AND
def main(field a, field b) -> (field, field):
return XOR(a, b), AND(a, b)

11
zokrates_cli/examples/sha256/bitwise/32/and.zok
View file

@ -1,11 +0,0 @@
// AND
import "utils/binary/and" as AND
def main(field[32] b, field[32] c) -> (field[32]):
field[32] result = [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0]
for field i in 0..32 do
r = AND(b[i], c[i])
result[i] = r
endfor
return result

11
zokrates_cli/examples/sha256/bitwise/32/andxorandxorand.zok
View file

@ -1,11 +0,0 @@
// ANDXORANDXORAND
import "./../../binary/andxorandxorand" as ANDXORANDXORAND
def main(field[32] b, field[32] c, field[32] d) -> (field[32]):
field[32] result = [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0]
for field i in 0..32 do
r = ANDXORANDXORAND(b[i], c[i], d[i])
result[i] = r
endfor
return result

11
zokrates_cli/examples/sha256/bitwise/32/andxornotand.zok
View file

@ -1,11 +0,0 @@
// ANDXORNOTAND
import "./../../binary/andxornotand" as ANDXORNOTAND
def main(field[32] b, field[32] c, field[32] d) -> (field[32]):
field[32] result = [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0]
for field i in 0..32 do
r = ANDXORNOTAND(b[i], c[i], d[i])
result[i] = r
endfor
return result

11
zokrates_cli/examples/sha256/bitwise/32/not.zok
View file

@ -1,11 +0,0 @@
// NOT
import "utils/binary/not" as NOT
def main(field[32] b) -> (field[32]):
field[32] result = [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0]
for field i in 0..32 do
r = NOT(b[i])
result[i] = r
endfor
return result

11
zokrates_cli/examples/sha256/bitwise/32/xor.zok
View file

@ -1,11 +0,0 @@
// XOR
import "utils/binary/xor" as XOR
def main(field[32] b, field[32] c) -> (field[32]):
field[32] result = [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0]
for field i in 0..32 do
r = XOR(b[i], c[i])
result[i] = r
endfor
return result

13
zokrates_cli/examples/sha256/utils/32/add.zok
View file

@ -1,13 +0,0 @@
// ADD
import "../../binary/fulladd" as FULLADD
def main(field[32] b, field[32] c) -> (field[32]):
field[33] car = [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0]
field[32] d = [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0]
for field i in 0..32 do
d0, car0 = FULLADD(b[i], c[i], car[i])
d[i] = d0
car[i + 1] = car0
endfor
return d

21
zokrates_cli/examples/sha256/utils/32/ar17xar19xars10.zok
View file

@ -1,21 +0,0 @@
// AR17XAR19XAR10
import "../../bitwise/32/xor" as XOR
def RR17(field[32] b) -> (field[32]):
return [b[15], b[16], b[17], b[18], b[19], b[20], b[21], b[22], b[23], b[24], b[25], b[26], b[27], b[28], b[29], b[30], b[31], b[0], b[1], b[2], b[3], b[4], b[5], b[6], b[7], b[8], b[9], b[10], b[11], b[12], b[13], b[14]]
def RR19(field[32] b) -> (field[32]):
return [b[13], b[14], b[15], b[16], b[17], b[18], b[19], b[20], b[21], b[22], b[23], b[24], b[25], b[26], b[27], b[28], b[29], b[30], b[31], b[0], b[1], b[2], b[3], b[4], b[5], b[6], b[7], b[8], b[9], b[10], b[11], b[12]]
def RS10(field[32] b) -> (field[32]):
return [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, b[0], b[1], b[2], b[3], b[4], b[5], b[6], b[7], b[8], b[9], b[10], b[11], b[12], b[13], b[14], b[15], b[16], b[17], b[18], b[19], b[20], b[21]]
def main(field[32] a) -> (field[32]):
u = RR17(a)
v = RR19(a)
w = RS10(a)
x = XOR(u, v)
z = XOR(w, x)
return z

21
zokrates_cli/examples/sha256/utils/32/ar2xar13xar22.zok
View file

@ -1,21 +0,0 @@
// AR2XAR13XAR22
import "../../bitwise/32/xor" as XOR
def RR2(field[32] b) -> (field[32]):
return [b[30], b[31], b[0], b[1], b[2], b[3], b[4], b[5], b[6], b[7], b[8], b[9], b[10], b[11], b[12], b[13], b[14], b[15], b[16], b[17], b[18], b[19], b[20], b[21], b[22], b[23], b[24], b[25], b[26], b[27], b[28], b[29]]
def RR13(field[32] b) -> (field[32]):
return [b[19], b[20], b[21], b[22], b[23], b[24], b[25], b[26], b[27], b[28], b[29], b[30], b[31], b[0], b[1], b[2], b[3], b[4], b[5], b[6], b[7], b[8], b[9], b[10], b[11], b[12], b[13], b[14], b[15], b[16], b[17], b[18]]
def RR22(field[32] b) -> (field[32]):
return [b[10], b[11], b[12], b[13], b[14], b[15], b[16], b[17], b[18], b[19], b[20], b[21], b[22], b[23], b[24], b[25], b[26], b[27], b[28], b[29], b[30], b[31], b[0], b[1], b[2], b[3], b[4], b[5], b[6], b[7], b[8], b[9]]
def main(field[32] a) -> (field[32]):
u = RR2(a)
v = RR13(a)
w = RR22(a)
x = XOR(u, v)
z = XOR(w, x)
return z

20
zokrates_cli/examples/sha256/utils/32/ar6xar11xar25.zok
View file

@ -1,20 +0,0 @@
// AR6XAR11XAR25
import "../../bitwise/32/xor" as XOR
def RR6(field[32] b) -> (field[32]):
return [b[26], b[27], b[28], b[29], b[30], b[31], b[0], b[1], b[2], b[3], b[4], b[5], b[6], b[7], b[8], b[9], b[10], b[11], b[12], b[13], b[14], b[15], b[16], b[17], b[18], b[19], b[20], b[21], b[22], b[23], b[24], b[25]]
def RR11(field[32] b) -> (field[32]):
return [b[21], b[22], b[23], b[24], b[25], b[26], b[27], b[28], b[29], b[30], b[31], b[0], b[1], b[2], b[3], b[4], b[5], b[6], b[7], b[8], b[9], b[10], b[11], b[12], b[13], b[14], b[15], b[16], b[17], b[18], b[19], b[20]]
def RR25(field[32] b) -> (field[32]):
return [b[7], b[8], b[9], b[10], b[11], b[12], b[13], b[14], b[15], b[16], b[17], b[18], b[19], b[20], b[21], b[22], b[23], b[24], b[25], b[26], b[27], b[28], b[29], b[30], b[31], b[0], b[1], b[2], b[3], b[4], b[5], b[6]]
def main(field[32] a) -> (field[32]):
u = RR6(a)
v = RR11(a)
w = RR25(a)
x = XOR(u, v)
z = XOR(w, x)
return z

20
zokrates_cli/examples/sha256/utils/32/ar7xar18xars3.zok
View file

@ -1,20 +0,0 @@
// AR7XAR18XAR3
import "../../bitwise/32/xor" as XOR
def RR7(field[32] b) -> (field[32]):
return [b[25], b[26], b[27], b[28], b[29], b[30], b[31], b[0], b[1], b[2], b[3], b[4], b[5], b[6], b[7], b[8], b[9], b[10], b[11], b[12], b[13], b[14], b[15], b[16], b[17], b[18], b[19], b[20], b[21], b[22], b[23], b[24]]
def RR18(field[32] b) -> (field[32]):
return [b[14], b[15], b[16], b[17], b[18], b[19], b[20], b[21], b[22], b[23], b[24], b[25], b[26], b[27], b[28], b[29], b[30], b[31], b[0], b[1], b[2], b[3], b[4], b[5], b[6], b[7], b[8], b[9], b[10], b[11], b[12], b[13]]
def RS3(field[32] b) -> (field[32]):
return [0, 0, 0, b[0], b[1], b[2], b[3], b[4], b[5], b[6], b[7], b[8], b[9], b[10], b[11], b[12], b[13], b[14], b[15], b[16], b[17], b[18], b[19], b[20], b[21], b[22], b[23], b[24], b[25], b[26], b[27], b[28]]
def main(field[32] a) -> (field[32]):
u = RR7(a)
v = RR18(a)
w = RS3(a)
x = XOR(u, v)
z = XOR(w, x)
return z

42
zokrates_cli/examples/sha256/utils/32/compression_round.zok
View file

@ -1,42 +0,0 @@
// COMPRESSION ROUND
import "./ar6xar11xar25" as AR6XAR11XAR25
import "./ar2xar13xar22" as AR2XAR13XAR22
import "../../bitwise/32/andxornotand" as ANDXORNOTAND
import "../../bitwise/32/andxorandxorand" as ANDXORANDXORAND
import "./add" as ADD2
def ADD5(field[32] a, field[32] b, field[32] c, field[32] d, field[32] e) -> (field[32]):
ab = ADD2(a, b)
cd = ADD2(c, d)
abcd = ADD2(ab, cd)
abcde = ADD2(abcd, e)
return abcde
def main(field[32] k, field[32] w, field[32] a, field[32] b, field[32] c, field[32] d, field[32] e, field[32] f, field[32] g, field[32] h) -> (field[32], field[32], field[32], field[32], field[32], field[32], field[32], field[32]):
// S1 := (e rightrotate 6) xor (e rightrotate 11) xor (e rightrotate 25)
SOne = AR6XAR11XAR25(e)
// ch := (e and f) xor ((not e) and g)
ch = ANDXORNOTAND(e, f, g)
// temp1 := h + S1 + ch + k[i] + w[i]
tempOne = ADD5(h, SOne, ch, k, w)
// S0 := (a rightrotate 2) xor (a rightrotate 13) xor (a rightrotate 22)
SZero = AR2XAR13XAR22(a)
// maj := (a and b) xor (a and c) xor (b and c)
maj = ANDXORANDXORAND(a, b, c)
// temp2 := S0 + maj
tempTwo = ADD2(SZero, maj)
// en := d + temp1
en = ADD2(d, tempOne)
// an := temp1 + temp2
an = ADD2(tempOne, tempTwo)
return an, a, b, c, en, e, f, g

20
zokrates_cli/examples/sha256/utils/32/extend.zok
View file

@ -1,20 +0,0 @@
// EXTEND
import "./ar7xar18xars3" as AR7XAR18XAR3
import "./ar17xar19xars10" as AR17XAR19XAR10
import "./add" as ADD
def ADD(field[32] a, field[32] b, field[32] c, field[32] d) -> (field[32]):
ab = ADD(a, b)
cd = ADD(c, d)
abcd = ADD(ab, cd)
return abcd
def main(field[32] wm15, field[32] wm2, field[32] wm16, field[32] wm7) -> (field[32]):
// s0 := (w[i-15] rightrotate 7) xor (w[i-15] rightrotate 18) xor (w[i-15] rightshift 3)
szero = AR7XAR18XAR3(wm15)
// s1 := (w[i-2] rightrotate 17) xor (w[i-2] rightrotate 19) xor (w[i-2] rightshift 10)
sone = AR17XAR19XAR10(wm2)
// w[i] := w[i-16] + s0 + w[i-7] + s1
wfb = ADD(wm16, szero, wm7, sone)
return wfb

2
zokrates_core_test/tests/tests/complex_call.zok
View file

@ -7,5 +7,5 @@ def f(bool a, field b, Foo c, field[2] d) -> (Foo, field):
return Foo { a: [a, a], b: d[0] }, if c.a[0] then b + c.b else d[1] fi
def main(bool a, field b, Foo c, field[2] d) -> (Foo, field):
e, f = f(a, b, c, d)
Foo e, field f = f(a, b, c, d)
return e, f

8
zokrates_stdlib/stdlib/hashes/pedersen/512bit.zok
View file

@ -18,10 +18,10 @@ from "ecc/babyjubjubParams" import BabyJubJubParams
// 512bit to 256bit Pedersen hash using compression of the field elements
def main(field[512] e) -> (field[256]):
BabyJubJubParams context = context()
field[2] a = context.infinity //Infinity
field[2] a = context.INFINITY //Infinity
//Round 0
cx = sel3s([e[0], e[1], e[2]], [13418723823902222986275588345615650707197303761863176429873001977640541977977 , 8366451672790208592553809639953117385619257483837439526516290319251622927412, 1785026334726838136757054176272745265857971873904476677125553010508875025629, 15763987975760561753692294837740043971877392788040801334205375164715487005236])
cy = sel2([e[0], e[1]], [15255921313433251341520743036334816584226787412845488772781699434149539664639 , 10916775373885716961512013142444429405184550001421868906213743991404593770484, 18533662942827602783563125901366807026309605479742251601915445402562880550265, 12754584346112149619040942896930712185968371085994381911052593922432846916845])
field cx = sel3s([e[0], e[1], e[2]], [13418723823902222986275588345615650707197303761863176429873001977640541977977 , 8366451672790208592553809639953117385619257483837439526516290319251622927412, 1785026334726838136757054176272745265857971873904476677125553010508875025629, 15763987975760561753692294837740043971877392788040801334205375164715487005236])
field cy = sel2([e[0], e[1]], [15255921313433251341520743036334816584226787412845488772781699434149539664639 , 10916775373885716961512013142444429405184550001421868906213743991404593770484, 18533662942827602783563125901366807026309605479742251601915445402562880550265, 12754584346112149619040942896930712185968371085994381911052593922432846916845])
a = add(a, [cx, cy], context)
//Round 1
cx = sel3s([e[3], e[4], e[5]], [10096735692467598736728394557736034054031417419721869067082824451240861468728 , 6979151010236415881632946866847657030447196774231162748523315765559549846746, 12137947022495312670974525048647679757468392619153927921382150023166867027471, 10624360821702266736197468438435445939719745367234393212061381062942588576905])
@ -704,5 +704,5 @@ def main(field[512] e) -> (field[256]):
cy = sel2([e[510], e[511]], [2329094643034533408459502544740928833981119919633412709248656884170940780093 , 3216329736050668550647765981020076413548845117352735257893224753954595290363, 18710403072495673647060422294369054840513840567808020912157404388689648711093, 9785201456176703812798077455183487364035650707229293534561747881523562553649])
a = add(a, [cx, cy], context)
field[256] aC = edwardsCompress(a, context)
field[256] aC = edwardsCompress(a)
return aC

6
zokrates_stdlib/stdlib/hashes/pedersen/6bit.zok
View file

@ -14,8 +14,8 @@ def main(field[6] e) -> (field[2]):
field cy = sel2([e[0], e[1]], [15255921313433251341520743036334816584226787412845488772781699434149539664639 , 10916775373885716961512013142444429405184550001421868906213743991404593770484, 18533662942827602783563125901366807026309605479742251601915445402562880550265, 12754584346112149619040942896930712185968371085994381911052593922432846916845])
a = add(a, [cx, cy], context)
//Round 1
field cx = sel3s([e[3], e[4], e[5]], [10096735692467598736728394557736034054031417419721869067082824451240861468728 , 6979151010236415881632946866847657030447196774231162748523315765559549846746, 12137947022495312670974525048647679757468392619153927921382150023166867027471, 10624360821702266736197468438435445939719745367234393212061381062942588576905])
field cy = sel2([e[3], e[4]], [16704592219657141368520262522286248296157931669321735564513068002743507745908 , 11518684165372839249156788740134693928233608013641661856685773776747280808438, 21502372109496595498116676984635248026663470429940273577484250291841812814697, 17522620677401472201433112250371604936150385414760411280739362011041111141253])
field[2] a = add(a, [cx, cy], context)
cx = sel3s([e[3], e[4], e[5]], [10096735692467598736728394557736034054031417419721869067082824451240861468728 , 6979151010236415881632946866847657030447196774231162748523315765559549846746, 12137947022495312670974525048647679757468392619153927921382150023166867027471, 10624360821702266736197468438435445939719745367234393212061381062942588576905])
cy = sel2([e[3], e[4]], [16704592219657141368520262522286248296157931669321735564513068002743507745908 , 11518684165372839249156788740134693928233608013641661856685773776747280808438, 21502372109496595498116676984635248026663470429940273577484250291841812814697, 17522620677401472201433112250371604936150385414760411280739362011041111141253])
a = add(a, [cx, cy], context)
return a

2
zokrates_stdlib/stdlib/hashes/sha256/1024bitPadded.zok
View file

@ -10,6 +10,6 @@ def main(field[256] a, field[256] b, field[256] c, field[256] d) -> (field[256])
// total length of message is 1024 bits: 0b10000000000
field[256] dummyblock2 = [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0]
digest = sha256(a, b, c, d, dummyblock1, dummyblock2)
field[256] digest = sha256(a, b, c, d, dummyblock1, dummyblock2)
return digest

8
zokrates_stdlib/stdlib/hashes/sha256/1536bit.zok
View file

@ -6,9 +6,9 @@ import "./shaRoundNoBoolCheck" as sha256
// It returns an array of 256 field elements.
def main(field[256] a, field[256] b, field[256] c, field[256] d, field[256] e, field[256] f) -> (field[256]):
IV = IVconstants()
digest1 = sha256(a, b, IV)
digest2 = sha256(c, d, digest1)
digest3 = sha256(e, f, digest2)
field[256] IV = IVconstants()
field[256] digest1 = sha256(a, b, IV)
field[256] digest2 = sha256(c, d, digest1)
field[256] digest3 = sha256(e, f, digest2)
return digest3

5
zokrates_stdlib/stdlib/signatures/verifyEddsa.zok
View file

@ -4,6 +4,7 @@ import "ecc/edwardsAdd" as add
import "utils/pack/nonStrictUnpack256" as unpack256
import "ecc/edwardsOnCurve" as onCurve
import "ecc/edwardsOrderCheck" as orderCheck
from "ecc/babyjubjubParams" import BabyJubJubParams
/// Verifies an EdDSA Signature.
///
@ -26,9 +27,9 @@ import "ecc/edwardsOrderCheck" as orderCheck
///
/// Returns:
/// Return 1 for S being a valid EdDSA Signature, 0 otherwise.
def main(private field[2] R, private field S, field[2] A, field[256] M0, field[256] M1, field[10] context) -> (field):
def main(private field[2] R, private field S, field[2] A, field[256] M0, field[256] M1, BabyJubJubParams context) -> (field):
field[2] G = [context[4], context[5]]
field[2] G = [context.Gu, context.Gv]
// Check if R is on curve and if it is not in a small subgroup. A is public input and can be checked offline
field isOnCurve = onCurve(R, context) // throws if R is not on curve

15
zokrates_stdlib/tests/tests/ecc/edwardsAdd.zok
View file

@ -1,13 +1,14 @@
import "ecc/edwardsAdd" as add
import "ecc/edwardsNegate" as neg
import "ecc/babyjubjubParams" as context
from "ecc/babyjubjubParams" import BabyJubJubParams
// Code to create test cases:
// https://github.com/Zokrates/pycrypto
def testDoubleViaAdd() -> (field):
context = context()
field[2] G = [context[4], context[5]]
BabyJubJubParams context = context()
field[2] G = [context.Gu, context.Gv]
field[2] out = add(G, G, context)
out[0] == 17324563846726889236817837922625232543153115346355010501047597319863650987830
@ -16,13 +17,13 @@ def testDoubleViaAdd() -> (field):
return 1
def testIdentities() -> (field):
context = context()
field[2] G = [context[4], context[5]]
field[2] inf = [context[2], context[3]]
BabyJubJubParams context = context()
field[2] G = [context.Gu, context.Gv]
field[2] inf = context.INFINITY
G == add(G, inf, context)
field[2] nG = neg(G, context)
field[2] nG = neg(G)
field[2] nGaddG = add(G, nG, context)
inf == nGaddG

11
zokrates_stdlib/tests/tests/ecc/edwardsCompress.zok
View file

@ -1,17 +1,18 @@
import "ecc/edwardsCompress" as edwardsCompress
import "ecc/babyjubjubParams" as context
from "ecc/babyjubjubParams" import BabyJubJubParams
// Code to create test cases:
// https://github.com/Zokrates/pycrypto
def testCompress() -> (field):
context = context()
BabyJubJubParams context = context()
field Gu = context[4]
field Gv = context[5]
field Gu = context.Gu
field Gv = context.Gv
Gcompressed = edwardsCompress([Gu, Gv], context)
field[256] Gcompressed = edwardsCompress([Gu, Gv])
Gcompressed = [1,0,1,0,1,1,1,0,0,0,0,0,0,1,1,1,0,0,1,0,1,0,0,1,0,1,1,1,1,1,1,1,1,0,0,0,1,1,0,1,0,0,1,1,1,1,0,0,0,0,1,1,1,1,0,1,0,1,1,1,1,0,0,0,0,0,0,1,1,0,0,0,1,1,0,1,1,0,1,1,1,1,0,1,1,1,0,1,1,1,1,1,1,1,0,1,0,0,1,0,0,1,0,0,1,1,0,0,0,0,1,1,0,1,0,1,0,1,0,1,1,0,0,0,0,0,1,1,1,1,1,1,1,0,0,1,1,0,1,0,1,0,0,1,1,1,0,1,0,1,0,0,1,1,1,0,1,1,0,1,0,0,0,0,1,1,0,0,1,0,1,1,0,0,0,0,1,1,0,0,0,0,0,1,1,1,0,1,0,0,0,1,0,0,1,1,0,1,0,0,1,0,0,0,1,1,0,1,1,1,0,1,1,0,0,0,1,1,1,1,0,1,1,1,1,1,1,1,1,0,0,1,1,0,0,1,0,0,0,1,0,1,0,1,0,0,1,0,1,1,0,1,0,1,1,1]
Gcompressed == [1,0,1,0,1,1,1,0,0,0,0,0,0,1,1,1,0,0,1,0,1,0,0,1,0,1,1,1,1,1,1,1,1,0,0,0,1,1,0,1,0,0,1,1,1,1,0,0,0,0,1,1,1,1,0,1,0,1,1,1,1,0,0,0,0,0,0,1,1,0,0,0,1,1,0,1,1,0,1,1,1,1,0,1,1,1,0,1,1,1,1,1,1,1,0,1,0,0,1,0,0,1,0,0,1,1,0,0,0,0,1,1,0,1,0,1,0,1,0,1,1,0,0,0,0,0,1,1,1,1,1,1,1,0,0,1,1,0,1,0,1,0,0,1,1,1,0,1,0,1,0,0,1,1,1,0,1,1,0,1,0,0,0,0,1,1,0,0,1,0,1,1,0,0,0,0,1,1,0,0,0,0,0,1,1,1,0,1,0,0,0,1,0,0,1,1,0,1,0,0,1,0,0,0,1,1,0,1,1,1,0,1,1,0,0,0,1,1,1,1,0,1,1,1,1,1,1,1,1,0,0,1,1,0,0,1,0,0,0,1,0,1,0,1,0,0,1,0,1,1,0,1,0,1,1,1]
return 1

3
zokrates_stdlib/tests/tests/ecc/edwardsOnCurve.zok
View file

@ -1,10 +1,11 @@
import "ecc/babyjubjubParams" as context
from "ecc/babyjubjubParams" import BabyJubJubParams
import "ecc/edwardsOnCurve" as onCurve
// Code to create test cases:
// https://github.com/Zokrates/pycrypto
def testOnCurveTrue() -> (field):
context = context()
BabyJubJubParams context = context()
field testU = 17324563846726889236817837922625232543153115346355010501047597319863650987830
field testV = 20022170825455209233733649024450576091402881793145646502279487074566492066831

5
zokrates_stdlib/tests/tests/ecc/edwardsOrderCheck.zok
View file

@ -1,10 +1,11 @@
import "ecc/edwardsOrderCheck" as orderCheck
import "ecc/babyjubjubParams" as context
from "ecc/babyjubjubParams" import BabyJubJubParams
// Code to create test cases:
// https://github.com/Zokrates/pycrypto
def testOrderCheckTrue() -> (field):
context = context()
BabyJubJubParams context = context()
field testU = 17324563846726889236817837922625232543153115346355010501047597319863650987830
field testV = 20022170825455209233733649024450576091402881793145646502279487074566492066831
@ -15,7 +16,7 @@ def testOrderCheckTrue() -> (field):
return 1
def testOrderCheckFalse() -> (field):
context = context()
BabyJubJubParams context = context()
field testU = 4342719913949491028786768530115087822524712248835451589697801404893164183326
field testV = 4826523245007015323400664741523384119579596407052839571721035538011798951543

17
zokrates_stdlib/tests/tests/ecc/edwardsScalarMult.zok
View file

@ -1,11 +1,12 @@
import "ecc/babyjubjubParams" as context
from "ecc/babyjubjubParams" import BabyJubJubParams
import "ecc/edwardsScalarMult" as mul
// Code to create test cases:
// https://github.com/Zokrates/pycrypto
def testCyclic() -> (field):
context = context()
field[2] G = [context[4], context[5]]
BabyJubJubParams context = context()
field[2] G = [context.Gu, context.Gv]
// exp = JUBJUB_E + 1
field[256] exp = [0, 0, 1, 1, 0, 0, 0, 0, 0, 1, 1, 0, 0, 1, 0, 0, 0, 1, 0, 0, 1, 1, 1, 0, 0, 1, 1, 1, 0, 0, 1, 0, 1, 1, 1, 0, 0, 0, 0, 1, 0, 0, 1, 1, 0, 0, 0, 1, 1, 0, 1, 0, 0, 0, 0, 0, 0, 0, 1, 0, 1, 0, 0, 1, 1, 0, 1, 1, 1, 0, 0, 0, 0, 1, 0, 1, 0, 0, 0, 0, 0, 1, 0, 0, 0, 1, 0, 1, 1, 0, 1, 1, 0, 1, 1, 0, 1, 0, 0, 0, 0, 0, 0, 1, 1, 0, 0, 0, 0, 0, 0, 1, 0, 1, 0, 1, 1, 0, 0, 0, 0, 1, 0, 1, 1, 1, 0, 1, 0, 1, 0, 1, 1, 0, 0, 1, 1, 1, 1, 1, 0, 1, 1, 1, 0, 1, 1, 0, 1, 1, 0, 1, 1, 1, 0, 0, 0, 0, 0, 1, 1, 1, 0, 0, 1, 0, 0, 1, 0, 0, 0, 0, 0, 1, 1, 1, 0, 1, 1, 1, 0, 0, 0, 0, 0, 1, 0, 1, 0, 0, 1, 1, 0, 0, 1, 1, 1, 0, 1, 1, 1, 0, 0, 1, 0, 1, 0, 0, 1, 0, 1, 1, 1, 1, 1, 0, 1, 1, 1, 0, 0, 0, 0, 1, 1, 1, 0, 0, 1, 0, 0, 1, 0, 0, 0, 0, 1, 0, 0, 1, 0, 0, 1, 1, 0, 1, 1, 1, 1, 0, 0, 0, 1, 0, 0, 1]
@ -16,8 +17,8 @@ def testCyclic() -> (field):
return 1
def testMul2() -> (field):
context = context()
field[2] G = [context[4], context[5]]
BabyJubJubParams context = context()
field[2] G = [context.Gu, context.Gv]
// exp == 2
field[256] exp = [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0]
@ -29,8 +30,8 @@ def testMul2() -> (field):
return 1
def testAssociativity() -> (field):
context = context()
field[2] G = [context[4], context[5]]
BabyJubJubParams context = context()
field[2] G = [context.Gu, context.Gv]
// a = 1234
field[256] a = [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 1, 1, 0, 1, 0, 0, 1, 0]
@ -58,8 +59,8 @@ def testAssociativity() -> (field):
return 1
def testMultiplicative() -> (field):
context = context()
field[2] G = [context[4], context[5]]
BabyJubJubParams context = context()
field[2] G = [context.Gu, context.Gv]
// a = 1234
field[256] a = [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 1, 1, 0, 1, 0, 0, 1, 0]

7
zokrates_stdlib/tests/tests/ecc/proofOfOwnership.zok
View file

@ -1,4 +1,5 @@
import "ecc/babyjubjubParams" as context
from "ecc/babyjubjubParams" import BabyJubJubParams
import "ecc/proofOfOwnership" as proofOfOwnership
import "ecc/edwardsScalarMult" as multiply
import "utils/pack/nonStrictUnpack256" as unpack256
@ -6,8 +7,8 @@ import "utils/pack/nonStrictUnpack256" as unpack256
// Code to create test cases:
// https://github.com/Zokrates/pycrypto
def testOwnershipTrue() -> (field):
context = context()
field[2] G = [context[4], context[5]]
BabyJubJubParams context = context()
field[2] G = [context.Gu, context.Gv]
field[2] Pk = [14897476871502190904409029696666322856887678969656209656241038339251270171395, 16668832459046858928951622951481252834155254151733002984053501254009901876174]
field sk = 1997011358982923168928344992199991480689546837621580239342656433234255379025
@ -18,7 +19,7 @@ def testOwnershipTrue() -> (field):
return 1
def testtOwnershipFalse() -> (field):
context = context()
BabyJubJubParams context = context()
field[2] Pk = [16328093915569409528980874702678312730273137210288183490878184636452430630129, 9377227749598842756429258362864743065769435972445705966557343775367597326529]
field sk = 1997011358982923168928344992199991480689546837621580239342656433234255379025

2
zokrates_stdlib/tests/tests/hashes/sha256/512bitPacked.zok
View file

@ -23,7 +23,7 @@ def main() -> (field):
field c = 0
field d = 5
h = sha256packed([a, b, c, d])
field[2] h = sha256packed([a, b, c, d])
h[0] == 263561599766550617289250058199814760685
h[1] == 65303172752238645975888084098459749904

4
zokrates_stdlib/tests/tests/hashes/utils/256bitsDirectionHelper.zok
View file

@ -18,7 +18,7 @@ def left() -> (field):
field[256] a = [0, 0, 0, 1, 1, 0, 1, 1, 0, 0, 0, 1, 1, 0, 0, 1, 1, 1, 0, 1, 1, 1, 1, 0, 1, 0, 1, 0, 1, 0, 0, 0, 1, 0, 1, 1, 1, 0, 1, 0, 0, 1, 0, 0, 1, 1, 1, 0, 0, 0, 1, 1, 1, 1, 0, 0, 0, 0, 0, 1, 0, 1, 1, 0, 0, 1, 0, 0, 0, 0, 1, 1, 1, 1, 1, 0, 1, 0, 1, 1, 0, 1, 1, 0, 0, 1, 1, 1, 1, 0, 1, 0, 0, 1, 0, 0, 0, 0, 1, 0, 0, 1, 1, 0, 0, 1, 1, 0, 0, 1, 1, 1, 1, 1, 1, 1, 1, 1, 0, 1, 0, 0, 1, 1, 1, 1, 0, 0, 1, 1, 0, 0, 0, 1, 0, 1, 0, 0, 0, 0, 1, 0, 1, 0, 0, 0, 0, 1, 1, 0, 0, 0, 1, 0, 0, 1, 1, 1, 1, 1, 0, 1, 0, 1, 0, 1, 0, 0, 1, 0, 0, 1, 0, 1, 1, 1, 0, 1, 1, 1, 1, 1, 1, 0, 0, 0, 1, 0, 1, 1, 1, 1, 1, 0, 0, 0, 1, 0, 1, 0, 1, 0, 1, 1, 0, 0, 0, 0, 1, 0, 1, 1, 1, 1, 1, 0, 1, 1, 1, 0, 1, 1, 1, 0, 0, 0, 1, 1, 0, 0, 1, 1, 0, 0, 1, 0, 1, 0, 1, 1, 0, 0, 1, 0, 1, 0, 1, 0, 0, 0, 1, 1, 1, 0, 0, 0]
field[256] b = [0, 0, 0, 0, 0, 0, 1, 1, 1, 1, 1, 1, 0, 0, 1, 1, 1, 1, 1, 1, 0, 1, 1, 0, 0, 0, 1, 0, 1, 0, 0, 0, 1, 1, 1, 0, 0, 0, 0, 0, 0, 1, 1, 0, 0, 1, 1, 1, 0, 1, 0, 1, 0, 0, 1, 0, 0, 0, 0, 0, 1, 1, 0, 1, 1, 0, 0, 1, 1, 0, 1, 0, 0, 0, 1, 1, 0, 1, 1, 0, 1, 1, 1, 1, 0, 1, 1, 1, 0, 0, 0, 1, 0, 1, 0, 0, 1, 0, 1, 0, 0, 1, 0, 1, 1, 0, 1, 1, 1, 0, 1, 0, 1, 0, 0, 0, 0, 1, 1, 0, 1, 1, 0, 0, 1, 1, 0, 1, 0, 0, 1, 0, 1, 1, 0, 1, 1, 0, 1, 1, 1, 1, 0, 0, 1, 0, 1, 0, 1, 1, 1, 0, 0, 0, 0, 1, 1, 1, 0, 1, 0, 0, 1, 1, 0, 1, 1, 1, 1, 1, 1, 0, 0, 0, 0, 0, 0, 0, 1, 1, 0, 1, 0, 0, 1, 0, 1, 1, 0, 0, 1, 1, 1, 0, 0, 0, 0, 1, 0, 0, 0, 1, 1, 1, 1, 0, 0, 0, 0, 1, 1, 0, 1, 1, 0, 1, 1, 1, 1, 0, 0, 0, 1, 1, 1, 1, 1, 0, 1, 1, 0, 1, 1, 0, 1, 1, 1, 0, 0, 0, 1, 0, 1, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 1, 1]
out = direction(0, a, b)
field[512] out = direction(0, a, b)
out == [0, 0, 0, 1, 1, 0, 1, 1, 0, 0, 0, 1, 1, 0, 0, 1, 1, 1, 0, 1, 1, 1, 1, 0, 1, 0, 1, 0, 1, 0, 0, 0, 1, 0, 1, 1, 1, 0, 1, 0, 0, 1, 0, 0, 1, 1, 1, 0, 0, 0, 1, 1, 1, 1, 0, 0, 0, 0, 0, 1, 0, 1, 1, 0, 0, 1, 0, 0, 0, 0, 1, 1, 1, 1, 1, 0, 1, 0, 1, 1, 0, 1, 1, 0, 0, 1, 1, 1, 1, 0, 1, 0, 0, 1, 0, 0, 0, 0, 1, 0, 0, 1, 1, 0, 0, 1, 1, 0, 0, 1, 1, 1, 1, 1, 1, 1, 1, 1, 0, 1, 0, 0, 1, 1, 1, 1, 0, 0, 1, 1, 0, 0, 0, 1, 0, 1, 0, 0, 0, 0, 1, 0, 1, 0, 0, 0, 0, 1, 1, 0, 0, 0, 1, 0, 0, 1, 1, 1, 1, 1, 0, 1, 0, 1, 0, 1, 0, 0, 1, 0, 0, 1, 0, 1, 1, 1, 0, 1, 1, 1, 1, 1, 1, 0, 0, 0, 1, 0, 1, 1, 1, 1, 1, 0, 0, 0, 1, 0, 1, 0, 1, 0, 1, 1, 0, 0, 0, 0, 1, 0, 1, 1, 1, 1, 1, 0, 1, 1, 1, 0, 1, 1, 1, 0, 0, 0, 1, 1, 0, 0, 1, 1, 0, 0, 1, 0, 1, 0, 1, 1, 0, 0, 1, 0, 1, 0, 1, 0, 0, 0, 1, 1, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 1, 1, 1, 1, 1, 0, 0, 1, 1, 1, 1, 1, 1, 0, 1, 1, 0, 0, 0, 1, 0, 1, 0, 0, 0, 1, 1, 1, 0, 0, 0, 0, 0, 0, 1, 1, 0, 0, 1, 1, 1, 0, 1, 0, 1, 0, 0, 1, 0, 0, 0, 0, 0, 1, 1, 0, 1, 1, 0, 0, 1, 1, 0, 1, 0, 0, 0, 1, 1, 0, 1, 1, 0, 1, 1, 1, 1, 0, 1, 1, 1, 0, 0, 0, 1, 0, 1, 0, 0, 1, 0, 1, 0, 0, 1, 0, 1, 1, 0, 1, 1, 1, 0, 1, 0, 1, 0, 0, 0, 0, 1, 1, 0, 1, 1, 0, 0, 1, 1, 0, 1, 0, 0, 1, 0, 1, 1, 0, 1, 1, 0, 1, 1, 1, 1, 0, 0, 1, 0, 1, 0, 1, 1, 1, 0, 0, 0, 0, 1, 1, 1, 0, 1, 0, 0, 1, 1, 0, 1, 1, 1, 1, 1, 1, 0, 0, 0, 0, 0, 0, 0, 1, 1, 0, 1, 0, 0, 1, 0, 1, 1, 0, 0, 1, 1, 1, 0, 0, 0, 0, 1, 0, 0, 0, 1, 1, 1, 1, 0, 0, 0, 0, 1, 1, 0, 1, 1, 0, 1, 1, 1, 1, 0, 0, 0, 1, 1, 1, 1, 1, 0, 1, 1, 0, 1, 1, 0, 1, 1, 1, 0, 0, 0, 1, 0, 1, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 1, 1]
return 1
@ -26,7 +26,7 @@ def right() -> (field):
field[256] a = [0, 0, 0, 1, 1, 0, 1, 1, 0, 0, 0, 1, 1, 0, 0, 1, 1, 1, 0, 1, 1, 1, 1, 0, 1, 0, 1, 0, 1, 0, 0, 0, 1, 0, 1, 1, 1, 0, 1, 0, 0, 1, 0, 0, 1, 1, 1, 0, 0, 0, 1, 1, 1, 1, 0, 0, 0, 0, 0, 1, 0, 1, 1, 0, 0, 1, 0, 0, 0, 0, 1, 1, 1, 1, 1, 0, 1, 0, 1, 1, 0, 1, 1, 0, 0, 1, 1, 1, 1, 0, 1, 0, 0, 1, 0, 0, 0, 0, 1, 0, 0, 1, 1, 0, 0, 1, 1, 0, 0, 1, 1, 1, 1, 1, 1, 1, 1, 1, 0, 1, 0, 0, 1, 1, 1, 1, 0, 0, 1, 1, 0, 0, 0, 1, 0, 1, 0, 0, 0, 0, 1, 0, 1, 0, 0, 0, 0, 1, 1, 0, 0, 0, 1, 0, 0, 1, 1, 1, 1, 1, 0, 1, 0, 1, 0, 1, 0, 0, 1, 0, 0, 1, 0, 1, 1, 1, 0, 1, 1, 1, 1, 1, 1, 0, 0, 0, 1, 0, 1, 1, 1, 1, 1, 0, 0, 0, 1, 0, 1, 0, 1, 0, 1, 1, 0, 0, 0, 0, 1, 0, 1, 1, 1, 1, 1, 0, 1, 1, 1, 0, 1, 1, 1, 0, 0, 0, 1, 1, 0, 0, 1, 1, 0, 0, 1, 0, 1, 0, 1, 1, 0, 0, 1, 0, 1, 0, 1, 0, 0, 0, 1, 1, 1, 0, 0, 0]
field[256] b = [0, 0, 0, 0, 0, 0, 1, 1, 1, 1, 1, 1, 0, 0, 1, 1, 1, 1, 1, 1, 0, 1, 1, 0, 0, 0, 1, 0, 1, 0, 0, 0, 1, 1, 1, 0, 0, 0, 0, 0, 0, 1, 1, 0, 0, 1, 1, 1, 0, 1, 0, 1, 0, 0, 1, 0, 0, 0, 0, 0, 1, 1, 0, 1, 1, 0, 0, 1, 1, 0, 1, 0, 0, 0, 1, 1, 0, 1, 1, 0, 1, 1, 1, 1, 0, 1, 1, 1, 0, 0, 0, 1, 0, 1, 0, 0, 1, 0, 1, 0, 0, 1, 0, 1, 1, 0, 1, 1, 1, 0, 1, 0, 1, 0, 0, 0, 0, 1, 1, 0, 1, 1, 0, 0, 1, 1, 0, 1, 0, 0, 1, 0, 1, 1, 0, 1, 1, 0, 1, 1, 1, 1, 0, 0, 1, 0, 1, 0, 1, 1, 1, 0, 0, 0, 0, 1, 1, 1, 0, 1, 0, 0, 1, 1, 0, 1, 1, 1, 1, 1, 1, 0, 0, 0, 0, 0, 0, 0, 1, 1, 0, 1, 0, 0, 1, 0, 1, 1, 0, 0, 1, 1, 1, 0, 0, 0, 0, 1, 0, 0, 0, 1, 1, 1, 1, 0, 0, 0, 0, 1, 1, 0, 1, 1, 0, 1, 1, 1, 1, 0, 0, 0, 1, 1, 1, 1, 1, 0, 1, 1, 0, 1, 1, 0, 1, 1, 1, 0, 0, 0, 1, 0, 1, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 1, 1]
out = direction(1, a, b)
field[512] out = direction(1, a, b)
out == [0, 0, 0, 0, 0, 0, 1, 1, 1, 1, 1, 1, 0, 0, 1, 1, 1, 1, 1, 1, 0, 1, 1, 0, 0, 0, 1, 0, 1, 0, 0, 0, 1, 1, 1, 0, 0, 0, 0, 0, 0, 1, 1, 0, 0, 1, 1, 1, 0, 1, 0, 1, 0, 0, 1, 0, 0, 0, 0, 0, 1, 1, 0, 1, 1, 0, 0, 1, 1, 0, 1, 0, 0, 0, 1, 1, 0, 1, 1, 0, 1, 1, 1, 1, 0, 1, 1, 1, 0, 0, 0, 1, 0, 1, 0, 0, 1, 0, 1, 0, 0, 1, 0, 1, 1, 0, 1, 1, 1, 0, 1, 0, 1, 0, 0, 0, 0, 1, 1, 0, 1, 1, 0, 0, 1, 1, 0, 1, 0, 0, 1, 0, 1, 1, 0, 1, 1, 0, 1, 1, 1, 1, 0, 0, 1, 0, 1, 0, 1, 1, 1, 0, 0, 0, 0, 1, 1, 1, 0, 1, 0, 0, 1, 1, 0, 1, 1, 1, 1, 1, 1, 0, 0, 0, 0, 0, 0, 0, 1, 1, 0, 1, 0, 0, 1, 0, 1, 1, 0, 0, 1, 1, 1, 0, 0, 0, 0, 1, 0, 0, 0, 1, 1, 1, 1, 0, 0, 0, 0, 1, 1, 0, 1, 1, 0, 1, 1, 1, 1, 0, 0, 0, 1, 1, 1, 1, 1, 0, 1, 1, 0, 1, 1, 0, 1, 1, 1, 0, 0, 0, 1, 0, 1, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 1, 1, 0, 0, 0, 1, 1, 0, 1, 1, 0, 0, 0, 1, 1, 0, 0, 1, 1, 1, 0, 1, 1, 1, 1, 0, 1, 0, 1, 0, 1, 0, 0, 0, 1, 0, 1, 1, 1, 0, 1, 0, 0, 1, 0, 0, 1, 1, 1, 0, 0, 0, 1, 1, 1, 1, 0, 0, 0, 0, 0, 1, 0, 1, 1, 0, 0, 1, 0, 0, 0, 0, 1, 1, 1, 1, 1, 0, 1, 0, 1, 1, 0, 1, 1, 0, 0, 1, 1, 1, 1, 0, 1, 0, 0, 1, 0, 0, 0, 0, 1, 0, 0, 1, 1, 0, 0, 1, 1, 0, 0, 1, 1, 1, 1, 1, 1, 1, 1, 1, 0, 1, 0, 0, 1, 1, 1, 1, 0, 0, 1, 1, 0, 0, 0, 1, 0, 1, 0, 0, 0, 0, 1, 0, 1, 0, 0, 0, 0, 1, 1, 0, 0, 0, 1, 0, 0, 1, 1, 1, 1, 1, 0, 1, 0, 1, 0, 1, 0, 0, 1, 0, 0, 1, 0, 1, 1, 1, 0, 1, 1, 1, 1, 1, 1, 0, 0, 0, 1, 0, 1, 1, 1, 1, 1, 0, 0, 0, 1, 0, 1, 0, 1, 0, 1, 1, 0, 0, 0, 0, 1, 0, 1, 1, 1, 1, 1, 0, 1, 1, 1, 0, 1, 1, 1, 0, 0, 0, 1, 1, 0, 0, 1, 1, 0, 0, 1, 0, 1, 0, 1, 1, 0, 0, 1, 0, 1, 0, 1, 0, 0, 0, 1, 1, 1, 0, 0, 0]
return 1

3
zokrates_stdlib/tests/tests/signatures/verifyEddsa.zok
View file

@ -1,11 +1,12 @@
import "signatures/verifyEddsa" as verifyEddsa
import "ecc/babyjubjubParams" as context
from "ecc/babyjubjubParams" import BabyJubJubParams
// Code to create test case:
// https://github.com/Zokrates/pycrypto
def main() -> (field):
context = context()
BabyJubJubParams context = context()
field[2] R = [20197911405516193152560090893341588680064377398162745404177962124159545390767, 9171190326927340493105240100684097896571028312802691203521747450053192554927]
field S = 6050429445242986634735172402304257690628456074852538287769363221635064371045