From ba54e346f2b4d85702ac1deb63113f3cc87f32dc Mon Sep 17 00:00:00 2001 From: schaeff Date: Tue, 14 Apr 2020 16:32:14 +0200 Subject: [PATCH] update code for new semantics --- .../merkleTree/pedersenPathProof3.zok | 5 ++- .../examples/merkleTree/sha256PathProof3.zok | 4 +- zokrates_cli/examples/propagate_call.zok | 2 +- .../sha256/binary/andxorandxorand.zok | 7 ---- .../examples/sha256/binary/andxornotand.zok | 8 ---- .../examples/sha256/binary/fulladd.zok | 10 ----- .../examples/sha256/binary/halfadd.zok | 7 ---- .../examples/sha256/bitwise/32/and.zok | 11 ----- .../sha256/bitwise/32/andxorandxorand.zok | 11 ----- .../sha256/bitwise/32/andxornotand.zok | 11 ----- .../examples/sha256/bitwise/32/not.zok | 11 ----- .../examples/sha256/bitwise/32/xor.zok | 11 ----- zokrates_cli/examples/sha256/utils/32/add.zok | 13 ------ .../sha256/utils/32/ar17xar19xars10.zok | 21 ---------- .../sha256/utils/32/ar2xar13xar22.zok | 21 ---------- .../sha256/utils/32/ar6xar11xar25.zok | 20 --------- .../sha256/utils/32/ar7xar18xars3.zok | 20 --------- .../sha256/utils/32/compression_round.zok | 42 ------------------- .../examples/sha256/utils/32/extend.zok | 20 --------- .../tests/tests/complex_call.zok | 2 +- .../stdlib/hashes/pedersen/512bit.zok | 8 ++-- .../stdlib/hashes/pedersen/6bit.zok | 6 +-- .../stdlib/hashes/sha256/1024bitPadded.zok | 2 +- .../stdlib/hashes/sha256/1536bit.zok | 8 ++-- .../stdlib/signatures/verifyEddsa.zok | 5 ++- .../tests/tests/ecc/edwardsAdd.zok | 15 +++---- .../tests/tests/ecc/edwardsCompress.zok | 11 ++--- .../tests/tests/ecc/edwardsOnCurve.zok | 3 +- .../tests/tests/ecc/edwardsOrderCheck.zok | 5 ++- .../tests/tests/ecc/edwardsScalarMult.zok | 17 ++++---- .../tests/tests/ecc/proofOfOwnership.zok | 7 ++-- .../tests/hashes/sha256/512bitPacked.zok | 2 +- .../hashes/utils/256bitsDirectionHelper.zok | 4 +- .../tests/tests/signatures/verifyEddsa.zok | 3 +- 34 files changed, 59 insertions(+), 294 deletions(-) delete mode 100644 zokrates_cli/examples/sha256/binary/andxorandxorand.zok delete mode 100644 zokrates_cli/examples/sha256/binary/andxornotand.zok delete mode 100644 zokrates_cli/examples/sha256/binary/fulladd.zok delete mode 100644 zokrates_cli/examples/sha256/binary/halfadd.zok delete mode 100644 zokrates_cli/examples/sha256/bitwise/32/and.zok delete mode 100644 zokrates_cli/examples/sha256/bitwise/32/andxorandxorand.zok delete mode 100644 zokrates_cli/examples/sha256/bitwise/32/andxornotand.zok delete mode 100644 zokrates_cli/examples/sha256/bitwise/32/not.zok delete mode 100644 zokrates_cli/examples/sha256/bitwise/32/xor.zok delete mode 100644 zokrates_cli/examples/sha256/utils/32/add.zok delete mode 100644 zokrates_cli/examples/sha256/utils/32/ar17xar19xars10.zok delete mode 100644 zokrates_cli/examples/sha256/utils/32/ar2xar13xar22.zok delete mode 100644 zokrates_cli/examples/sha256/utils/32/ar6xar11xar25.zok delete mode 100644 zokrates_cli/examples/sha256/utils/32/ar7xar18xars3.zok delete mode 100644 zokrates_cli/examples/sha256/utils/32/compression_round.zok delete mode 100644 zokrates_cli/examples/sha256/utils/32/extend.zok diff --git a/zokrates_cli/examples/merkleTree/pedersenPathProof3.zok b/zokrates_cli/examples/merkleTree/pedersenPathProof3.zok index 87da1787..1ac9251f 100644 --- a/zokrates_cli/examples/merkleTree/pedersenPathProof3.zok +++ b/zokrates_cli/examples/merkleTree/pedersenPathProof3.zok @@ -1,18 +1,19 @@ import "hashes/pedersen/512bit" as hash import "ecc/edwardsCompress" as edwardsCompress import "ecc/babyjubjubParams" as context +from "ecc/babyjubjubParams" import BabyJubJubParams import "hashes/utils/256bitsDirectionHelper" as multiplex import "utils/binary/not" as NOT // Merke-Tree inclusion proof for tree depth 3 using SNARK efficient pedersen hashes // directionSelector=> 1/true if current digest is on the rhs of the hash def main(field[256] rootDigest, private field[256] leafDigest, private field[3] directionSelector, field[256] PathDigest0, private field[256] PathDigest1, private field[256] PathDigest2) -> (field): - context = context() + BabyJubJubParams context = context() //Setup field[256] currentDigest = leafDigest //Loop up the tree - preimage = multiplex(directionSelector[0], currentDigest, PathDigest0) + field[512] preimage = multiplex(directionSelector[0], currentDigest, PathDigest0) currentDigest = hash(preimage) preimage = multiplex(directionSelector[1], currentDigest, PathDigest1) diff --git a/zokrates_cli/examples/merkleTree/sha256PathProof3.zok b/zokrates_cli/examples/merkleTree/sha256PathProof3.zok index 3699fec7..8d9bd0f3 100644 --- a/zokrates_cli/examples/merkleTree/sha256PathProof3.zok +++ b/zokrates_cli/examples/merkleTree/sha256PathProof3.zok @@ -13,8 +13,8 @@ def main(field treeDepth, field[256] rootDigest, private field[256] leafDigest, //Loop up the tree currentDirection = directionSelector[0] - lhs = multiplex(currentDirection, currentDigest, PathDigest0) - rhs = multiplex(NOT(currentDirection), currentDigest, PathDigest0) + field[256] lhs = multiplex(currentDirection, currentDigest, PathDigest0) + field[256] rhs = multiplex(NOT(currentDirection), currentDigest, PathDigest0) currentDigest = sha256(lhs, rhs) counter = counter + 1 diff --git a/zokrates_cli/examples/propagate_call.zok b/zokrates_cli/examples/propagate_call.zok index 111d0155..ea3435d4 100644 --- a/zokrates_cli/examples/propagate_call.zok +++ b/zokrates_cli/examples/propagate_call.zok @@ -3,5 +3,5 @@ def foo(field a, field b) -> (field, field): return a, b def main() -> (field): - a, b = foo(1, 1) + field a, field b = foo(1, 1) return a + b \ No newline at end of file diff --git a/zokrates_cli/examples/sha256/binary/andxorandxorand.zok b/zokrates_cli/examples/sha256/binary/andxorandxorand.zok deleted file mode 100644 index 5094c306..00000000 --- a/zokrates_cli/examples/sha256/binary/andxorandxorand.zok +++ /dev/null @@ -1,7 +0,0 @@ -// ANDXORANDXORAND - -import "utils/binary/xor" as XOR -import "utils/binary/and" as AND - -def main(field a, field b, field c) -> (field): - return XOR(XOR(AND(a, b), AND(a, c)), AND(b, c)) \ No newline at end of file diff --git a/zokrates_cli/examples/sha256/binary/andxornotand.zok b/zokrates_cli/examples/sha256/binary/andxornotand.zok deleted file mode 100644 index fcb5b462..00000000 --- a/zokrates_cli/examples/sha256/binary/andxornotand.zok +++ /dev/null @@ -1,8 +0,0 @@ -// ANDXORNOTAND - -import "utils/binary/and" as AND -import "utils/binary/xor" as XOR -import "utils/binary/not" as NOT - -def main(field a, field b, field c) -> (field): - return XOR(AND(a, b), AND(NOT(a), c)) diff --git a/zokrates_cli/examples/sha256/binary/fulladd.zok b/zokrates_cli/examples/sha256/binary/fulladd.zok deleted file mode 100644 index fbf13de5..00000000 --- a/zokrates_cli/examples/sha256/binary/fulladd.zok +++ /dev/null @@ -1,10 +0,0 @@ -// FULLADD - -import "./halfadd" as HALFADD -import "utils/binary/or" as OR - -def main(field a, field b, field car) -> (field, field): - out1, car1 = HALFADD(a, b) - out2, car2 = HALFADD(out1, car) - car3 = OR(car1, car2) - return out2, car3 \ No newline at end of file diff --git a/zokrates_cli/examples/sha256/binary/halfadd.zok b/zokrates_cli/examples/sha256/binary/halfadd.zok deleted file mode 100644 index 15f0e6ec..00000000 --- a/zokrates_cli/examples/sha256/binary/halfadd.zok +++ /dev/null @@ -1,7 +0,0 @@ -// HALFADD - -import "utils/binary/xor" as XOR -import "utils/binary/and" as AND - -def main(field a, field b) -> (field, field): - return XOR(a, b), AND(a, b) \ No newline at end of file diff --git a/zokrates_cli/examples/sha256/bitwise/32/and.zok b/zokrates_cli/examples/sha256/bitwise/32/and.zok deleted file mode 100644 index 7a36796f..00000000 --- a/zokrates_cli/examples/sha256/bitwise/32/and.zok +++ /dev/null @@ -1,11 +0,0 @@ -// AND - -import "utils/binary/and" as AND - -def main(field[32] b, field[32] c) -> (field[32]): - field[32] result = [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0] - for field i in 0..32 do - r = AND(b[i], c[i]) - result[i] = r - endfor - return result \ No newline at end of file diff --git a/zokrates_cli/examples/sha256/bitwise/32/andxorandxorand.zok b/zokrates_cli/examples/sha256/bitwise/32/andxorandxorand.zok deleted file mode 100644 index 334c5ba1..00000000 --- a/zokrates_cli/examples/sha256/bitwise/32/andxorandxorand.zok +++ /dev/null @@ -1,11 +0,0 @@ -// ANDXORANDXORAND - -import "./../../binary/andxorandxorand" as ANDXORANDXORAND - -def main(field[32] b, field[32] c, field[32] d) -> (field[32]): - field[32] result = [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0] - for field i in 0..32 do - r = ANDXORANDXORAND(b[i], c[i], d[i]) - result[i] = r - endfor - return result \ No newline at end of file diff --git a/zokrates_cli/examples/sha256/bitwise/32/andxornotand.zok b/zokrates_cli/examples/sha256/bitwise/32/andxornotand.zok deleted file mode 100644 index f053e5aa..00000000 --- a/zokrates_cli/examples/sha256/bitwise/32/andxornotand.zok +++ /dev/null @@ -1,11 +0,0 @@ -// ANDXORNOTAND - -import "./../../binary/andxornotand" as ANDXORNOTAND - -def main(field[32] b, field[32] c, field[32] d) -> (field[32]): - field[32] result = [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0] - for field i in 0..32 do - r = ANDXORNOTAND(b[i], c[i], d[i]) - result[i] = r - endfor - return result \ No newline at end of file diff --git a/zokrates_cli/examples/sha256/bitwise/32/not.zok b/zokrates_cli/examples/sha256/bitwise/32/not.zok deleted file mode 100644 index 32fcddec..00000000 --- a/zokrates_cli/examples/sha256/bitwise/32/not.zok +++ /dev/null @@ -1,11 +0,0 @@ -// NOT - -import "utils/binary/not" as NOT - -def main(field[32] b) -> (field[32]): - field[32] result = [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0] - for field i in 0..32 do - r = NOT(b[i]) - result[i] = r - endfor - return result \ No newline at end of file diff --git a/zokrates_cli/examples/sha256/bitwise/32/xor.zok b/zokrates_cli/examples/sha256/bitwise/32/xor.zok deleted file mode 100644 index 036c74f0..00000000 --- a/zokrates_cli/examples/sha256/bitwise/32/xor.zok +++ /dev/null @@ -1,11 +0,0 @@ -// XOR - -import "utils/binary/xor" as XOR - -def main(field[32] b, field[32] c) -> (field[32]): - field[32] result = [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0] - for field i in 0..32 do - r = XOR(b[i], c[i]) - result[i] = r - endfor - return result \ No newline at end of file diff --git a/zokrates_cli/examples/sha256/utils/32/add.zok b/zokrates_cli/examples/sha256/utils/32/add.zok deleted file mode 100644 index f7b6c7c4..00000000 --- a/zokrates_cli/examples/sha256/utils/32/add.zok +++ /dev/null @@ -1,13 +0,0 @@ -// ADD - -import "../../binary/fulladd" as FULLADD - -def main(field[32] b, field[32] c) -> (field[32]): - field[33] car = [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0] - field[32] d = [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0] - for field i in 0..32 do - d0, car0 = FULLADD(b[i], c[i], car[i]) - d[i] = d0 - car[i + 1] = car0 - endfor - return d diff --git a/zokrates_cli/examples/sha256/utils/32/ar17xar19xars10.zok b/zokrates_cli/examples/sha256/utils/32/ar17xar19xars10.zok deleted file mode 100644 index b736d169..00000000 --- a/zokrates_cli/examples/sha256/utils/32/ar17xar19xars10.zok +++ /dev/null @@ -1,21 +0,0 @@ -// AR17XAR19XAR10 - -import "../../bitwise/32/xor" as XOR - -def RR17(field[32] b) -> (field[32]): - return [b[15], b[16], b[17], b[18], b[19], b[20], b[21], b[22], b[23], b[24], b[25], b[26], b[27], b[28], b[29], b[30], b[31], b[0], b[1], b[2], b[3], b[4], b[5], b[6], b[7], b[8], b[9], b[10], b[11], b[12], b[13], b[14]] - -def RR19(field[32] b) -> (field[32]): - return [b[13], b[14], b[15], b[16], b[17], b[18], b[19], b[20], b[21], b[22], b[23], b[24], b[25], b[26], b[27], b[28], b[29], b[30], b[31], b[0], b[1], b[2], b[3], b[4], b[5], b[6], b[7], b[8], b[9], b[10], b[11], b[12]] - -def RS10(field[32] b) -> (field[32]): - return [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, b[0], b[1], b[2], b[3], b[4], b[5], b[6], b[7], b[8], b[9], b[10], b[11], b[12], b[13], b[14], b[15], b[16], b[17], b[18], b[19], b[20], b[21]] - -def main(field[32] a) -> (field[32]): - u = RR17(a) - v = RR19(a) - w = RS10(a) - x = XOR(u, v) - z = XOR(w, x) - return z - diff --git a/zokrates_cli/examples/sha256/utils/32/ar2xar13xar22.zok b/zokrates_cli/examples/sha256/utils/32/ar2xar13xar22.zok deleted file mode 100644 index 57f5e319..00000000 --- a/zokrates_cli/examples/sha256/utils/32/ar2xar13xar22.zok +++ /dev/null @@ -1,21 +0,0 @@ -// AR2XAR13XAR22 - -import "../../bitwise/32/xor" as XOR - -def RR2(field[32] b) -> (field[32]): - return [b[30], b[31], b[0], b[1], b[2], b[3], b[4], b[5], b[6], b[7], b[8], b[9], b[10], b[11], b[12], b[13], b[14], b[15], b[16], b[17], b[18], b[19], b[20], b[21], b[22], b[23], b[24], b[25], b[26], b[27], b[28], b[29]] - -def RR13(field[32] b) -> (field[32]): - return [b[19], b[20], b[21], b[22], b[23], b[24], b[25], b[26], b[27], b[28], b[29], b[30], b[31], b[0], b[1], b[2], b[3], b[4], b[5], b[6], b[7], b[8], b[9], b[10], b[11], b[12], b[13], b[14], b[15], b[16], b[17], b[18]] - -def RR22(field[32] b) -> (field[32]): - return [b[10], b[11], b[12], b[13], b[14], b[15], b[16], b[17], b[18], b[19], b[20], b[21], b[22], b[23], b[24], b[25], b[26], b[27], b[28], b[29], b[30], b[31], b[0], b[1], b[2], b[3], b[4], b[5], b[6], b[7], b[8], b[9]] - -def main(field[32] a) -> (field[32]): - u = RR2(a) - v = RR13(a) - w = RR22(a) - x = XOR(u, v) - z = XOR(w, x) - return z - diff --git a/zokrates_cli/examples/sha256/utils/32/ar6xar11xar25.zok b/zokrates_cli/examples/sha256/utils/32/ar6xar11xar25.zok deleted file mode 100644 index a23c9134..00000000 --- a/zokrates_cli/examples/sha256/utils/32/ar6xar11xar25.zok +++ /dev/null @@ -1,20 +0,0 @@ -// AR6XAR11XAR25 - -import "../../bitwise/32/xor" as XOR - -def RR6(field[32] b) -> (field[32]): - return [b[26], b[27], b[28], b[29], b[30], b[31], b[0], b[1], b[2], b[3], b[4], b[5], b[6], b[7], b[8], b[9], b[10], b[11], b[12], b[13], b[14], b[15], b[16], b[17], b[18], b[19], b[20], b[21], b[22], b[23], b[24], b[25]] - -def RR11(field[32] b) -> (field[32]): - return [b[21], b[22], b[23], b[24], b[25], b[26], b[27], b[28], b[29], b[30], b[31], b[0], b[1], b[2], b[3], b[4], b[5], b[6], b[7], b[8], b[9], b[10], b[11], b[12], b[13], b[14], b[15], b[16], b[17], b[18], b[19], b[20]] - -def RR25(field[32] b) -> (field[32]): - return [b[7], b[8], b[9], b[10], b[11], b[12], b[13], b[14], b[15], b[16], b[17], b[18], b[19], b[20], b[21], b[22], b[23], b[24], b[25], b[26], b[27], b[28], b[29], b[30], b[31], b[0], b[1], b[2], b[3], b[4], b[5], b[6]] - -def main(field[32] a) -> (field[32]): - u = RR6(a) - v = RR11(a) - w = RR25(a) - x = XOR(u, v) - z = XOR(w, x) - return z \ No newline at end of file diff --git a/zokrates_cli/examples/sha256/utils/32/ar7xar18xars3.zok b/zokrates_cli/examples/sha256/utils/32/ar7xar18xars3.zok deleted file mode 100644 index 6c523303..00000000 --- a/zokrates_cli/examples/sha256/utils/32/ar7xar18xars3.zok +++ /dev/null @@ -1,20 +0,0 @@ -// AR7XAR18XAR3 - -import "../../bitwise/32/xor" as XOR - -def RR7(field[32] b) -> (field[32]): - return [b[25], b[26], b[27], b[28], b[29], b[30], b[31], b[0], b[1], b[2], b[3], b[4], b[5], b[6], b[7], b[8], b[9], b[10], b[11], b[12], b[13], b[14], b[15], b[16], b[17], b[18], b[19], b[20], b[21], b[22], b[23], b[24]] - -def RR18(field[32] b) -> (field[32]): - return [b[14], b[15], b[16], b[17], b[18], b[19], b[20], b[21], b[22], b[23], b[24], b[25], b[26], b[27], b[28], b[29], b[30], b[31], b[0], b[1], b[2], b[3], b[4], b[5], b[6], b[7], b[8], b[9], b[10], b[11], b[12], b[13]] - -def RS3(field[32] b) -> (field[32]): - return [0, 0, 0, b[0], b[1], b[2], b[3], b[4], b[5], b[6], b[7], b[8], b[9], b[10], b[11], b[12], b[13], b[14], b[15], b[16], b[17], b[18], b[19], b[20], b[21], b[22], b[23], b[24], b[25], b[26], b[27], b[28]] - -def main(field[32] a) -> (field[32]): - u = RR7(a) - v = RR18(a) - w = RS3(a) - x = XOR(u, v) - z = XOR(w, x) - return z \ No newline at end of file diff --git a/zokrates_cli/examples/sha256/utils/32/compression_round.zok b/zokrates_cli/examples/sha256/utils/32/compression_round.zok deleted file mode 100644 index 100c2cd8..00000000 --- a/zokrates_cli/examples/sha256/utils/32/compression_round.zok +++ /dev/null @@ -1,42 +0,0 @@ -// COMPRESSION ROUND - -import "./ar6xar11xar25" as AR6XAR11XAR25 -import "./ar2xar13xar22" as AR2XAR13XAR22 -import "../../bitwise/32/andxornotand" as ANDXORNOTAND -import "../../bitwise/32/andxorandxorand" as ANDXORANDXORAND -import "./add" as ADD2 - -def ADD5(field[32] a, field[32] b, field[32] c, field[32] d, field[32] e) -> (field[32]): - ab = ADD2(a, b) - cd = ADD2(c, d) - abcd = ADD2(ab, cd) - abcde = ADD2(abcd, e) - return abcde - -def main(field[32] k, field[32] w, field[32] a, field[32] b, field[32] c, field[32] d, field[32] e, field[32] f, field[32] g, field[32] h) -> (field[32], field[32], field[32], field[32], field[32], field[32], field[32], field[32]): - - // S1 := (e rightrotate 6) xor (e rightrotate 11) xor (e rightrotate 25) - SOne = AR6XAR11XAR25(e) - - // ch := (e and f) xor ((not e) and g) - ch = ANDXORNOTAND(e, f, g) - - // temp1 := h + S1 + ch + k[i] + w[i] - tempOne = ADD5(h, SOne, ch, k, w) - - // S0 := (a rightrotate 2) xor (a rightrotate 13) xor (a rightrotate 22) - SZero = AR2XAR13XAR22(a) - - // maj := (a and b) xor (a and c) xor (b and c) - maj = ANDXORANDXORAND(a, b, c) - - // temp2 := S0 + maj - tempTwo = ADD2(SZero, maj) - - // en := d + temp1 - en = ADD2(d, tempOne) - - // an := temp1 + temp2 - an = ADD2(tempOne, tempTwo) - - return an, a, b, c, en, e, f, g \ No newline at end of file diff --git a/zokrates_cli/examples/sha256/utils/32/extend.zok b/zokrates_cli/examples/sha256/utils/32/extend.zok deleted file mode 100644 index f6964efa..00000000 --- a/zokrates_cli/examples/sha256/utils/32/extend.zok +++ /dev/null @@ -1,20 +0,0 @@ -// EXTEND - -import "./ar7xar18xars3" as AR7XAR18XAR3 -import "./ar17xar19xars10" as AR17XAR19XAR10 -import "./add" as ADD - -def ADD(field[32] a, field[32] b, field[32] c, field[32] d) -> (field[32]): - ab = ADD(a, b) - cd = ADD(c, d) - abcd = ADD(ab, cd) - return abcd - -def main(field[32] wm15, field[32] wm2, field[32] wm16, field[32] wm7) -> (field[32]): - // s0 := (w[i-15] rightrotate 7) xor (w[i-15] rightrotate 18) xor (w[i-15] rightshift 3) - szero = AR7XAR18XAR3(wm15) - // s1 := (w[i-2] rightrotate 17) xor (w[i-2] rightrotate 19) xor (w[i-2] rightshift 10) - sone = AR17XAR19XAR10(wm2) - // w[i] := w[i-16] + s0 + w[i-7] + s1 - wfb = ADD(wm16, szero, wm7, sone) - return wfb \ No newline at end of file diff --git a/zokrates_core_test/tests/tests/complex_call.zok b/zokrates_core_test/tests/tests/complex_call.zok index d737625f..7f1780c3 100644 --- a/zokrates_core_test/tests/tests/complex_call.zok +++ b/zokrates_core_test/tests/tests/complex_call.zok @@ -7,5 +7,5 @@ def f(bool a, field b, Foo c, field[2] d) -> (Foo, field): return Foo { a: [a, a], b: d[0] }, if c.a[0] then b + c.b else d[1] fi def main(bool a, field b, Foo c, field[2] d) -> (Foo, field): - e, f = f(a, b, c, d) + Foo e, field f = f(a, b, c, d) return e, f \ No newline at end of file diff --git a/zokrates_stdlib/stdlib/hashes/pedersen/512bit.zok b/zokrates_stdlib/stdlib/hashes/pedersen/512bit.zok index 6bba5ecf..a1d18a85 100644 --- a/zokrates_stdlib/stdlib/hashes/pedersen/512bit.zok +++ b/zokrates_stdlib/stdlib/hashes/pedersen/512bit.zok @@ -18,10 +18,10 @@ from "ecc/babyjubjubParams" import BabyJubJubParams // 512bit to 256bit Pedersen hash using compression of the field elements def main(field[512] e) -> (field[256]): BabyJubJubParams context = context() - field[2] a = context.infinity //Infinity + field[2] a = context.INFINITY //Infinity //Round 0 - cx = sel3s([e[0], e[1], e[2]], [13418723823902222986275588345615650707197303761863176429873001977640541977977 , 8366451672790208592553809639953117385619257483837439526516290319251622927412, 1785026334726838136757054176272745265857971873904476677125553010508875025629, 15763987975760561753692294837740043971877392788040801334205375164715487005236]) - cy = sel2([e[0], e[1]], [15255921313433251341520743036334816584226787412845488772781699434149539664639 , 10916775373885716961512013142444429405184550001421868906213743991404593770484, 18533662942827602783563125901366807026309605479742251601915445402562880550265, 12754584346112149619040942896930712185968371085994381911052593922432846916845]) + field cx = sel3s([e[0], e[1], e[2]], [13418723823902222986275588345615650707197303761863176429873001977640541977977 , 8366451672790208592553809639953117385619257483837439526516290319251622927412, 1785026334726838136757054176272745265857971873904476677125553010508875025629, 15763987975760561753692294837740043971877392788040801334205375164715487005236]) + field cy = sel2([e[0], e[1]], [15255921313433251341520743036334816584226787412845488772781699434149539664639 , 10916775373885716961512013142444429405184550001421868906213743991404593770484, 18533662942827602783563125901366807026309605479742251601915445402562880550265, 12754584346112149619040942896930712185968371085994381911052593922432846916845]) a = add(a, [cx, cy], context) //Round 1 cx = sel3s([e[3], e[4], e[5]], [10096735692467598736728394557736034054031417419721869067082824451240861468728 , 6979151010236415881632946866847657030447196774231162748523315765559549846746, 12137947022495312670974525048647679757468392619153927921382150023166867027471, 10624360821702266736197468438435445939719745367234393212061381062942588576905]) @@ -704,5 +704,5 @@ def main(field[512] e) -> (field[256]): cy = sel2([e[510], e[511]], [2329094643034533408459502544740928833981119919633412709248656884170940780093 , 3216329736050668550647765981020076413548845117352735257893224753954595290363, 18710403072495673647060422294369054840513840567808020912157404388689648711093, 9785201456176703812798077455183487364035650707229293534561747881523562553649]) a = add(a, [cx, cy], context) - field[256] aC = edwardsCompress(a, context) + field[256] aC = edwardsCompress(a) return aC diff --git a/zokrates_stdlib/stdlib/hashes/pedersen/6bit.zok b/zokrates_stdlib/stdlib/hashes/pedersen/6bit.zok index c37f8a57..491b34c8 100644 --- a/zokrates_stdlib/stdlib/hashes/pedersen/6bit.zok +++ b/zokrates_stdlib/stdlib/hashes/pedersen/6bit.zok @@ -14,8 +14,8 @@ def main(field[6] e) -> (field[2]): field cy = sel2([e[0], e[1]], [15255921313433251341520743036334816584226787412845488772781699434149539664639 , 10916775373885716961512013142444429405184550001421868906213743991404593770484, 18533662942827602783563125901366807026309605479742251601915445402562880550265, 12754584346112149619040942896930712185968371085994381911052593922432846916845]) a = add(a, [cx, cy], context) //Round 1 - field cx = sel3s([e[3], e[4], e[5]], [10096735692467598736728394557736034054031417419721869067082824451240861468728 , 6979151010236415881632946866847657030447196774231162748523315765559549846746, 12137947022495312670974525048647679757468392619153927921382150023166867027471, 10624360821702266736197468438435445939719745367234393212061381062942588576905]) - field cy = sel2([e[3], e[4]], [16704592219657141368520262522286248296157931669321735564513068002743507745908 , 11518684165372839249156788740134693928233608013641661856685773776747280808438, 21502372109496595498116676984635248026663470429940273577484250291841812814697, 17522620677401472201433112250371604936150385414760411280739362011041111141253]) - field[2] a = add(a, [cx, cy], context) + cx = sel3s([e[3], e[4], e[5]], [10096735692467598736728394557736034054031417419721869067082824451240861468728 , 6979151010236415881632946866847657030447196774231162748523315765559549846746, 12137947022495312670974525048647679757468392619153927921382150023166867027471, 10624360821702266736197468438435445939719745367234393212061381062942588576905]) + cy = sel2([e[3], e[4]], [16704592219657141368520262522286248296157931669321735564513068002743507745908 , 11518684165372839249156788740134693928233608013641661856685773776747280808438, 21502372109496595498116676984635248026663470429940273577484250291841812814697, 17522620677401472201433112250371604936150385414760411280739362011041111141253]) + a = add(a, [cx, cy], context) return a \ No newline at end of file diff --git a/zokrates_stdlib/stdlib/hashes/sha256/1024bitPadded.zok b/zokrates_stdlib/stdlib/hashes/sha256/1024bitPadded.zok index 319f089e..bc7e8192 100644 --- a/zokrates_stdlib/stdlib/hashes/sha256/1024bitPadded.zok +++ b/zokrates_stdlib/stdlib/hashes/sha256/1024bitPadded.zok @@ -10,6 +10,6 @@ def main(field[256] a, field[256] b, field[256] c, field[256] d) -> (field[256]) // total length of message is 1024 bits: 0b10000000000 field[256] dummyblock2 = [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0] - digest = sha256(a, b, c, d, dummyblock1, dummyblock2) + field[256] digest = sha256(a, b, c, d, dummyblock1, dummyblock2) return digest diff --git a/zokrates_stdlib/stdlib/hashes/sha256/1536bit.zok b/zokrates_stdlib/stdlib/hashes/sha256/1536bit.zok index 9000bd36..ce679f33 100644 --- a/zokrates_stdlib/stdlib/hashes/sha256/1536bit.zok +++ b/zokrates_stdlib/stdlib/hashes/sha256/1536bit.zok @@ -6,9 +6,9 @@ import "./shaRoundNoBoolCheck" as sha256 // It returns an array of 256 field elements. def main(field[256] a, field[256] b, field[256] c, field[256] d, field[256] e, field[256] f) -> (field[256]): - IV = IVconstants() - digest1 = sha256(a, b, IV) - digest2 = sha256(c, d, digest1) - digest3 = sha256(e, f, digest2) + field[256] IV = IVconstants() + field[256] digest1 = sha256(a, b, IV) + field[256] digest2 = sha256(c, d, digest1) + field[256] digest3 = sha256(e, f, digest2) return digest3 \ No newline at end of file diff --git a/zokrates_stdlib/stdlib/signatures/verifyEddsa.zok b/zokrates_stdlib/stdlib/signatures/verifyEddsa.zok index f7719b0a..6c553ad4 100644 --- a/zokrates_stdlib/stdlib/signatures/verifyEddsa.zok +++ b/zokrates_stdlib/stdlib/signatures/verifyEddsa.zok @@ -4,6 +4,7 @@ import "ecc/edwardsAdd" as add import "utils/pack/nonStrictUnpack256" as unpack256 import "ecc/edwardsOnCurve" as onCurve import "ecc/edwardsOrderCheck" as orderCheck +from "ecc/babyjubjubParams" import BabyJubJubParams /// Verifies an EdDSA Signature. /// @@ -26,9 +27,9 @@ import "ecc/edwardsOrderCheck" as orderCheck /// /// Returns: /// Return 1 for S being a valid EdDSA Signature, 0 otherwise. -def main(private field[2] R, private field S, field[2] A, field[256] M0, field[256] M1, field[10] context) -> (field): +def main(private field[2] R, private field S, field[2] A, field[256] M0, field[256] M1, BabyJubJubParams context) -> (field): - field[2] G = [context[4], context[5]] + field[2] G = [context.Gu, context.Gv] // Check if R is on curve and if it is not in a small subgroup. A is public input and can be checked offline field isOnCurve = onCurve(R, context) // throws if R is not on curve diff --git a/zokrates_stdlib/tests/tests/ecc/edwardsAdd.zok b/zokrates_stdlib/tests/tests/ecc/edwardsAdd.zok index 7e1b939e..48866390 100644 --- a/zokrates_stdlib/tests/tests/ecc/edwardsAdd.zok +++ b/zokrates_stdlib/tests/tests/ecc/edwardsAdd.zok @@ -1,13 +1,14 @@ import "ecc/edwardsAdd" as add import "ecc/edwardsNegate" as neg import "ecc/babyjubjubParams" as context +from "ecc/babyjubjubParams" import BabyJubJubParams // Code to create test cases: // https://github.com/Zokrates/pycrypto def testDoubleViaAdd() -> (field): - context = context() - field[2] G = [context[4], context[5]] - + BabyJubJubParams context = context() + field[2] G = [context.Gu, context.Gv] + field[2] out = add(G, G, context) out[0] == 17324563846726889236817837922625232543153115346355010501047597319863650987830 @@ -16,13 +17,13 @@ def testDoubleViaAdd() -> (field): return 1 def testIdentities() -> (field): - context = context() - field[2] G = [context[4], context[5]] - field[2] inf = [context[2], context[3]] + BabyJubJubParams context = context() + field[2] G = [context.Gu, context.Gv] + field[2] inf = context.INFINITY G == add(G, inf, context) - field[2] nG = neg(G, context) + field[2] nG = neg(G) field[2] nGaddG = add(G, nG, context) inf == nGaddG diff --git a/zokrates_stdlib/tests/tests/ecc/edwardsCompress.zok b/zokrates_stdlib/tests/tests/ecc/edwardsCompress.zok index 65107a38..b5161097 100644 --- a/zokrates_stdlib/tests/tests/ecc/edwardsCompress.zok +++ b/zokrates_stdlib/tests/tests/ecc/edwardsCompress.zok @@ -1,17 +1,18 @@ import "ecc/edwardsCompress" as edwardsCompress import "ecc/babyjubjubParams" as context +from "ecc/babyjubjubParams" import BabyJubJubParams // Code to create test cases: // https://github.com/Zokrates/pycrypto def testCompress() -> (field): - context = context() + BabyJubJubParams context = context() - field Gu = context[4] - field Gv = context[5] + field Gu = context.Gu + field Gv = context.Gv - Gcompressed = edwardsCompress([Gu, Gv], context) + field[256] Gcompressed = edwardsCompress([Gu, Gv]) - Gcompressed = [1,0,1,0,1,1,1,0,0,0,0,0,0,1,1,1,0,0,1,0,1,0,0,1,0,1,1,1,1,1,1,1,1,0,0,0,1,1,0,1,0,0,1,1,1,1,0,0,0,0,1,1,1,1,0,1,0,1,1,1,1,0,0,0,0,0,0,1,1,0,0,0,1,1,0,1,1,0,1,1,1,1,0,1,1,1,0,1,1,1,1,1,1,1,0,1,0,0,1,0,0,1,0,0,1,1,0,0,0,0,1,1,0,1,0,1,0,1,0,1,1,0,0,0,0,0,1,1,1,1,1,1,1,0,0,1,1,0,1,0,1,0,0,1,1,1,0,1,0,1,0,0,1,1,1,0,1,1,0,1,0,0,0,0,1,1,0,0,1,0,1,1,0,0,0,0,1,1,0,0,0,0,0,1,1,1,0,1,0,0,0,1,0,0,1,1,0,1,0,0,1,0,0,0,1,1,0,1,1,1,0,1,1,0,0,0,1,1,1,1,0,1,1,1,1,1,1,1,1,0,0,1,1,0,0,1,0,0,0,1,0,1,0,1,0,0,1,0,1,1,0,1,0,1,1,1] + Gcompressed == [1,0,1,0,1,1,1,0,0,0,0,0,0,1,1,1,0,0,1,0,1,0,0,1,0,1,1,1,1,1,1,1,1,0,0,0,1,1,0,1,0,0,1,1,1,1,0,0,0,0,1,1,1,1,0,1,0,1,1,1,1,0,0,0,0,0,0,1,1,0,0,0,1,1,0,1,1,0,1,1,1,1,0,1,1,1,0,1,1,1,1,1,1,1,0,1,0,0,1,0,0,1,0,0,1,1,0,0,0,0,1,1,0,1,0,1,0,1,0,1,1,0,0,0,0,0,1,1,1,1,1,1,1,0,0,1,1,0,1,0,1,0,0,1,1,1,0,1,0,1,0,0,1,1,1,0,1,1,0,1,0,0,0,0,1,1,0,0,1,0,1,1,0,0,0,0,1,1,0,0,0,0,0,1,1,1,0,1,0,0,0,1,0,0,1,1,0,1,0,0,1,0,0,0,1,1,0,1,1,1,0,1,1,0,0,0,1,1,1,1,0,1,1,1,1,1,1,1,1,0,0,1,1,0,0,1,0,0,0,1,0,1,0,1,0,0,1,0,1,1,0,1,0,1,1,1] return 1 diff --git a/zokrates_stdlib/tests/tests/ecc/edwardsOnCurve.zok b/zokrates_stdlib/tests/tests/ecc/edwardsOnCurve.zok index 045dc70f..8ac5b6ba 100644 --- a/zokrates_stdlib/tests/tests/ecc/edwardsOnCurve.zok +++ b/zokrates_stdlib/tests/tests/ecc/edwardsOnCurve.zok @@ -1,10 +1,11 @@ import "ecc/babyjubjubParams" as context +from "ecc/babyjubjubParams" import BabyJubJubParams import "ecc/edwardsOnCurve" as onCurve // Code to create test cases: // https://github.com/Zokrates/pycrypto def testOnCurveTrue() -> (field): - context = context() + BabyJubJubParams context = context() field testU = 17324563846726889236817837922625232543153115346355010501047597319863650987830 field testV = 20022170825455209233733649024450576091402881793145646502279487074566492066831 diff --git a/zokrates_stdlib/tests/tests/ecc/edwardsOrderCheck.zok b/zokrates_stdlib/tests/tests/ecc/edwardsOrderCheck.zok index 065ea515..eb0ca612 100644 --- a/zokrates_stdlib/tests/tests/ecc/edwardsOrderCheck.zok +++ b/zokrates_stdlib/tests/tests/ecc/edwardsOrderCheck.zok @@ -1,10 +1,11 @@ import "ecc/edwardsOrderCheck" as orderCheck import "ecc/babyjubjubParams" as context +from "ecc/babyjubjubParams" import BabyJubJubParams // Code to create test cases: // https://github.com/Zokrates/pycrypto def testOrderCheckTrue() -> (field): - context = context() + BabyJubJubParams context = context() field testU = 17324563846726889236817837922625232543153115346355010501047597319863650987830 field testV = 20022170825455209233733649024450576091402881793145646502279487074566492066831 @@ -15,7 +16,7 @@ def testOrderCheckTrue() -> (field): return 1 def testOrderCheckFalse() -> (field): - context = context() + BabyJubJubParams context = context() field testU = 4342719913949491028786768530115087822524712248835451589697801404893164183326 field testV = 4826523245007015323400664741523384119579596407052839571721035538011798951543 diff --git a/zokrates_stdlib/tests/tests/ecc/edwardsScalarMult.zok b/zokrates_stdlib/tests/tests/ecc/edwardsScalarMult.zok index 6966b0c3..12598615 100644 --- a/zokrates_stdlib/tests/tests/ecc/edwardsScalarMult.zok +++ b/zokrates_stdlib/tests/tests/ecc/edwardsScalarMult.zok @@ -1,11 +1,12 @@ import "ecc/babyjubjubParams" as context +from "ecc/babyjubjubParams" import BabyJubJubParams import "ecc/edwardsScalarMult" as mul // Code to create test cases: // https://github.com/Zokrates/pycrypto def testCyclic() -> (field): - context = context() - field[2] G = [context[4], context[5]] + BabyJubJubParams context = context() + field[2] G = [context.Gu, context.Gv] // exp = JUBJUB_E + 1 field[256] exp = [0, 0, 1, 1, 0, 0, 0, 0, 0, 1, 1, 0, 0, 1, 0, 0, 0, 1, 0, 0, 1, 1, 1, 0, 0, 1, 1, 1, 0, 0, 1, 0, 1, 1, 1, 0, 0, 0, 0, 1, 0, 0, 1, 1, 0, 0, 0, 1, 1, 0, 1, 0, 0, 0, 0, 0, 0, 0, 1, 0, 1, 0, 0, 1, 1, 0, 1, 1, 1, 0, 0, 0, 0, 1, 0, 1, 0, 0, 0, 0, 0, 1, 0, 0, 0, 1, 0, 1, 1, 0, 1, 1, 0, 1, 1, 0, 1, 0, 0, 0, 0, 0, 0, 1, 1, 0, 0, 0, 0, 0, 0, 1, 0, 1, 0, 1, 1, 0, 0, 0, 0, 1, 0, 1, 1, 1, 0, 1, 0, 1, 0, 1, 1, 0, 0, 1, 1, 1, 1, 1, 0, 1, 1, 1, 0, 1, 1, 0, 1, 1, 0, 1, 1, 1, 0, 0, 0, 0, 0, 1, 1, 1, 0, 0, 1, 0, 0, 1, 0, 0, 0, 0, 0, 1, 1, 1, 0, 1, 1, 1, 0, 0, 0, 0, 0, 1, 0, 1, 0, 0, 1, 1, 0, 0, 1, 1, 1, 0, 1, 1, 1, 0, 0, 1, 0, 1, 0, 0, 1, 0, 1, 1, 1, 1, 1, 0, 1, 1, 1, 0, 0, 0, 0, 1, 1, 1, 0, 0, 1, 0, 0, 1, 0, 0, 0, 0, 1, 0, 0, 1, 0, 0, 1, 1, 0, 1, 1, 1, 1, 0, 0, 0, 1, 0, 0, 1] @@ -16,8 +17,8 @@ def testCyclic() -> (field): return 1 def testMul2() -> (field): - context = context() - field[2] G = [context[4], context[5]] + BabyJubJubParams context = context() + field[2] G = [context.Gu, context.Gv] // exp == 2 field[256] exp = [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0] @@ -29,8 +30,8 @@ def testMul2() -> (field): return 1 def testAssociativity() -> (field): - context = context() - field[2] G = [context[4], context[5]] + BabyJubJubParams context = context() + field[2] G = [context.Gu, context.Gv] // a = 1234 field[256] a = [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 1, 1, 0, 1, 0, 0, 1, 0] @@ -58,8 +59,8 @@ def testAssociativity() -> (field): return 1 def testMultiplicative() -> (field): - context = context() - field[2] G = [context[4], context[5]] + BabyJubJubParams context = context() + field[2] G = [context.Gu, context.Gv] // a = 1234 field[256] a = [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 1, 1, 0, 1, 0, 0, 1, 0] diff --git a/zokrates_stdlib/tests/tests/ecc/proofOfOwnership.zok b/zokrates_stdlib/tests/tests/ecc/proofOfOwnership.zok index 01ef637e..9c0e7654 100644 --- a/zokrates_stdlib/tests/tests/ecc/proofOfOwnership.zok +++ b/zokrates_stdlib/tests/tests/ecc/proofOfOwnership.zok @@ -1,4 +1,5 @@ import "ecc/babyjubjubParams" as context +from "ecc/babyjubjubParams" import BabyJubJubParams import "ecc/proofOfOwnership" as proofOfOwnership import "ecc/edwardsScalarMult" as multiply import "utils/pack/nonStrictUnpack256" as unpack256 @@ -6,8 +7,8 @@ import "utils/pack/nonStrictUnpack256" as unpack256 // Code to create test cases: // https://github.com/Zokrates/pycrypto def testOwnershipTrue() -> (field): - context = context() - field[2] G = [context[4], context[5]] + BabyJubJubParams context = context() + field[2] G = [context.Gu, context.Gv] field[2] Pk = [14897476871502190904409029696666322856887678969656209656241038339251270171395, 16668832459046858928951622951481252834155254151733002984053501254009901876174] field sk = 1997011358982923168928344992199991480689546837621580239342656433234255379025 @@ -18,7 +19,7 @@ def testOwnershipTrue() -> (field): return 1 def testtOwnershipFalse() -> (field): - context = context() + BabyJubJubParams context = context() field[2] Pk = [16328093915569409528980874702678312730273137210288183490878184636452430630129, 9377227749598842756429258362864743065769435972445705966557343775367597326529] field sk = 1997011358982923168928344992199991480689546837621580239342656433234255379025 diff --git a/zokrates_stdlib/tests/tests/hashes/sha256/512bitPacked.zok b/zokrates_stdlib/tests/tests/hashes/sha256/512bitPacked.zok index f69432a4..7387fe09 100644 --- a/zokrates_stdlib/tests/tests/hashes/sha256/512bitPacked.zok +++ b/zokrates_stdlib/tests/tests/hashes/sha256/512bitPacked.zok @@ -23,7 +23,7 @@ def main() -> (field): field c = 0 field d = 5 - h = sha256packed([a, b, c, d]) + field[2] h = sha256packed([a, b, c, d]) h[0] == 263561599766550617289250058199814760685 h[1] == 65303172752238645975888084098459749904 diff --git a/zokrates_stdlib/tests/tests/hashes/utils/256bitsDirectionHelper.zok b/zokrates_stdlib/tests/tests/hashes/utils/256bitsDirectionHelper.zok index e3ae4a34..2f21d468 100644 --- a/zokrates_stdlib/tests/tests/hashes/utils/256bitsDirectionHelper.zok +++ b/zokrates_stdlib/tests/tests/hashes/utils/256bitsDirectionHelper.zok @@ -18,7 +18,7 @@ def left() -> (field): field[256] a = [0, 0, 0, 1, 1, 0, 1, 1, 0, 0, 0, 1, 1, 0, 0, 1, 1, 1, 0, 1, 1, 1, 1, 0, 1, 0, 1, 0, 1, 0, 0, 0, 1, 0, 1, 1, 1, 0, 1, 0, 0, 1, 0, 0, 1, 1, 1, 0, 0, 0, 1, 1, 1, 1, 0, 0, 0, 0, 0, 1, 0, 1, 1, 0, 0, 1, 0, 0, 0, 0, 1, 1, 1, 1, 1, 0, 1, 0, 1, 1, 0, 1, 1, 0, 0, 1, 1, 1, 1, 0, 1, 0, 0, 1, 0, 0, 0, 0, 1, 0, 0, 1, 1, 0, 0, 1, 1, 0, 0, 1, 1, 1, 1, 1, 1, 1, 1, 1, 0, 1, 0, 0, 1, 1, 1, 1, 0, 0, 1, 1, 0, 0, 0, 1, 0, 1, 0, 0, 0, 0, 1, 0, 1, 0, 0, 0, 0, 1, 1, 0, 0, 0, 1, 0, 0, 1, 1, 1, 1, 1, 0, 1, 0, 1, 0, 1, 0, 0, 1, 0, 0, 1, 0, 1, 1, 1, 0, 1, 1, 1, 1, 1, 1, 0, 0, 0, 1, 0, 1, 1, 1, 1, 1, 0, 0, 0, 1, 0, 1, 0, 1, 0, 1, 1, 0, 0, 0, 0, 1, 0, 1, 1, 1, 1, 1, 0, 1, 1, 1, 0, 1, 1, 1, 0, 0, 0, 1, 1, 0, 0, 1, 1, 0, 0, 1, 0, 1, 0, 1, 1, 0, 0, 1, 0, 1, 0, 1, 0, 0, 0, 1, 1, 1, 0, 0, 0] field[256] b = [0, 0, 0, 0, 0, 0, 1, 1, 1, 1, 1, 1, 0, 0, 1, 1, 1, 1, 1, 1, 0, 1, 1, 0, 0, 0, 1, 0, 1, 0, 0, 0, 1, 1, 1, 0, 0, 0, 0, 0, 0, 1, 1, 0, 0, 1, 1, 1, 0, 1, 0, 1, 0, 0, 1, 0, 0, 0, 0, 0, 1, 1, 0, 1, 1, 0, 0, 1, 1, 0, 1, 0, 0, 0, 1, 1, 0, 1, 1, 0, 1, 1, 1, 1, 0, 1, 1, 1, 0, 0, 0, 1, 0, 1, 0, 0, 1, 0, 1, 0, 0, 1, 0, 1, 1, 0, 1, 1, 1, 0, 1, 0, 1, 0, 0, 0, 0, 1, 1, 0, 1, 1, 0, 0, 1, 1, 0, 1, 0, 0, 1, 0, 1, 1, 0, 1, 1, 0, 1, 1, 1, 1, 0, 0, 1, 0, 1, 0, 1, 1, 1, 0, 0, 0, 0, 1, 1, 1, 0, 1, 0, 0, 1, 1, 0, 1, 1, 1, 1, 1, 1, 0, 0, 0, 0, 0, 0, 0, 1, 1, 0, 1, 0, 0, 1, 0, 1, 1, 0, 0, 1, 1, 1, 0, 0, 0, 0, 1, 0, 0, 0, 1, 1, 1, 1, 0, 0, 0, 0, 1, 1, 0, 1, 1, 0, 1, 1, 1, 1, 0, 0, 0, 1, 1, 1, 1, 1, 0, 1, 1, 0, 1, 1, 0, 1, 1, 1, 0, 0, 0, 1, 0, 1, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 1, 1] - out = direction(0, a, b) + field[512] out = direction(0, a, b) out == [0, 0, 0, 1, 1, 0, 1, 1, 0, 0, 0, 1, 1, 0, 0, 1, 1, 1, 0, 1, 1, 1, 1, 0, 1, 0, 1, 0, 1, 0, 0, 0, 1, 0, 1, 1, 1, 0, 1, 0, 0, 1, 0, 0, 1, 1, 1, 0, 0, 0, 1, 1, 1, 1, 0, 0, 0, 0, 0, 1, 0, 1, 1, 0, 0, 1, 0, 0, 0, 0, 1, 1, 1, 1, 1, 0, 1, 0, 1, 1, 0, 1, 1, 0, 0, 1, 1, 1, 1, 0, 1, 0, 0, 1, 0, 0, 0, 0, 1, 0, 0, 1, 1, 0, 0, 1, 1, 0, 0, 1, 1, 1, 1, 1, 1, 1, 1, 1, 0, 1, 0, 0, 1, 1, 1, 1, 0, 0, 1, 1, 0, 0, 0, 1, 0, 1, 0, 0, 0, 0, 1, 0, 1, 0, 0, 0, 0, 1, 1, 0, 0, 0, 1, 0, 0, 1, 1, 1, 1, 1, 0, 1, 0, 1, 0, 1, 0, 0, 1, 0, 0, 1, 0, 1, 1, 1, 0, 1, 1, 1, 1, 1, 1, 0, 0, 0, 1, 0, 1, 1, 1, 1, 1, 0, 0, 0, 1, 0, 1, 0, 1, 0, 1, 1, 0, 0, 0, 0, 1, 0, 1, 1, 1, 1, 1, 0, 1, 1, 1, 0, 1, 1, 1, 0, 0, 0, 1, 1, 0, 0, 1, 1, 0, 0, 1, 0, 1, 0, 1, 1, 0, 0, 1, 0, 1, 0, 1, 0, 0, 0, 1, 1, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 1, 1, 1, 1, 1, 0, 0, 1, 1, 1, 1, 1, 1, 0, 1, 1, 0, 0, 0, 1, 0, 1, 0, 0, 0, 1, 1, 1, 0, 0, 0, 0, 0, 0, 1, 1, 0, 0, 1, 1, 1, 0, 1, 0, 1, 0, 0, 1, 0, 0, 0, 0, 0, 1, 1, 0, 1, 1, 0, 0, 1, 1, 0, 1, 0, 0, 0, 1, 1, 0, 1, 1, 0, 1, 1, 1, 1, 0, 1, 1, 1, 0, 0, 0, 1, 0, 1, 0, 0, 1, 0, 1, 0, 0, 1, 0, 1, 1, 0, 1, 1, 1, 0, 1, 0, 1, 0, 0, 0, 0, 1, 1, 0, 1, 1, 0, 0, 1, 1, 0, 1, 0, 0, 1, 0, 1, 1, 0, 1, 1, 0, 1, 1, 1, 1, 0, 0, 1, 0, 1, 0, 1, 1, 1, 0, 0, 0, 0, 1, 1, 1, 0, 1, 0, 0, 1, 1, 0, 1, 1, 1, 1, 1, 1, 0, 0, 0, 0, 0, 0, 0, 1, 1, 0, 1, 0, 0, 1, 0, 1, 1, 0, 0, 1, 1, 1, 0, 0, 0, 0, 1, 0, 0, 0, 1, 1, 1, 1, 0, 0, 0, 0, 1, 1, 0, 1, 1, 0, 1, 1, 1, 1, 0, 0, 0, 1, 1, 1, 1, 1, 0, 1, 1, 0, 1, 1, 0, 1, 1, 1, 0, 0, 0, 1, 0, 1, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 1, 1] return 1 @@ -26,7 +26,7 @@ def right() -> (field): field[256] a = [0, 0, 0, 1, 1, 0, 1, 1, 0, 0, 0, 1, 1, 0, 0, 1, 1, 1, 0, 1, 1, 1, 1, 0, 1, 0, 1, 0, 1, 0, 0, 0, 1, 0, 1, 1, 1, 0, 1, 0, 0, 1, 0, 0, 1, 1, 1, 0, 0, 0, 1, 1, 1, 1, 0, 0, 0, 0, 0, 1, 0, 1, 1, 0, 0, 1, 0, 0, 0, 0, 1, 1, 1, 1, 1, 0, 1, 0, 1, 1, 0, 1, 1, 0, 0, 1, 1, 1, 1, 0, 1, 0, 0, 1, 0, 0, 0, 0, 1, 0, 0, 1, 1, 0, 0, 1, 1, 0, 0, 1, 1, 1, 1, 1, 1, 1, 1, 1, 0, 1, 0, 0, 1, 1, 1, 1, 0, 0, 1, 1, 0, 0, 0, 1, 0, 1, 0, 0, 0, 0, 1, 0, 1, 0, 0, 0, 0, 1, 1, 0, 0, 0, 1, 0, 0, 1, 1, 1, 1, 1, 0, 1, 0, 1, 0, 1, 0, 0, 1, 0, 0, 1, 0, 1, 1, 1, 0, 1, 1, 1, 1, 1, 1, 0, 0, 0, 1, 0, 1, 1, 1, 1, 1, 0, 0, 0, 1, 0, 1, 0, 1, 0, 1, 1, 0, 0, 0, 0, 1, 0, 1, 1, 1, 1, 1, 0, 1, 1, 1, 0, 1, 1, 1, 0, 0, 0, 1, 1, 0, 0, 1, 1, 0, 0, 1, 0, 1, 0, 1, 1, 0, 0, 1, 0, 1, 0, 1, 0, 0, 0, 1, 1, 1, 0, 0, 0] field[256] b = [0, 0, 0, 0, 0, 0, 1, 1, 1, 1, 1, 1, 0, 0, 1, 1, 1, 1, 1, 1, 0, 1, 1, 0, 0, 0, 1, 0, 1, 0, 0, 0, 1, 1, 1, 0, 0, 0, 0, 0, 0, 1, 1, 0, 0, 1, 1, 1, 0, 1, 0, 1, 0, 0, 1, 0, 0, 0, 0, 0, 1, 1, 0, 1, 1, 0, 0, 1, 1, 0, 1, 0, 0, 0, 1, 1, 0, 1, 1, 0, 1, 1, 1, 1, 0, 1, 1, 1, 0, 0, 0, 1, 0, 1, 0, 0, 1, 0, 1, 0, 0, 1, 0, 1, 1, 0, 1, 1, 1, 0, 1, 0, 1, 0, 0, 0, 0, 1, 1, 0, 1, 1, 0, 0, 1, 1, 0, 1, 0, 0, 1, 0, 1, 1, 0, 1, 1, 0, 1, 1, 1, 1, 0, 0, 1, 0, 1, 0, 1, 1, 1, 0, 0, 0, 0, 1, 1, 1, 0, 1, 0, 0, 1, 1, 0, 1, 1, 1, 1, 1, 1, 0, 0, 0, 0, 0, 0, 0, 1, 1, 0, 1, 0, 0, 1, 0, 1, 1, 0, 0, 1, 1, 1, 0, 0, 0, 0, 1, 0, 0, 0, 1, 1, 1, 1, 0, 0, 0, 0, 1, 1, 0, 1, 1, 0, 1, 1, 1, 1, 0, 0, 0, 1, 1, 1, 1, 1, 0, 1, 1, 0, 1, 1, 0, 1, 1, 1, 0, 0, 0, 1, 0, 1, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 1, 1] - out = direction(1, a, b) + field[512] out = direction(1, a, b) out == [0, 0, 0, 0, 0, 0, 1, 1, 1, 1, 1, 1, 0, 0, 1, 1, 1, 1, 1, 1, 0, 1, 1, 0, 0, 0, 1, 0, 1, 0, 0, 0, 1, 1, 1, 0, 0, 0, 0, 0, 0, 1, 1, 0, 0, 1, 1, 1, 0, 1, 0, 1, 0, 0, 1, 0, 0, 0, 0, 0, 1, 1, 0, 1, 1, 0, 0, 1, 1, 0, 1, 0, 0, 0, 1, 1, 0, 1, 1, 0, 1, 1, 1, 1, 0, 1, 1, 1, 0, 0, 0, 1, 0, 1, 0, 0, 1, 0, 1, 0, 0, 1, 0, 1, 1, 0, 1, 1, 1, 0, 1, 0, 1, 0, 0, 0, 0, 1, 1, 0, 1, 1, 0, 0, 1, 1, 0, 1, 0, 0, 1, 0, 1, 1, 0, 1, 1, 0, 1, 1, 1, 1, 0, 0, 1, 0, 1, 0, 1, 1, 1, 0, 0, 0, 0, 1, 1, 1, 0, 1, 0, 0, 1, 1, 0, 1, 1, 1, 1, 1, 1, 0, 0, 0, 0, 0, 0, 0, 1, 1, 0, 1, 0, 0, 1, 0, 1, 1, 0, 0, 1, 1, 1, 0, 0, 0, 0, 1, 0, 0, 0, 1, 1, 1, 1, 0, 0, 0, 0, 1, 1, 0, 1, 1, 0, 1, 1, 1, 1, 0, 0, 0, 1, 1, 1, 1, 1, 0, 1, 1, 0, 1, 1, 0, 1, 1, 1, 0, 0, 0, 1, 0, 1, 1, 0, 1, 0, 1, 0, 1, 0, 1, 0, 1, 1, 1, 0, 0, 0, 1, 1, 0, 1, 1, 0, 0, 0, 1, 1, 0, 0, 1, 1, 1, 0, 1, 1, 1, 1, 0, 1, 0, 1, 0, 1, 0, 0, 0, 1, 0, 1, 1, 1, 0, 1, 0, 0, 1, 0, 0, 1, 1, 1, 0, 0, 0, 1, 1, 1, 1, 0, 0, 0, 0, 0, 1, 0, 1, 1, 0, 0, 1, 0, 0, 0, 0, 1, 1, 1, 1, 1, 0, 1, 0, 1, 1, 0, 1, 1, 0, 0, 1, 1, 1, 1, 0, 1, 0, 0, 1, 0, 0, 0, 0, 1, 0, 0, 1, 1, 0, 0, 1, 1, 0, 0, 1, 1, 1, 1, 1, 1, 1, 1, 1, 0, 1, 0, 0, 1, 1, 1, 1, 0, 0, 1, 1, 0, 0, 0, 1, 0, 1, 0, 0, 0, 0, 1, 0, 1, 0, 0, 0, 0, 1, 1, 0, 0, 0, 1, 0, 0, 1, 1, 1, 1, 1, 0, 1, 0, 1, 0, 1, 0, 0, 1, 0, 0, 1, 0, 1, 1, 1, 0, 1, 1, 1, 1, 1, 1, 0, 0, 0, 1, 0, 1, 1, 1, 1, 1, 0, 0, 0, 1, 0, 1, 0, 1, 0, 1, 1, 0, 0, 0, 0, 1, 0, 1, 1, 1, 1, 1, 0, 1, 1, 1, 0, 1, 1, 1, 0, 0, 0, 1, 1, 0, 0, 1, 1, 0, 0, 1, 0, 1, 0, 1, 1, 0, 0, 1, 0, 1, 0, 1, 0, 0, 0, 1, 1, 1, 0, 0, 0] return 1 diff --git a/zokrates_stdlib/tests/tests/signatures/verifyEddsa.zok b/zokrates_stdlib/tests/tests/signatures/verifyEddsa.zok index eb48d580..a863548d 100644 --- a/zokrates_stdlib/tests/tests/signatures/verifyEddsa.zok +++ b/zokrates_stdlib/tests/tests/signatures/verifyEddsa.zok @@ -1,11 +1,12 @@ import "signatures/verifyEddsa" as verifyEddsa import "ecc/babyjubjubParams" as context +from "ecc/babyjubjubParams" import BabyJubJubParams // Code to create test case: // https://github.com/Zokrates/pycrypto def main() -> (field): -context = context() + BabyJubJubParams context = context() field[2] R = [20197911405516193152560090893341588680064377398162745404177962124159545390767, 9171190326927340493105240100684097896571028312802691203521747450053192554927] field S = 6050429445242986634735172402304257690628456074852538287769363221635064371045