github-mig/ZoKrates
github-mig/ZoKrates
1
0
Fork 0
mirror of synced 2025-09-23 12:18:44 +00:00
Code Issues Projects Releases Wiki Activity

cleaning and adding docs

Browse source
This commit is contained in:
sdeml 2019-01-15 11:47:51 +01:00
parent a23b5fcda1
commit c0db24bb79
13 changed files with 48 additions and 96 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
stdlib/sha256/double_round.code → stdlib/sha256/1024.code
View file

@ -1,10 +1,11 @@
import "./IV_constants.code" as IVconstants
import "./sha_round.code" as sha256
// A function that takes 4 field[256] arrays as inputs
// and applies 2 rounds of sha256 compression.
// It returns an array of 256 field elements.
def main(field[256] a, field[256] b, field[256] c, field[256] d) -> (field[256]):
//TODO: add bool check
IV = IVconstants()
digest1 = sha256(a, b, IV)
digest2 = sha256(c, d, digest1)

5
stdlib/sha256/tripple_round.code → stdlib/sha256/1536.code
View file

@ -1,10 +1,11 @@
import "./IV_constants.code" as IVconstants
import "./sha_round.code" as sha256
// A function that takes 6 field[256] arrays as inputs
// and applies 3 rounds of sha256 compression.
// It returns an array of 256 field elements.
def main(field[256] a, field[256] b, field[256] c, field[256] d, field[256] e, field[256] f) -> (field[256]):
//TODO: add bool check
IV = IVconstants()
digest1 = sha256(a, b, IV)
digest2 = sha256(c, d, digest1)

15
stdlib/sha256/512.code Normal file
View file

@ -0,0 +1,15 @@
import "./IV_constants.code" as IVconstants
import "./sha_round.code" as sha256
// A function that takes 2 field[256] arrays as inputs
// and returns their sha256 compression function as an array of 256 field elements.
// In contrast to full_round.code no padding is being applied
def main(field[256] a, field[256] b) -> (field[256]):
// a and b is NOT checked to be of type bool
IV = IVconstants()
digest = sha256(a, b, IV)
//digest is constraint to be of type bool
return digest

9
stdlib/sha256/single_packed.code → stdlib/sha256/512_packed.code
View file

@ -1,14 +1,15 @@
import "./IV_constants.code" as IVConstant
import "./IV_constants.code" as IVconstants
import "./sha_round.code" as sha256
import "PACKING/pack256" as pack256
import "PACKING/unpack256" as unpack256
// A function that takes 4 field elements as inputs, unpacks each of them to 128
// bits (big endian), concatenates them and applies sha256.
// It then returns two field elements, each representing 128 bits of the result.
def main(field a, field b) -> (field):
//TODO: add bool check
IV = IVConstant()
IV = IVconstants()
field[256] a = unpack256(a)
field[256] b = unpack256(b)
digest = sha256(a, b, IV)

4
stdlib/sha256/full_round.code → stdlib/sha256/512_padded.code
View file

@ -1,5 +1,7 @@
import "./double_round.code" as sha256
import "./1024.code" as sha256
// A function that takes 2 field[256] arrays as inputs
// and returns their sha256 compression function as an array of 256 field elements.
def main(field[256] a, field[256] b) -> (field[256]):
// Hash is computed on the full 512bit block size

2
stdlib/sha256/IV_constants.code
View file

@ -1,3 +1,4 @@
// SHA2 initial values are taken from here: https://en.wikipedia.org/wiki/SHA-2
def main() -> (field[256]):
field[32] h0 = [0, 1, 1, 0, 1, 0, 1, 0, 0, 0, 0, 0, 1, 0, 0, 1, 1, 1, 1, 0, 0, 1, 1, 0, 0, 1, 1, 0, 0, 1, 1, 1]
field[32] h1 = [1, 0, 1, 1, 1, 0, 1, 1, 0, 1, 1, 0, 0, 1, 1, 1, 1, 0, 1, 0, 1, 1, 1, 0, 1, 0, 0, 0, 0, 1, 0, 1]
@ -9,4 +10,5 @@ def main() -> (field[256]):
field[32] h7 = [0, 1, 0, 1, 1, 0, 1, 1, 1, 1, 1, 0, 0, 0, 0, 0, 1, 1, 0, 0, 1, 1, 0, 1, 0, 0, 0, 1, 1, 0, 0, 1]
field[256] IV = [h0[0], h0[1], h0[2], h0[3], h0[4], h0[5], h0[6], h0[7], h0[8], h0[9], h0[10], h0[11], h0[12], h0[13], h0[14], h0[15], h0[16], h0[17], h0[18], h0[19], h0[20], h0[21], h0[22], h0[23], h0[24], h0[25], h0[26], h0[27], h0[28], h0[29], h0[30], h0[31], h1[0], h1[1], h1[2], h1[3], h1[4], h1[5], h1[6], h1[7], h1[8], h1[9], h1[10], h1[11], h1[12], h1[13], h1[14], h1[15], h1[16], h1[17], h1[18], h1[19], h1[20], h1[21], h1[22], h1[23], h1[24], h1[25], h1[26], h1[27], h1[28], h1[29], h1[30], h1[31], h2[0], h2[1], h2[2], h2[3], h2[4], h2[5], h2[6], h2[7], h2[8], h2[9], h2[10], h2[11], h2[12], h2[13], h2[14], h2[15], h2[16], h2[17], h2[18], h2[19], h2[20], h2[21], h2[22], h2[23], h2[24], h2[25], h2[26], h2[27], h2[28], h2[29], h2[30], h2[31], h3[0], h3[1], h3[2], h3[3], h3[4], h3[5], h3[6], h3[7], h3[8], h3[9], h3[10], h3[11], h3[12], h3[13], h3[14], h3[15], h3[16], h3[17], h3[18], h3[19], h3[20], h3[21], h3[22], h3[23], h3[24], h3[25], h3[26], h3[27], h3[28], h3[29], h3[30], h3[31], h4[0], h4[1], h4[2], h4[3], h4[4], h4[5], h4[6], h4[7], h4[8], h4[9], h4[10], h4[11], h4[12], h4[13], h4[14], h4[15], h4[16], h4[17], h4[18], h4[19], h4[20], h4[21], h4[22], h4[23], h4[24], h4[25], h4[26], h4[27], h4[28], h4[29], h4[30], h4[31], h5[0], h5[1], h5[2], h5[3], h5[4], h5[5], h5[6], h5[7], h5[8], h5[9], h5[10], h5[11], h5[12], h5[13], h5[14], h5[15], h5[16], h5[17], h5[18], h5[19], h5[20], h5[21], h5[22], h5[23], h5[24], h5[25], h5[26], h5[27], h5[28], h5[29], h5[30], h5[31], h6[0], h6[1], h6[2], h6[3], h6[4], h6[5], h6[6], h6[7], h6[8], h6[9], h6[10], h6[11], h6[12], h6[13], h6[14], h6[15], h6[16], h6[17], h6[18], h6[19], h6[20], h6[21], h6[22], h6[23], h6[24], h6[25], h6[26], h6[27], h6[28], h6[29], h6[30], h6[31], h7[0], h7[1], h7[2], h7[3], h7[4], h7[5], h7[6], h7[7], h7[8], h7[9], h7[10], h7[11], h7[12], h7[13], h7[14], h7[15], h7[16], h7[17], h7[18], h7[19], h7[20], h7[21], h7[22], h7[23], h7[24], h7[25], h7[26], h7[27], h7[28], h7[29], h7[30], h7[31]]
return IV

7
stdlib/sha256/run.sh
View file

@ -1,7 +0,0 @@
# (cd ..; ./mybuild.sh)
# rsync -avzP --delete --exclude=target --exclude=.git ~/ZoKrates_mac/ ~/ZoKrates
rsync -avzP --delete --exclude=target --exclude=Cargo.toml --exclude=.git ~/ZoKrates_mac/ ~/ZoKrates
(cd ..; cargo build)
ln -s ../../target/debug/zokrates .
./zokrates compile -i single_test.code 2>&1 | tee debugcomp
./zokrates compute-witness 2>&1 | tee debugwit

4
stdlib/sha256/sha_round.code
View file

File diff suppressed because one or more lines are too long

15
stdlib/sha256/single_round.code
View file

@ -1,15 +0,0 @@
import "./IV_constants.code" as IVconstants
import "./sha_round.code" as sha256
def main(field[256] a, field[256] b) -> (field[256]):
// for index in 0..256 do
// 1 == BOOLCHECK(a[index])
// 1 == BOOLCHECK(b[index])
// endfor
//
IV = IVconstants()
digest = sha256(a, b, IV)
return digest

45
stdlib/sha256/single_test.code
View file

@ -1,45 +0,0 @@
import "./IV_constants.code" as IVConstant
//import "LIBSNARK/sha256round" as sha256
//import "LIBSNARK/sha256compression" as sha256
//import "LIBSNARK/sha256" as sha256
//import "./single_round.code" as sha256
//import "./sha_round.code" as sha256
import "./full_round.code" as sha256
//def main(field[256] a, field[256] b) -> (field):
//def main() -> (field):
// for index in 0..256 do
// 1 == BOOLCHECK(a[index])
// 1 == BOOLCHECK(b[index])
// endfor
// h0, h1, h2, h3, h4, h5, h6, h7 = sha256round(a, b, h0, h1, h2, h3, h4, h5, h6, h7)
//o255, o254, o253, o252, o251, o250, o249, o248, o247, o246, o245, o244, o243, o242, o241, o240, o239, o238, o237, o236, o235, o234, o233, o232, o231, o230, o229, o228, o227, o226, o225, o224, o223, o222, o221, o220, o219, o218, o217, o216, o215, o214, o213, o212, o211, o210, o209, o208, o207, o206, o205, o204, o203, o202, o201, o200, o199, o198, o197, o196, o195, o194, o193, o192, o191, o190, o189, o188, o187, o186, o185, o184, o183, o182, o181, o180, o179, o178, o177, o176, o175, o174, o173, o172, o171, o170, o169, o168, o167, o166, o165, o164, o163, o162, o161, o160, o159, o158, o157, o156, o155, o154, o153, o152, o151, o150, o149, o148, o147, o146, o145, o144, o143, o142, o141, o140, o139, o138, o137, o136, o135, o134, o133, o132, o131, o130, o129, o128, o127, o126, o125, o124, o123, o122, o121, o120, o119, o118, o117, o116, o115, o114, o113, o112, o111, o110, o109, o108, o107, o106,o105, o104, o103, o102, o101, o100, o99, o98, o97, o96, o95, o94, o93, o92, o91, o90, o89, o88, o87, o86, o85, o84, o83, o82, o81, o80, o79, o78, o77, o76, o75, o74, o73, o72, o71, o70, o69, o68, o67, o66, o65, o64, o63, o62, o61, o60, o59, o58, o57, o56, o55, o54, o53, o52, o51, o50, o49, o48, o47, o46, o45, o44, o43, o42, o41, o40, o39, o38, o37, o36, o35, o34, o33, o32, o31, o30, o29, o28, o27, o26, o25, o24, o23, o22, o21, o20, o19, o18, o17, o16, o15, o14, o13, o12, o11, o10, o9, o8, o7, o6, o5, o4, o3, o2, o1, o0 = sha256round(0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,1,0,0,0,0,0,0,0,1,1,0,0,0,0,0,1,0,0,0,0,0,0,0,1,0,1,0,0,0,0,0,1,1,0,0,0,0,0,0,1,1,1,0,0,0,0,1,0,0,0,0,0,0,0,1,0,0,1,0,0,0,0,1,0,1,0,0,0,0,0,1,0,1,1,0,0,0,0,1,1,0,0,0,0,0,0,1,1,0,1,0,0,0,0,1,1,1,0,0,0,0,0,1,1,1,1,0,0,0,1,0,0,0,0,0,0,0,1,0,0,0,1,0,0,0,1,0,0,1,0,0,0,0,1,0,0,1,1,0,0,0,1,0,1,0,0,0,0,0,1,0,1,0,1,0,0,0,1,0,1,1,0,0,0,0,1,0,1,1,1,0,0,0,1,1,0,0,0,0,0,0,1,1,0,0,1,0,0,0,1,1,0,1,0,0,0,0,1,1,0,1,1,0,0,0,1,1,1,0,0,0,0,0,1,1,1,0,1,0,0,0,1,1,1,1,0,0,0,0,1,1,1,1,1,0,0,1,0,0,0,0,0,0,0,1,0,0,0,0,1,0,0,1,0,0,0,1,0,0,0,1,0,0,0,1,1,0,0,1,0,0,1,0,0,0,0,1,0,0,1,0,1,0,0,1,0,0,1,1,0,0,0,1,0,0,1,1,1,0,0,1,0,1,0,0,0,0,0,1,0,1,0,0,1,0,0,1,0,1,0,1,0,0,0,1,0,1,0,1,1,0,0,1,0,1,1,0,0,0,0,1,0,1,1,0,1,0,0,1,0,1,1,1,0,0,0,1,0,1,1,1,1,0,0,1,1,0,0,0,0,0,0,1,1,0,0,0,1,0,0,1,1,0,0,1,0,0,0,1,1,0,0,1,1,0,0,1,1,0,1,0,0,0,0,1,1,0,1,0,1,0,0,1,1,0,1,1,0,0,0,1,1,0,1,1,1,0,0,1,1,1,0,0,0,0,0,1,1,1,0,0,1,0,0,1,1,1,0,1,0,0,0,1,1,1,0,1,1,0,0,1,1,1,1,0,0,0,0,1,1,1,1,0,1,0,0,1,1,1,1,1,0,0,0,1,1,1,1,1,0)
//h0[0], h0[1], h0[2], h0[3], h0[4], h0[5], h0[6], h0[7], h0[8], h0[9], h0[10], h0[11], h0[12], h0[13], h0[14], h0[15], h0[16], h0[17], h0[18], h0[19], h0[20], h0[21], h0[22], h0[23], h0[24], h0[25], h0[26], h0[27], h0[28], h0[29], h0[30], h0[31], h1[0], h1[1], h1[2], h1[3], h1[4], h1[5], h1[6], h1[7], h1[8], h1[9], h1[10], h1[11], h1[12], h1[13], h1[14], h1[15], h1[16], h1[17], h1[18], h1[19], h1[20], h1[21], h1[22], h1[23], h1[24], h1[25], h1[26], h1[27], h1[28], h1[29], h1[30], h1[31], h2[0], h2[1], h2[2], h2[3], h2[4], h2[5], h2[6], h2[7], h2[8], h2[9], h2[10], h2[11], h2[12], h2[13], h2[14], h2[15], h2[16], h2[17], h2[18], h2[19], h2[20], h2[21], h2[22], h2[23], h2[24], h2[25], h2[26], h2[27], h2[28], h2[29], h2[30], h2[31], h3[0], h3[1], h3[2], h3[3], h3[4], h3[5], h3[6], h3[7], h3[8], h3[9], h3[10], h3[11], h3[12], h3[13], h3[14], h3[15], h3[16], h3[17], h3[18], h3[19], h3[20], h3[21], h3[22], h3[23], h3[24], h3[25], h3[26], h3[27], h3[28], h3[29], h3[30], h3[31], h4[0], h4[1], h4[2], h4[3], h4[4], h4[5], h4[6], h4[7], h4[8], h4[9], h4[10], h4[11], h4[12], h4[13], h4[14], h4[15], h4[16], h4[17], h4[18], h4[19], h4[20], h4[21], h4[22], h4[23], h4[24], h4[25], h4[26], h4[27], h4[28], h4[29], h4[30], h4[31], h5[0], h5[1], h5[2], h5[3], h5[4], h5[5], h5[6], h5[7], h5[8], h5[9], h5[10], h5[11], h5[12], h5[13], h5[14], h5[15], h5[16], h5[17], h5[18], h5[19], h5[20], h5[21], h5[22], h5[23], h5[24], h5[25], h5[26], h5[27], h5[28], h5[29], h5[30], h5[31], h6[0], h6[1], h6[2], h6[3], h6[4], h6[5], h6[6], h6[7], h6[8], h6[9], h6[10], h6[11], h6[12], h6[13], h6[14], h6[15], h6[16], h6[17], h6[18], h6[19], h6[20], h6[21], h6[22], h6[23], h6[24], h6[25], h6[26], h6[27], h6[28], h6[29], h6[30], h6[31], h7[0], h7[1], h7[2], h7[3], h7[4], h7[5], h7[6], h7[7], h7[8], h7[9], h7[10], h7[11], h7[12], h7[13], h7[14], h7[15], h7[16], h7[17], h7[18], h7[19], h7[20], h7[21], h7[22], h7[23], h7[24], h7[25], h7[26], h7[27], h7[28], h7[29], h7[30], h7[31])
// field[256] hash = [o255, o254, o253, o252, o251, o250, o249, o248, o247, o246, o245, o244, o243, o242, o241, o240, o239, o238, o237, o236, o235, o234, o233, o232, o231, o230, o229, o228, o227, o226, o225, o224, o223, o222, o221, o220, o219, o218, o217, o216, o215, o214, o213, o212, o211, o210, o209, o208, o207, o206, o205, o204, o203, o202, o201, o200, o199, o198, o197, o196, o195, o194, o193,o192, o191, o190, o189, o188, o187, o186, o185, o184, o183, o182, o181, o180, o179, o178, o177, o176, o175, o174, o173, o172, o171, o170, o169, o168, o167, o166, o165, o164, o163, o162, o161, o160, o159, o158, o157, o156, o155, o154, o153, o152, o151, o150, o149, o148, o147, o146, o145, o144, o143, o142, o141, o140, o139, o138, o137, o136, o135, o134, o133, o132, o131, o130, o129, o128, o127, o126, o125, o124, o123, o122, o121, o120, o119, o118, o117, o116, o115, o114, o113, o112, o111, o110, o109, o108, o107, o106, o105, o104, o103, o102, o101, o100, o99, o98, o97, o96, o95, o94, o93, o92, o91, o90, o89, o88, o87, o86, o85, o84, o83, o82, o81, o80, o79, o78, o77, o76, o75, o74, o73, o72, o71, o70, o69, o68, o67, o66, o65, o64, o63, o62, o61, o60, o59, o58, o57, o56, o55, o54, o53, o52, o51, o50, o49, o48, o47, o46, o45, o44, o43, o42, o41, o40, o39, o38, o37, o36, o35, o34, o33, o32, o31, o30, o29, o28, o27, o26, o25, o24, o23, o22, o21, o20, o19, o18, o17, o16, o15, o14, o13, o12, o11, o10, o9, o8, o7, o6, o5, o4, o3, o2, o1, o0]
// ORIGINAL EXAMPLE
//def main() -> (field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field):
// // h0, h1, h2, h3, h4, h5, h6, h7 = IVConstant()
// o255, o254, o253, o252, o251, o250, o249, o248, o247, o246, o245, o244, o243, o242, o241, o240, o239, o238, o237, o236, o235, o234, o233, o232, o231, o230, o229, o228, o227, o226, o225, o224, o223, o222, o221, o220, o219, o218, o217, o216, o215, o214, o213, o212, o211, o210, o209, o208, o207, o206, o205, o204, o203, o202, o201, o200, o199, o198, o197, o196, o195, o194, o193, o192, o191, o190, o189, o188, o187, o186, o185, o184, o183, o182, o181, o180, o179, o178, o177, o176, o175, o174, o173, o172, o171, o170, o169, o168, o167, o166, o165, o164, o163, o162, o161, o160, o159, o158, o157, o156, o155, o154, o153, o152, o151, o150, o149, o148, o147, o146, o145, o144, o143, o142, o141, o140, o139, o138, o137, o136, o135, o134, o133, o132, o131, o130, o129, o128, o127, o126, o125, o124, o123, o122, o121, o120, o119, o118, o117, o116, o115, o114, o113, o112, o111, o110, o109, o108, o107, o106, o105, o104, o103, o102, o101, o100, o99, o98, o97, o96, o95, o94, o93, o92, o91, o90, o89, o88, o87, o86, o85, o84, o83, o82, o81, o80, o79, o78, o77, o76, o75, o74, o73, o72, o71, o70, o69, o68, o67, o66, o65, o64, o63, o62, o61, o60, o59, o58, o57, o56, o55, o54, o53, o52, o51, o50, o49, o48, o47, o46, o45, o44, o43, o42, o41, o40, o39, o38, o37, o36, o35, o34, o33, o32, o31, o30, o29, o28, o27, o26, o25, o24, o23, o22, o21, o20, o19, o18, o17, o16, o15, o14, o13, o12, o11, o10, o9, o8, o7, o6, o5, o4, o3, o2, o1, o0 = sha256(0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0)
// return o255, o254, o253, o252, o251, o250, o249, o248, o247, o246, o245, o244, o243, o242, o241, o240, o239, o238, o237, o236, o235, o234, o233, o232, o231, o230, o229, o228, o227, o226, o225, o224, o223, o222, o221, o220, o219, o218, o217, o216, o215, o214, o213, o212, o211, o210, o209, o208, o207, o206, o205, o204, o203, o202, o201, o200, o199, o198, o197, o196, o195, o194, o193, o192, o191, o190, o189, o188, o187, o186, o185, o184, o183, o182, o181, o180, o179, o178, o177, o176, o175, o174, o173, o172, o171, o170, o169, o168, o167, o166, o165, o164, o163, o162, o161, o160, o159, o158, o157, o156, o155, o154, o153, o152, o151, o150, o149, o148, o147, o146, o145, o144, o143, o142, o141, o140, o139, o138, o137, o136, o135, o134, o133, o132, o131, o130, o129, o128, o127, o126, o125, o124, o123, o122, o121, o120, o119, o118, o117, o116, o115, o114, o113, o112, o111, o110, o109, o108, o107, o106, o105, o104, o103, o102, o101, o100, o99, o98, o97, o96, o95, o94, o93, o92, o91, o90, o89, o88, o87, o86, o85, o84, o83, o82, o81, o80, o79, o78, o77, o76, o75, o74, o73, o72, o71, o70, o69, o68, o67, o66, o65, o64, o63, o62, o61, o60, o59, o58, o57, o56, o55, o54, o53, o52, o51, o50, o49, o48, o47, o46, o45, o44, o43, o42, o41, o40, o39, o38, o37, o36, o35, o34, o33, o32, o31, o30, o29, o28, o27, o26, o25, o24, o23, o22, o21, o20, o19, o18, o17, o16, o15, o14, o13, o12, o11, o10, o9, o8, o7, o6, o5, o4, o3, o2, o1, o0
//FULL IV appended
//def main() -> (field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field, field):
// // h0, h1, h2, h3, h4, h5, h6, h7 = IVConstant()
// o255, o254, o253, o252, o251, o250, o249, o248, o247, o246, o245, o244, o243, o242, o241, o240, o239, o238, o237, o236, o235, o234, o233, o232, o231, o230, o229, o228, o227, o226, o225, o224, o223, o222, o221, o220, o219, o218, o217, o216, o215, o214, o213, o212, o211, o210, o209, o208, o207, o206, o205, o204, o203, o202, o201, o200, o199, o198, o197, o196, o195, o194, o193, o192, o191, o190, o189, o188, o187, o186, o185, o184, o183, o182, o181, o180, o179, o178, o177, o176, o175, o174, o173, o172, o171, o170, o169, o168, o167, o166, o165, o164, o163, o162, o161, o160, o159, o158, o157, o156, o155, o154, o153, o152, o151, o150, o149, o148, o147, o146, o145, o144, o143, o142, o141, o140, o139, o138, o137, o136, o135, o134, o133, o132, o131, o130, o129, o128, o127, o126, o125, o124, o123, o122, o121, o120, o119, o118, o117, o116, o115, o114, o113, o112, o111, o110, o109, o108, o107, o106, o105, o104, o103, o102, o101, o100, o99, o98, o97, o96, o95, o94, o93, o92, o91, o90, o89, o88, o87, o86, o85, o84, o83, o82, o81, o80, o79, o78, o77, o76, o75, o74, o73, o72, o71, o70, o69, o68, o67, o66, o65, o64, o63, o62, o61, o60, o59, o58, o57, o56, o55, o54, o53, o52, o51, o50, o49, o48, o47, o46, o45, o44, o43, o42, o41, o40, o39, o38, o37, o36, o35, o34, o33, o32, o31, o30, o29, o28, o27, o26, o25, o24, o23, o22, o21, o20, o19, o18, o17, o16, o15, o14, o13, o12, o11, o10, o9, o8, o7, o6, o5, o4, o3, o2, o1, o0 = sha256(0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,1,0,1,1,0,1,0,1,0,0,0,0,0,1,0,0,1,1,1,1,0,0,1,1,0,0,1,1,0,0,1,1,1,1,0,1,1,1,0,1,1,0,1,1,0,0,1,1,1,1,0,1,0,1,1,1,0,1,0,0,0,0,1,0,1,0,0,1,1,1,1,0,0,0,1,1,0,1,1,1,0,1,1,1,1,0,0,1,1,0,1,1,1,0,0,1,0,1,0,1,0,0,1,0,1,0,1,0,0,1,1,1,1,1,1,1,1,0,1,0,1,0,0,1,1,1,0,1,0,0,1,0,1,0,0,0,1,0,0,0,0,1,1,1,0,0,1,0,1,0,0,1,0,0,1,1,1,1,1,1,1,1,0,0,1,1,0,1,1,0,0,0,0,0,1,0,1,0,1,1,0,1,0,0,0,1,0,0,0,1,1,0,0,0,0,0,1,1,1,1,1,1,0,0,0,0,0,1,1,1,1,0,1,1,0,0,1,1,0,1,0,1,0,1,1,0,1,0,1,1,0,1,1,1,1,1,0,0,0,0,0,1,1,0,0,1,1,0,1,0,0,0,1,1,0,0,1)
// return o255, o254, o253, o252, o251, o250, o249, o248, o247, o246, o245, o244, o243, o242, o241, o240, o239, o238, o237, o236, o235, o234, o233, o232, o231, o230, o229, o228, o227, o226, o225, o224, o223, o222, o221, o220, o219, o218, o217, o216, o215, o214, o213, o212, o211, o210, o209, o208, o207, o206, o205, o204, o203, o202, o201, o200, o199, o198, o197, o196, o195, o194, o193, o192, o191, o190, o189, o188, o187, o186, o185, o184, o183, o182, o181, o180, o179, o178, o177, o176, o175, o174, o173, o172, o171, o170, o169, o168, o167, o166, o165, o164, o163, o162, o161, o160, o159, o158, o157, o156, o155, o154, o153, o152, o151, o150, o149, o148, o147, o146, o145, o144, o143, o142, o141, o140, o139, o138, o137, o136, o135, o134, o133, o132, o131, o130, o129, o128, o127, o126, o125, o124, o123, o122, o121, o120, o119, o118, o117, o116, o115, o114, o113, o112, o111, o110, o109, o108, o107, o106, o105, o104, o103, o102, o101, o100, o99, o98, o97, o96, o95, o94, o93, o92, o91, o90, o89, o88, o87, o86, o85, o84, o83, o82, o81, o80, o79, o78, o77, o76, o75, o74, o73, o72, o71, o70, o69, o68, o67, o66, o65, o64, o63, o62, o61, o60, o59, o58, o57, o56, o55, o54, o53, o52, o51, o50, o49, o48, o47, o46, o45, o44, o43, o42, o41, o40, o39, o38, o37, o36, o35, o34, o33, o32, o31, o30, o29, o28, o27, o26, o25, o24, o23, o22, o21, o20, o19, o18, o17, o16, o15, o14, o13, o12, o11, o10, o9, o8, o7, o6, o5, o4, o3, o2, o1, o0
// return 1
def main() -> (field[256]):
field[256] a = [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0]
field[256] b = [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 1]
//field[256] IV = [0, 1, 1, 0, 1, 0, 1, 0, 0, 0, 0, 0, 1, 0, 0, 1, 1, 1, 1, 0, 0, 1, 1, 0, 0, 1, 1, 0, 0, 1, 1, 1, 1, 0, 1, 1, 1, 0, 1, 1, 0, 1, 1, 0, 0, 1, 1, 1, 1, 0, 1, 0, 1, 1, 1, 0, 1, 0, 0, 0, 0, 1, 0, 1, 0, 0, 1, 1, 1, 1, 0, 0, 0, 1, 1, 0, 1, 1, 1, 0, 1, 1, 1, 1, 0, 0, 1, 1, 0, 1, 1, 1, 0, 0, 1, 0, 1, 0, 1, 0, 0, 1, 0, 1, 0, 1, 0, 0, 1, 1, 1, 1, 1, 1, 1, 1, 0, 1, 0, 1, 0, 0, 1, 1, 1, 0, 1, 0, 0, 1, 0, 1, 0, 0, 0, 1, 0, 0, 0, 0, 1, 1, 1, 0, 0, 1, 0, 1, 0, 0, 1, 0, 0, 1, 1, 1, 1, 1, 1, 1, 1, 0, 0, 1, 1, 0, 1, 1, 0, 0, 0, 0, 0, 1, 0, 1, 0, 1, 1, 0, 1, 0, 0, 0, 1, 0, 0, 0, 1, 1, 0, 0, 0, 0, 0, 1, 1, 1, 1, 1, 1, 0, 0, 0, 0, 0, 1, 1, 1, 1, 0, 1, 1, 0, 0, 1, 1, 0, 1, 0, 1, 0, 1, 1, 0, 1, 0, 1, 1, 0, 1, 1, 1, 1, 1, 0, 0, 0, 0, 0, 1, 1, 0, 0, 1, 1, 0, 1, 0, 0, 0, 1, 1, 0, 0, 1]
//digest = sha256(a, b, IV)
digest = sha256(a, b)
return digest

6
zokrates_book/src/sha256example.md
View file

@ -13,10 +13,10 @@ Make sure you have followed the instructions in the [Getting Started](gettingsta
We will start this tutorial by using ZoKrates to compute the hash for an arbitrarily chosen preimage, being the number `5` in this example.
First, we create a new file named `hashexample.code` with the following content:
First, make sure that the `zokrates` binary is located in the `ZoKrates` directory. Then, we create a new file named `hashexample.code` with the following content:
```zokrates
import "LIBSNARK/sha256packed"
import "./stdlib/sha256/512_packed.code" as sha256packed
def main(private field a, private field b, private field c, private field d) -> (field, field):
h0, h1 = sha256packed(a, b, c, d)
@ -74,7 +74,7 @@ To make it work, the two parties have to follow their roles in the protocol:
First, Victor has to specify what hash he is interested in. Therefore, we have to adjust the zkSNARK circuit, compiled by ZoKrates, such that in addition to computing the digest, it also validates it against the digest of interest, provided by Victor. This leads to the following update for `hashexample.code`:
```zokrates
import "LIBSNARK/sha256packed"
import "./stdlib/sha256/512_packed.code" as sha256packed
def main(private field a, private field b, private field c, private field d) -> (field):
h0, h1 = sha256packed(a, b, c, d)

26
zokrates_core/lib/wraplibsnarkgadgets.cpp
View file

@ -76,7 +76,6 @@ std::string r1cs_to_json(protoboard<FieldT> pb)
{
r1cs_constraint_system<FieldT> constraints = pb.get_constraint_system();
std::stringstream ss;
std::stringstream ss;
ss << "{\"variable_count\":";
ss << pb.num_variables() + 1; // ~one is not counted in pb.num_variables()
@ -136,7 +135,7 @@ public:
pb_variable_array<FieldT>& myIV,
pb_variable_array<FieldT>& a,
pb_variable_array<FieldT>& b,
std::shared_ptr<digest_variable<FieldT>> result
digest_variable<FieldT> &result
) : gadget<FieldT>(pb, "sha256round") {
block.reset(new block_variable<FieldT>(pb, {
@ -148,7 +147,7 @@ public:
pb,
myIV,
block->bits,
*result,
result,
"hasher"));
}
@ -173,12 +172,13 @@ char* _sha256RoundConstraints()
digest_variable<FieldT> IV(pb, 256, "IV");
std::shared_ptr<digest_variable<FieldT>> output;
output.reset(new digest_variable<FieldT>(pb, 256, "output"));
digest_variable<FieldT> output(pb, 256, "output");
IV.generate_r1cs_constraints(); //binary check for IV vector
output.generate_r1cs_constraints(); //binary check for output vector
sha256round g(pb, IV.bits, left, right, output);
g.generate_r1cs_constraints();
IV.generate_r1cs_constraints();
g.generate_r1cs_constraints();
auto json = r1cs_to_json(pb);
@ -189,6 +189,7 @@ char* _sha256RoundConstraints()
char* _sha256RoundWitness(const uint8_t* inputs, int inputs_length)
{
assert(inputs_length==768);
libff::alt_bn128_pp::init_public_params();
protoboard<FieldT> pb;
@ -200,8 +201,7 @@ char* _sha256RoundWitness(const uint8_t* inputs, int inputs_length)
digest_variable<FieldT> IV(pb, 256, "IV");
std::shared_ptr<digest_variable<FieldT>> output;
output.reset(new digest_variable<FieldT>(pb, 256, "output"));
digest_variable<FieldT> output(pb, 256, "output");
libff::bit_vector left_bv;
libff::bit_vector right_bv;
@ -219,18 +219,12 @@ char* _sha256RoundWitness(const uint8_t* inputs, int inputs_length)
IV_bv.push_back(libsnarkBigintFromBytesAux(inputs + i*32) == 1);
}
// for (int i = 512; i < 612; i++) {
// IV_bv.push_back(libsnarkBigintFromBytesAux(inputs + i*32) == 1);
// }
//
left.fill_with_bits(pb, left_bv);
right.fill_with_bits(pb, right_bv);
// IV.fill_with_bits(pb, IV_bv);
IV.generate_r1cs_constraints();
IV.generate_r1cs_witness(IV_bv);
sha256round g(pb, IV.bits, left, right, output);
g.generate_r1cs_constraints();
g.generate_r1cs_witness();
assert(pb.is_satisfied());

1
zokrates_core/src/helpers/mod.rs
View file

@ -81,7 +81,6 @@ pub trait Signed {
impl<T: Field> Executable<T> for Helper {
fn execute(&self, inputs: &Vec<T>) -> Result<Vec<T>, String> {
let (expected_input_count, expected_output_count) = self.get_signature();
println!("#Debug Executable {},{}", inputs.len(), expected_input_count );
assert!(inputs.len() == expected_input_count);
let result = match self {