github-mig/ZoKrates
github-mig/ZoKrates
1
0
Fork 0
mirror of synced 2025-09-23 12:18:44 +00:00
Code Issues Projects Releases Wiki Activity
ZoKrates/zokrates_core/lib/wraplibsnarkgadgets.cpp
sdeml a23b5fcda1 merge develop
2019-01-15 10:41:19 +01:00

243 lines
10 KiB
C++
Raw Blame History

//https://gist.github.com/kobigurk/24c25e68219df87c348f1a78db51bb52
#include <iostream>
#include "wraplibsnarkgadgets.hpp"
#include "libsnark/gadgetlib1/gadget.hpp"
#include "libsnark/gadgetlib1/protoboard.hpp"
#include "libff/common/default_types/ec_pp.hpp"
#include "libsnark/gadgetlib1/gadgets/hashes/sha256/sha256_components.hpp"
#include "libsnark/gadgetlib1/gadgets/hashes/sha256/sha256_gadget.hpp"
using namespace libsnark;
using namespace libff;
using std::vector;
typedef libff::Fr<alt_bn128_pp> FieldT;
pb_variable_array<FieldT> from_bits(std::vector<bool> bits, pb_variable<FieldT>& ZERO)
{
pb_variable_array<FieldT> acc;
for (size_t i = 0; i < bits.size(); i++) {
bool bit = bits[i];
acc.emplace_back(bit ? ONE : ZERO);
}
return acc;
}
vector<unsigned long> bit_list_to_ints(vector<bool> bit_list, const size_t wordsize)
{
vector<unsigned long> res;
size_t iterations = bit_list.size()/wordsize+1;
for (size_t i = 0; i < iterations; ++i) {
unsigned long current = 0;
for (size_t j = 0; j < wordsize; ++j) {
if (bit_list.size() == (i*wordsize+j)) break;
current += (bit_list[i*wordsize+j] * (1ul<<(wordsize-1-j)));
}
res.push_back(current);
}
return res;
}
// conversion byte[32] <-> libsnark bigint.
libff::bigint<libff::alt_bn128_r_limbs> libsnarkBigintFromBytesAux(const uint8_t* _x)
{
libff::bigint<libff::alt_bn128_r_limbs> x;
for (unsigned i = 0; i < 4; i++) {
for (unsigned j = 0; j < 8; j++) {
x.data[3 - i] |= uint64_t(_x[i * 8 + j]) << (8 * (7-j));
}
}
return x;
}
void constraint_to_json(linear_combination<FieldT> constraints, std::stringstream &ss)
{
ss << "{";
uint count = 0;
for (const linear_term<FieldT>& lt : constraints.terms)
{
if (count != 0) {
ss << ",";
}
ss << '"' << lt.index << '"' << ":" << '"' << lt.coeff << '"';
count++;
}
ss << "}";
}
std::string r1cs_to_json(protoboard<FieldT> pb)
{
r1cs_constraint_system<FieldT> constraints = pb.get_constraint_system();
std::stringstream ss;
std::stringstream ss;
ss << "{\"variable_count\":";
ss << pb.num_variables() + 1; // ~one is not counted in pb.num_variables()
ss << ",\"inputs\":[1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60,61,62,63,64,65,66,67,68,69,70,71,72,73,74,75,76,77,78,79,80,81,82,83,84,85,86,87,88,89,90,91,92,93,94,95,96,97,98,99,100,101,102,103,104,105,106,107,108,109,110,111,112,113,114,115,116,117,118,119,120,121,122,123,124,125,126,127,128,129,130,131,132,133,134,135,136,137,138,139,140,141,142,143,144,145,146,147,148,149,150,151,152,153,154,155,156,157,158,159,160,161,162,163,164,165,166,167,168,169,170,171,172,173,174,175,176,177,178,179,180,181,182,183,184,185,186,187,188,189,190,191,192,193,194,195,196,197,198,199,200,201,202,203,204,205,206,207,208,209,210,211,212,213,214,215,216,217,218,219,220,221,222,223,224,225,226,227,228,229,230,231,232,233,234,235,236,237,238,239,240,241,242,243,244,245,246,247,248,249,250,251,252,253,254,255,256,257,258,259,260,261,262,263,264,265,266,267,268,269,270,271,272,273,274,275,276,277,278,279,280,281,282,283,284,285,286,287,288,289,290,291,292,293,294,295,296,297,298,299,300,301,302,303,304,305,306,307,308,309,310,311,312,313,314,315,316,317,318,319,320,321,322,323,324,325,326,327,328,329,330,331,332,333,334,335,336,337,338,339,340,341,342,343,344,345,346,347,348,349,350,351,352,353,354,355,356,357,358,359,360,361,362,363,364,365,366,367,368,369,370,371,372,373,374,375,376,377,378,379,380,381,382,383,384,385,386,387,388,389,390,391,392,393,394,395,396,397,398,399,400,401,402,403,404,405,406,407,408,409,410,411,412,413,414,415,416,417,418,419,420,421,422,423,424,425,426,427,428,429,430,431,432,433,434,435,436,437,438,439,440,441,442,443,444,445,446,447,448,449,450,451,452,453,454,455,456,457,458,459,460,461,462,463,464,465,466,467,468,469,470,471,472,473,474,475,476,477,478,479,480,481,482,483,484,485,486,487,488,489,490,491,492,493,494,495,496,497,498,499,500,501,502,503,504,505,506,507,508,509,510,511,512,513,514,515,516,517,518,519,520,521,522,523,524,525,526,527,528,529,530,531,532,533,534,535,536,537,538,539,540,541,542,543,544,545,546,547,548,549,550,551,552,553,554,555,556,557,558,559,560,561,562,563,564,565,566,567,568,569,570,571,572,573,574,575,576,577,578,579,580,581,582,583,584,585,586,587,588,589,590,591,592,593,594,595,596,597,598,599,600,601,602,603,604,605,606,607,608,609,610,611,612,613,614,615,616,617,618,619,620,621,622,623,624,625,626,627,628,629,630,631,632,633,634,635,636,637,638,639,640,641,642,643,644,645,646,647,648,649,650,651,652,653,654,655,656,657,658,659,660,661,662,663,664,665,666,667,668,669,670,671,672,673,674,675,676,677,678,679,680,681,682,683,684,685,686,687,688,689,690,691,692,693,694,695,696,697,698,699,700,701,702,703,704,705,706,707,708,709,710,711,712,713,714,715,716,717,718,719,720,721,722,723,724,725,726,727,728,729,730,731,732,733,734,735,736,737,738,739,740,741,742,743,744,745,746,747,748,749,750,751,752,753,754,755,756,757,758,759,760,761,762,763,764,765,766,767,768], \"outputs\":[769,770,771,772,773,774,775,776,777,778,779,780,781,782,783,784,785,786,787,788,789,790,791,792,793,794,795,796,797,798,799,800,801,802,803,804,805,806,807,808,809,810,811,812,813,814,815,816,817,818,819,820,821,822,823,824,825,826,827,828,829,830,831,832,833,834,835,836,837,838,839,840,841,842,843,844,845,846,847,848,849,850,851,852,853,854,855,856,857,858,859,860,861,862,863,864,865,866,867,868,869,870,871,872,873,874,875,876,877,878,879,880,881,882,883,884,885,886,887,888,889,890,891,892,893,894,895,896,897,898,899,900,901,902,903,904,905,906,907,908,909,910,911,912,913,914,915,916,917,918,919,920,921,922,923,924,925,926,927,928,929,930,931,932,933,934,935,936,937,938,939,940,941,942,943,944,945,946,947,948,949,950,951,952,953,954,955,956,957,958,959,960,961,962,963,964,965,966,967,968,969,970,971,972,973,974,975,976,977,978,979,980,981,982,983,984,985,986,987,988,989,990,991,992,993,994,995,996,997,998,999,1000,1001,1002,1003,1004,1005,1006,1007,1008,1009,1010,1011,1012,1013,1014,1015,1016,1017,1018,1019,1020,1021,1022,1023,1024],\"constraints\":[";
for (size_t c = 0; c < constraints.num_constraints(); ++c)
{
ss << "[";// << "\"A\"=";
constraint_to_json(constraints.constraints[c].a, ss);
ss << ",";// << "\"B\"=";
constraint_to_json(constraints.constraints[c].b, ss);
ss << ",";// << "\"C\"=";;
constraint_to_json(constraints.constraints[c].c, ss);
if (c == constraints.num_constraints()-1 ) {
ss << "]\n";
} else {
ss << "],\n";
}
}
ss << "]}";
ss.rdbuf()->pubseekpos(0, std::ios_base::out);
return ss.str();
}
std::string array_to_json(protoboard<FieldT> pb)
{
std::stringstream ss;
r1cs_variable_assignment<FieldT> values = pb.full_variable_assignment();
ss << "{\"variables\":[";
ss << 1 << ","; // the variable zero to the one constant
for (size_t i = 0; i < values.size(); ++i)
{
ss << values[i].as_bigint();
if (i < values.size() - 1) { ss << ",";}
}
ss << "]}";
// std::cout << ss.rdbuf();
ss.rdbuf()->pubseekpos(0, std::ios_base::out);
return(ss.str());
}
class sha256round: gadget<FieldT>
{
private:
std::shared_ptr<block_variable<FieldT>> block;
public:
std::shared_ptr<sha256_compression_function_gadget<FieldT>> hasher;
sha256round(
protoboard<FieldT> &pb,
pb_variable_array<FieldT>& myIV,
pb_variable_array<FieldT>& a,
pb_variable_array<FieldT>& b,
std::shared_ptr<digest_variable<FieldT>> result
) : gadget<FieldT>(pb, "sha256round") {
block.reset(new block_variable<FieldT>(pb, {
a,
b
}, "block"));
hasher.reset(new sha256_compression_function_gadget<FieldT>(
pb,
myIV,
block->bits,
*result,
"hasher"));
}
void generate_r1cs_constraints() {
hasher->generate_r1cs_constraints();
}
void generate_r1cs_witness() {
hasher->generate_r1cs_witness();
}
};
char* _sha256RoundConstraints()
{
libff::alt_bn128_pp::init_public_params();
protoboard<FieldT> pb;
pb_variable_array<FieldT> left;
left.allocate(pb, 256, "left");
pb_variable_array<FieldT> right;
right.allocate(pb, 256, "right");
digest_variable<FieldT> IV(pb, 256, "IV");
std::shared_ptr<digest_variable<FieldT>> output;
output.reset(new digest_variable<FieldT>(pb, 256, "output"));
sha256round g(pb, IV.bits, left, right, output);
g.generate_r1cs_constraints();
IV.generate_r1cs_constraints();
auto json = r1cs_to_json(pb);
auto result = new char[json.size()];
memcpy(result, json.c_str(), json.size() + 1);
return result;
}
char* _sha256RoundWitness(const uint8_t* inputs, int inputs_length)
{
libff::alt_bn128_pp::init_public_params();
protoboard<FieldT> pb;
pb_variable_array<FieldT> left;
left.allocate(pb, 256, "left");
pb_variable_array<FieldT> right;
right.allocate(pb, 256, "right");
digest_variable<FieldT> IV(pb, 256, "IV");
std::shared_ptr<digest_variable<FieldT>> output;
output.reset(new digest_variable<FieldT>(pb, 256, "output"));
libff::bit_vector left_bv;
libff::bit_vector right_bv;
libff::bit_vector IV_bv;
for (int i = 0; i < 256; i++) {
left_bv.push_back(libsnarkBigintFromBytesAux(inputs + i*32) == 1);
}
for (int i = 256; i < 512; i++) {
right_bv.push_back(libsnarkBigintFromBytesAux(inputs + i*32) == 1);
}
for (int i = 512; i < 768; i++) {
IV_bv.push_back(libsnarkBigintFromBytesAux(inputs + i*32) == 1);
}
// for (int i = 512; i < 612; i++) {
// IV_bv.push_back(libsnarkBigintFromBytesAux(inputs + i*32) == 1);
// }
//
left.fill_with_bits(pb, left_bv);
right.fill_with_bits(pb, right_bv);
// IV.fill_with_bits(pb, IV_bv);
IV.generate_r1cs_constraints();
IV.generate_r1cs_witness(IV_bv);
sha256round g(pb, IV.bits, left, right, output);
g.generate_r1cs_constraints();
g.generate_r1cs_witness();
assert(pb.is_satisfied());
auto json = array_to_json(pb);
auto result = new char[json.size()];
memcpy(result, json.c_str(), json.size() + 1);
return result;
}
Reference in a new issue View git blame Copy permalink