Examples of circuits for bellman, a Rust zk-SNARKs library.
Bellman provides a Circuit
trait which you can use to synthesize the constraints in your program.
multiply.rs
contains a circuit for the statement "I know x
and y
such that x * y = public_input
".
cube.rs
contains a circuit for the statement "I know x
such that x^3 + x + 5 == 35
"
- This is the same example used in Vitalik’s blog post and christianlundkvist's libsnark tutorial.
quartic.rs
contains a circuit for the statement "I know x
such that x^4 - 10x^3 + 35x^2 - 50x + 24 = 0
".
- This example is made up from
(x - 1)*(x - 2)*(x - 3)*(x - 4) = 0
and comparing to the previous one, it contains terms with the - sign and terms wherex^k
is multiplied with a number.
To construct a circuit, first flatten your program into its constituent steps.
Allocate the variables, then enforce the constraints.
Enforcing the constraint takes the form of A * B = C
. (is a linear combination, vectors of all your variables)
The lc
in the cs.enforce
function stands for "linear combination", and is an inner product of all the variables with some vector of coefficients.
These examples use the function generate_random_parameters
to generate a random set of parameters for testing. For real use cases, these parameters would have to be generated securely, through a multi-party computation.
To create a proof, instantiate a version of the struct that is passed into the circuit, with the inputs to the circuit.
In these examples, the function create_random_proof
is used to create a random groth16 proof.
To verify a proof, prepare the verifying key by passing in params.vk
to prepare_verifying_key
. This gives you the prepared viewing key, pvk
.
The function verify_proof
takes the prepared viewing key pvk
, the proof
, and the output as an array.
cargo build
cargo test
runs test proofs using both example circuits. Tests are located at the bottom of their source files.
cargo run
runs the cube.rs
example proof in the main file.