Skip to content

Commit

Permalink
Alias Check and Babyjub adapted
Browse files Browse the repository at this point in the history
  • Loading branch information
@jbaylina
jbaylina committed Dec 12, 2019
1 parent d5bca9f commit 30c6cf5
Show file tree
Hide file tree
Showing 6 changed files with 159 additions and 84 deletions.
6 changes: 3 additions & 3 deletions circuits/escalarmulfix.circom
View file
Original file line number Diff line number Diff line change
Expand Up @@ -176,6 +176,9 @@ template SegmentMulFix(nWindows) {
cadders[i].in1[0] <== cadders[i-1].out[0];
cadders[i].in1[1] <== cadders[i-1].out[1];
}
for (j=0; j<3; j++) {
windows[i].in[j] <== e[3*i+j];
}
if (i<nWindows-1) {
cadders[i].in2[0] <== windows[i].out8[0];
cadders[i].in2[1] <== windows[i].out8[1];
Expand All @@ -185,9 +188,6 @@ template SegmentMulFix(nWindows) {
cadders[i].in2[0] <== dblLast.out[0];
cadders[i].in2[1] <== dblLast.out[1];
}
for (j=0; j<3; j++) {
windows[i].in[j] <== e[3*i+j];
}
}

for (i=0; i<nWindows; i++) {
Expand Down
87 changes: 87 additions & 0 deletions src/utils.js
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,87 @@
const bigInt = require("big-integer");

module.exports.leBuff2int = leBuff2int;
module.exports.leInt2Buff = leInt2Buff;
module.exports.beBuff2int = beBuff2int;
module.exports.beInt2Buff = beInt2Buff;
module.exports.stringifyBigInts = stringifyBigInts;
module.exports.unstringifyBigInts = unstringifyBigInts;

function leBuff2int (buff) {
let res = bigInt.zero;
for (let i=0; i<buff.length; i++) {
const n = bigInt(buff[i]);
res = res.add(n.shiftLeft(i*8));
}
return res;
}

function leInt2Buff(n, len) {
let r = n;
let o =0;
const buff = Buffer.alloc(len);
while ((r.gt(bigInt.zero))&&(o<buff.length)) {
let c = Number(r.and(bigInt(255)));
buff[o] = c;
o++;
r = r.shiftRight(8);
}
if (r.gt(bigInt.zero)) throw new Error("Number does not feed in buffer");
return buff;
}

function beBuff2int (buff) {
let res = bigInt.zero;
for (let i=0; i<buff.length; i++) {
const n = bigInt(buff[buff.length - i - 1]);
res = res.add(n.shiftLeft(i*8));
}
return res;
}

function beInt2Buff(n, len) {
let r = n;
let o =len-1;
const buff = Buffer.alloc(len);
while ((r.greater(bigInt.zero))&&(o>=0)) {
let c = Number(r.and(bigInt(255)));
buff[o] = c;
o--;
r = r.shiftRight(8);
}
if (r.gt(bigInt.zero)) throw new Error("Number does not feed in buffer");
return buff;
}


function stringifyBigInts(o) {
if ((typeof(o) == "bigint") || o.isZero !== undefined) {
return o.toString(10);
} else if (Array.isArray(o)) {
return o.map(stringifyBigInts);
} else if (typeof o == "object") {
const res = {};
for (let k in o) {
res[k] = stringifyBigInts(o[k]);
}
return res;
} else {
return o;
}
}

function unstringifyBigInts(o) {
if ((typeof(o) == "string") && (/^[0-9]+$/.test(o) )) {
return bigInt(o);
} else if (Array.isArray(o)) {
return o.map(unstringifyBigInts);
} else if (typeof o == "object") {
const res = {};
for (let k in o) {
res[k] = unstringifyBigInts(o[k]);
}
return res;
} else {
return o;
}
}
36 changes: 18 additions & 18 deletions test/aliascheck.js
View file
Original file line number Diff line number Diff line change
@@ -1,11 +1,12 @@
const chai = require("chai");
const path = require("path");
const snarkjs = require("snarkjs");
const compiler = require("circom");

const assert = chai.assert;

const bigInt = snarkjs.bigInt;
const bigInt = require("big-integer");

const tester = require("circom").tester;

function print(circuit, w, s) {
console.log(s + ": " + w[circuit.getSignalIdx(s)]);
Expand All @@ -14,7 +15,7 @@ function print(circuit, w, s) {
function getBits(v, n) {
const res = [];
for (let i=0; i<n; i++) {
if (v.shr(i).isOdd()) {
if (v.shiftRight(i).isOdd()) {
res.push(bigInt.one);
} else {
res.push(bigInt.zero);
Expand All @@ -25,46 +26,45 @@ function getBits(v, n) {

const q = bigInt("21888242871839275222246405745257275088548364400416034343698204186575808495617");

describe("Aliascheck test", () => {
let circuit;
before( async() => {
const cirDef = await compiler(path.join(__dirname, "circuits", "aliascheck_test.circom"));
describe("Aliascheck test", function () {
this.timeout(100000);

circuit = new snarkjs.Circuit(cirDef);
let cir;
before( async() => {

console.log("NConstrains: " + circuit.nConstraints);
cir = await tester(path.join(__dirname, "circuits", "aliascheck_test.circom"));
});

it("Satisfy the aliastest 0", async () => {
const inp = getBits(bigInt.zero, 254);
circuit.calculateWitness({in: inp});
await cir.calculateWitness({in: inp});
});

it("Satisfy the aliastest 3", async () => {
const inp = getBits(bigInt(3), 254);
circuit.calculateWitness({in: inp});
await cir.calculateWitness({in: inp});
});

it("Satisfy the aliastest q-1", async () => {
const inp = getBits(q.sub(bigInt.one), 254);
circuit.calculateWitness({in: inp});
const inp = getBits(q.minus(bigInt.one), 254);
await cir.calculateWitness({in: inp});
});

it("Nhot not satisfy an input of q", async () => {
it("Should not satisfy an input of q", async () => {
const inp = getBits(q, 254);
try {
circuit.calculateWitness({in: inp});
await cir.calculateWitness({in: inp});
assert(false);
} catch(err) {
assert(/Constraint\sdoesn't\smatch(.*)1\s!=\s0/.test(err.message) );
}
});

it("Nhot not satisfy all ones", async () => {
it("Should not satisfy all ones", async () => {

const inp = getBits(bigInt(1).shl(254).sub(bigInt(1)), 254);
const inp = getBits(bigInt(1).shiftLeft(254).minus(bigInt.one), 254);
try {
circuit.calculateWitness({in: inp});
await cir.calculateWitness({in: inp});
assert(false);
} catch(err) {
assert(/Constraint\sdoesn't\smatch(.*)1\s!=\s0/.test(err.message) );
Expand Down
104 changes: 46 additions & 58 deletions test/babyjub.js
View file
Original file line number Diff line number Diff line change
@@ -1,103 +1,89 @@
const chai = require("chai");
const path = require("path");
const snarkjs = require("snarkjs");
const compiler = require("circom");

const createBlakeHash = require("blake-hash");
const eddsa = require("../src/eddsa.js");

const assert = chai.assert;

const bigInt = require("snarkjs").bigInt;
const bigInt = require("big-integer");
const tester = require("circom").tester;
const utils = require("../src/utils.js");

describe("Baby Jub test", function () {
let circuitAdd;
let circuitTest;
let circuitPbk;

this.timeout(100000);

before( async() => {
const cirDefAdd = await compiler(path.join(__dirname, "circuits", "babyadd_tester.circom"));
circuitAdd = new snarkjs.Circuit(cirDefAdd);
console.log("NConstrains BabyAdd: " + circuitAdd.nConstraints);
circuitAdd = await tester(path.join(__dirname, "circuits", "babyadd_tester.circom"));

const cirDefTest = await compiler(path.join(__dirname, "circuits", "babycheck_test.circom"));
circuitTest = new snarkjs.Circuit(cirDefTest);
console.log("NConstrains BabyTest: " + circuitTest.nConstraints);

const cirDefPbk = await compiler(path.join(__dirname, "circuits", "babypbk_test.circom"));
circuitPbk = new snarkjs.Circuit(cirDefPbk);
console.log("NConstrains BabyPbk: " + circuitPbk.nConstraints);
circuitTest = await tester(path.join(__dirname, "circuits", "babycheck_test.circom"));

circuitPbk = await tester(path.join(__dirname, "circuits", "babypbk_test.circom"));
});

it("Should add point (0,1) and (0,1)", async () => {

const input={
x1: snarkjs.bigInt(0),
y1: snarkjs.bigInt(1),
x2: snarkjs.bigInt(0),
y2: snarkjs.bigInt(1)
x1: bigInt(0),
y1: bigInt(1),
x2: bigInt(0),
y2: bigInt(1)
};

const w = circuitAdd.calculateWitness(input);

const xout = w[circuitAdd.getSignalIdx("main.xout")];
const yout = w[circuitAdd.getSignalIdx("main.yout")];
const w = await circuitAdd.calculateWitness(input);

assert(xout.equals(0));
assert(yout.equals(1));
await circuitAdd.assertOut(w, {xout: bigInt(0), yout: bigInt(1)});
});

it("Should add 2 same numbers", async () => {

const input={
x1: snarkjs.bigInt("17777552123799933955779906779655732241715742912184938656739573121738514868268"),
y1: snarkjs.bigInt("2626589144620713026669568689430873010625803728049924121243784502389097019475"),
x2: snarkjs.bigInt("17777552123799933955779906779655732241715742912184938656739573121738514868268"),
y2: snarkjs.bigInt("2626589144620713026669568689430873010625803728049924121243784502389097019475")
x1: bigInt("17777552123799933955779906779655732241715742912184938656739573121738514868268"),
y1: bigInt("2626589144620713026669568689430873010625803728049924121243784502389097019475"),
x2: bigInt("17777552123799933955779906779655732241715742912184938656739573121738514868268"),
y2: bigInt("2626589144620713026669568689430873010625803728049924121243784502389097019475")
};

const w = circuitAdd.calculateWitness(input);
const w = await circuitAdd.calculateWitness(input);

const xout = w[circuitAdd.getSignalIdx("main.xout")];
const yout = w[circuitAdd.getSignalIdx("main.yout")];
await circuitAdd.assertOut(w, {
xout: bigInt("6890855772600357754907169075114257697580319025794532037257385534741338397365"),
yout: bigInt("4338620300185947561074059802482547481416142213883829469920100239455078257889")
});

assert(xout.equals(snarkjs.bigInt("6890855772600357754907169075114257697580319025794532037257385534741338397365")));
assert(yout.equals(snarkjs.bigInt("4338620300185947561074059802482547481416142213883829469920100239455078257889")));
});

it("Should add 2 different numbers", async () => {

const input={
x1: snarkjs.bigInt("17777552123799933955779906779655732241715742912184938656739573121738514868268"),
y1: snarkjs.bigInt("2626589144620713026669568689430873010625803728049924121243784502389097019475"),
x2: snarkjs.bigInt("16540640123574156134436876038791482806971768689494387082833631921987005038935"),
y2: snarkjs.bigInt("20819045374670962167435360035096875258406992893633759881276124905556507972311")
x1: bigInt("17777552123799933955779906779655732241715742912184938656739573121738514868268"),
y1: bigInt("2626589144620713026669568689430873010625803728049924121243784502389097019475"),
x2: bigInt("16540640123574156134436876038791482806971768689494387082833631921987005038935"),
y2: bigInt("20819045374670962167435360035096875258406992893633759881276124905556507972311")
};

const w = circuitAdd.calculateWitness(input);
const w = await circuitAdd.calculateWitness(input);

const xout = w[circuitAdd.getSignalIdx("main.xout")];
const yout = w[circuitAdd.getSignalIdx("main.yout")];
await circuitAdd.assertOut(w, {
xout: bigInt("7916061937171219682591368294088513039687205273691143098332585753343424131937"),
yout: bigInt("14035240266687799601661095864649209771790948434046947201833777492504781204499")
});

/*
console.log(xout.toString());
console.log(yout.toString());
*/

assert(xout.equals(snarkjs.bigInt("7916061937171219682591368294088513039687205273691143098332585753343424131937")));
assert(yout.equals(snarkjs.bigInt("14035240266687799601661095864649209771790948434046947201833777492504781204499")));
});

it("Should check 0 is a valid poiny", async() => {
const w = circuitTest.calculateWitness({x: 0, y:1});
assert(circuitTest.checkWitness(w));
it("Should check (0,1) is a valid poiny", async() => {
const w = await circuitTest.calculateWitness({x: 0, y:1});
// TODO Check constraints
// assert(circuitTest.checkWitness(w));
});

it("Should check 0 is an invalid poiny", async() => {
it("Should check (1,0) is an invalid point", async() => {
try {
circuitTest.calculateWitness({x: 1, y: 0});
await circuitTest.calculateWitness({x: 1, y: 0});
assert(false, "Should be a valid point");
} catch(err) {
assert(/Constraint\sdoesn't\smatch(.*)168700\s!=\s1/.test(err.message) );
Expand All @@ -108,18 +94,20 @@ describe("Baby Jub test", function () {

const rawpvk = Buffer.from("0001020304050607080900010203040506070809000102030405060708090021", "hex");
const pvk = eddsa.pruneBuffer(createBlakeHash("blake512").update(rawpvk).digest().slice(0,32));
const S = bigInt.leBuff2int(pvk).shr(3);
const S = utils.leBuff2int(pvk).shiftRight(3);

const A = eddsa.prv2pub(rawpvk);

const input = {
in : S,
Ax : A[0],
Ay : A[1]
}
in : S
};

const w = await circuitPbk.calculateWitness(input);

await circuitPbk.assertOut(w, {Ax : A[0], Ay: A[1]});

const w = circuitPbk.calculateWitness(input);
assert(circuitPbk.checkWitness(w));
// TODO Check constraints
// assert(circuitPbk.checkWitness(w));
});

});
2 changes: 1 addition & 1 deletion test/circuits/in.json
View file
Original file line number Diff line number Diff line change
@@ -1 +1 @@
{"in":[0,1,1,0,0,0,0,1,0,1,1,0,0,0,1,0,0,1,1,0,0,0,1,1,0,1,1,0,0,1,0,0,0,1,1,0,0,0,1,0,0,1,1,0,0,0,1,1,0,1,1,0,0,1,0,0,0,1,1,0,0,1,0,1,0,1,1,0,0,0,1,1,0,1,1,0,0,1,0,0,0,1,1,0,0,1,0,1,0,1,1,0,0,1,1,0,0,1,1,0,0,1,0,0,0,1,1,0,0,1,0,1,0,1,1,0,0,1,1,0,0,1,1,0,0,1,1,1,0,1,1,0,0,1,0,1,0,1,1,0,0,1,1,0,0,1,1,0,0,1,1,1,0,1,1,0,1,0,0,0,0,1,1,0,0,1,1,0,0,1,1,0,0,1,1,1,0,1,1,0,1,0,0,0,0,1,1,0,1,0,0,1,0,1,1,0,0,1,1,1,0,1,1,0,1,0,0,0,0,1,1,0,1,0,0,1,0,1,1,0,1,0,1,0,0,1,1,0,1,0,0,0,0,1,1,0,1,0,0,1,0,1,1,0,1,0,1,0,0,1,1,0,1,0,1,1,0,1,1,0,1,0,0,1,0,1,1,0,1,0,1,0,0,1,1,0,1,0,1,1,0,1,1,0,1,1,0,0,0,1,1,0,1,0,1,0,0,1,1,0,1,0,1,1,0,1,1,0,1,1,0,0,0,1,1,0,1,1,0,1,0,1,1,0,1,0,1,1,0,1,1,0,1,1,0,0,0,1,1,0,1,1,0,1,0,1,1,0,1,1,1,0,0,1,1,0,1,1,0,0,0,1,1,0,1,1,0,1,0,1,1,0,1,1,1,0,0,1,1,0,1,1,1,1,0,1,1,0,1,1,0,1,0,1,1,0,1,1,1,0,0,1,1,0,1,1,1,1,0,1,1,1,0,0,0,0,0,1,1,0,1,1,1,0,0,1,1,0,1,1,1,1,0,1,1,1,0,0,0,0,0,1,1,1,0,0,0,1]}
{"in":"3876493977147089964395646989418653640709890493868463039177063670701706079087","Ax":"7544364404313686108640297486043592597084907953513982229886192880342666171487","Ay":"2721089742146723067451923493488918617350881493409568860627491866568993834336"}
Loading

0 comments on commit 30c6cf5

Please sign in to comment.