diff --git a/README.md b/README.md index a4e6825d..c8059dfc 100644 --- a/README.md +++ b/README.md @@ -41,9 +41,9 @@ For power in range 20 to 26, you can download directly from [universal-setup hub * Stark aggregation proof -> [stark_aggregation.sh yes bn128](./test/stark_aggregation.sh) +> [stark_aggregation.sh yes BN128](./test/stark_aggregation.sh) -> [stark_aggregation.sh yes bls12381](./test/stark_aggregation.sh) +> [stark_aggregation.sh yes BLS12381](./test/stark_aggregation.sh) * Stark proof and recursive stark prove > [starky](./starky) @@ -53,5 +53,7 @@ For power in range 20 to 26, you can download directly from [universal-setup hub > [starkjs](./starkjs) ## Applications +* [Rust zkVM/Risc V/REVM)](https://docs.powdr.org/backends/estark.html) +* [REVM](https://github.com/powdr-labs/powdr/tree/main/riscv/tests/riscv_data/evm) * [eigen-secret](https://github.com/0xEigenLabs/eigen-secret) * [zk-mixer](https://github.com/0xEigenLabs/zk-mixer) diff --git a/groth16/src/json_utils.rs b/groth16/src/json_utils.rs index 516825f7..6a0d85e8 100644 --- a/groth16/src/json_utils.rs +++ b/groth16/src/json_utils.rs @@ -261,7 +261,7 @@ mod tests { std::fs::File::open("./test-vectors/verification_key.bin").unwrap(), ); let vk_from_bin = VerifyingKey::::read(&mut reader).unwrap(); - let result = serialize_vk(&vk_from_bin, "bn128", false).unwrap(); + let result = serialize_vk(&vk_from_bin, "BN128", false).unwrap(); std::fs::write("./test-vectors/verification_key.json", result) .expect("Unable to write data to file"); @@ -281,7 +281,7 @@ mod tests { std::fs::File::open("./test-vectors/verification_key_bls12381.bin").unwrap(), ); let vk_from_bin = VerifyingKey::::read(&mut reader).unwrap(); - let result = serialize_vk(&vk_from_bin, "bls12381", false).unwrap(); + let result = serialize_vk(&vk_from_bin, "BLS12381", false).unwrap(); std::fs::write("./test-vectors/verification_key_bls12381.json", result) .expect("Unable to write data to file"); let json_data = std::fs::read_to_string("./test-vectors/verification_key_bls12381.json") @@ -300,7 +300,7 @@ mod tests { std::fs::File::open("./test-vectors/proof.bin").unwrap(), ); let proof_from_bin = Proof::::read(&mut reader).unwrap(); - let result = serialize_proof(&proof_from_bin, "bn128", false).unwrap(); + let result = serialize_proof(&proof_from_bin, "BN128", false).unwrap(); std::fs::write("./test-vectors/proof.json", result).expect("Unable to write data to file"); let json_data = std::fs::read_to_string("./test-vectors/proof.json") diff --git a/groth16/test-vectors/proof.json b/groth16/test-vectors/proof.json index 214e13e7..917bbf2b 100644 --- a/groth16/test-vectors/proof.json +++ b/groth16/test-vectors/proof.json @@ -1 +1 @@ -{"pi_a":{"x":"10905341685980874274150221450276555823153279022700815280793205712816544225051","y":"10202155762379182936716953236062961626111732205204299178900872478241297946341"},"pi_b":{"x":["1338445498107572340294993867641202566445851700348442510708274879828386296282","715960249206585599344782789507515384598794467188122779860104990233191718584"],"y":["16749821406279319102006597546165006262150274190725700131363414987974746028898","4186519700035121793525434458515698877463328002407700453041197661949232606762"]},"pi_c":{"x":"21017091347701602277900775955620322776855583460036942304761972046181453833874","y":"13183116007711244014066089262312410303264724202350283300596105680198265390734"},"protocol":"groth16","curve":"bn128"} \ No newline at end of file +{"pi_a":{"x":"10905341685980874274150221450276555823153279022700815280793205712816544225051","y":"10202155762379182936716953236062961626111732205204299178900872478241297946341"},"pi_b":{"x":["1338445498107572340294993867641202566445851700348442510708274879828386296282","715960249206585599344782789507515384598794467188122779860104990233191718584"],"y":["16749821406279319102006597546165006262150274190725700131363414987974746028898","4186519700035121793525434458515698877463328002407700453041197661949232606762"]},"pi_c":{"x":"21017091347701602277900775955620322776855583460036942304761972046181453833874","y":"13183116007711244014066089262312410303264724202350283300596105680198265390734"},"protocol":"groth16","curve":"BN128"} \ No newline at end of file diff --git a/groth16/test-vectors/verification_key.json b/groth16/test-vectors/verification_key.json index c921d76a..110ce0b8 100644 --- a/groth16/test-vectors/verification_key.json +++ b/groth16/test-vectors/verification_key.json @@ -1 +1 @@ -{"protocol":"groth16","curve":"bn128","vk_alpha_1":{"x":"5378666516679669030426253968554722017719204687506819500965191266972562704525","y":"11884127121600853383848213410541219000373777032449499459372628160563826160039"},"vk_beta_1":{"x":"11684926244523749803851436242880351598197401371414225641974167140429606592706","y":"16929741286104563251662568285622534504771343461093856493500590131159047726674"},"vk_beta_2":{"x":["3487033620976845212768103502495007972626150366523406838795608631173434737356","5722453597903794095057921124370073800968815052755180529625796448994959984379"],"y":["10903882886964858379024201093448298739802694041860707200919674705989363314697","13121135188883029175353353776774109279263558732251317411918854951587326451735"]},"vk_gamma_2":{"x":["10213376432339522327829270688979960667935166343925601749766190111213394028579","17878044364476259799411369024855905578579397570653322697041079920852293597018"],"y":["20127734937439354211605145692590108235858989985838133242865379337617277275201","16860366311030991434038951462895802172998962572015514313248458815738807835634"]},"vk_delta_1":{"x":"11812580675586360757509872483306998764270512859221872980162793084480574560007","y":"21631419003837427833755878016845991558820802094484003868757988133232300441323"},"vk_delta_2":{"x":["6392557126586047144123406811983722596643451132034573614997156650191062598459","13326523838708768392335568403673707724254513697314159846597127929687821406612"],"y":["17825290610532104898185648118085521929233132742972425269063635507516756760769","6800237991919287561797152453815129982788413863096002348269331496269366578862"]},"IC":[{"x":"929659533577207043539024015274672310073216612286646842606094101149765235360","y":"335827419452857986330203550224315599249726626406860618832604249213328631746"},{"x":"2686363498352366646252820900835025101354155989284038507478384410495100388581","y":"17555345507164622027374051645603070383629353375584143931251068248182858903287"}]} \ No newline at end of file +{"protocol":"groth16","curve":"BN128","vk_alpha_1":{"x":"5378666516679669030426253968554722017719204687506819500965191266972562704525","y":"11884127121600853383848213410541219000373777032449499459372628160563826160039"},"vk_beta_1":{"x":"11684926244523749803851436242880351598197401371414225641974167140429606592706","y":"16929741286104563251662568285622534504771343461093856493500590131159047726674"},"vk_beta_2":{"x":["3487033620976845212768103502495007972626150366523406838795608631173434737356","5722453597903794095057921124370073800968815052755180529625796448994959984379"],"y":["10903882886964858379024201093448298739802694041860707200919674705989363314697","13121135188883029175353353776774109279263558732251317411918854951587326451735"]},"vk_gamma_2":{"x":["10213376432339522327829270688979960667935166343925601749766190111213394028579","17878044364476259799411369024855905578579397570653322697041079920852293597018"],"y":["20127734937439354211605145692590108235858989985838133242865379337617277275201","16860366311030991434038951462895802172998962572015514313248458815738807835634"]},"vk_delta_1":{"x":"11812580675586360757509872483306998764270512859221872980162793084480574560007","y":"21631419003837427833755878016845991558820802094484003868757988133232300441323"},"vk_delta_2":{"x":["6392557126586047144123406811983722596643451132034573614997156650191062598459","13326523838708768392335568403673707724254513697314159846597127929687821406612"],"y":["17825290610532104898185648118085521929233132742972425269063635507516756760769","6800237991919287561797152453815129982788413863096002348269331496269366578862"]},"IC":[{"x":"929659533577207043539024015274672310073216612286646842606094101149765235360","y":"335827419452857986330203550224315599249726626406860618832604249213328631746"},{"x":"2686363498352366646252820900835025101354155989284038507478384410495100388581","y":"17555345507164622027374051645603070383629353375584143931251068248182858903287"}]} \ No newline at end of file diff --git a/groth16/test-vectors/verification_key_bls12381.json b/groth16/test-vectors/verification_key_bls12381.json index 9824714b..81105a13 100644 --- a/groth16/test-vectors/verification_key_bls12381.json +++ b/groth16/test-vectors/verification_key_bls12381.json @@ -1 +1 @@ -{"protocol":"groth16","curve":"bls12381","vk_alpha_1":{"x":"3993993345820571719409140484493424675806554242871959810886408554601873918255137944101466903763679670262494407588537","y":"434040191028241100687156977701140181479584201136732810220853872204863441112594390241186214510334608184265116445585"},"vk_beta_1":{"x":"2658522315457059457702685926363609046135741594849552828870486944934279944961141450275825340584526857894276358305115","y":"2582005838098837795547524323127572178802259771861368949407021843932842062429470660339994124417267958467089029228208"},"vk_beta_2":{"x":["1939783643649439894411954639292380480325083064066514758489839949576264033790832222199855423207096319681311897764661","1706194026621083356193355989930697019816904718521063732670105129169394895826011607869652463796292903452110365836723"],"y":["2882059267594982145074446435968797036465922412810323976718195308381780496019512186549577150692215060085753645010613","136198744093121836373741155654870641457272202521015181684471622593886579271321371534413401906554696076306020983958"]},"vk_gamma_2":{"x":["883915147635496103065751910712693603416723586016635604322525380426346448467883988595045708410728643160808643307430","1403820781454575035887906376249698826847651524198721302059624628291164223855649425766388826978966815093121313704809"],"y":["3002767327899819554500200115686041250208298181561565918092043416357118574931590689217528083797982832546853161584202","2001179570787517787359145767693379279385541335622939643917241121822169717089689603171961190522553496833471813324630"]},"vk_delta_1":{"x":"1659961497396109626535052665703152028851925462843715619157065076818222268573743565376319420514796164275962013421560","y":"852108729501396447916216038007962962005725557350906076014199487385922217793757155770200106463874358957413139350609"},"vk_delta_2":{"x":["534020031473045642447278438034060292849838077327028015479069546006573823597593395712527205544556207541519503017828","2064747110497790950196077674120447901647089566913002796494296878869005423506584862817520132699626632921133930942162"],"y":["2967133054993642220270835199995585185539112985976514656438629952937248710482231341340574558822407593019383656325111","654893707336486517882533615152317327607862814027749808270768166648386292824429047505275119004528430330592501340375"]},"IC":[{"x":"3215149929540148867769058662590920228610393374201602848716041633020131250087002322681572748299373984475422616855135","y":"3287151148859427866027955777219844883556867208103719288841952355852695402988828398896226297623292986657704831321769"},{"x":"3101785521102172703202926785964685464915214511035452729284362122343456680282492999444404249489107531306726342138515","y":"3640628316062820719549136473192443101956906663205310473213544832255230166150243209243419141396800629848515623269532"}]} \ No newline at end of file +{"protocol":"groth16","curve":"BLS12381","vk_alpha_1":{"x":"3993993345820571719409140484493424675806554242871959810886408554601873918255137944101466903763679670262494407588537","y":"434040191028241100687156977701140181479584201136732810220853872204863441112594390241186214510334608184265116445585"},"vk_beta_1":{"x":"2658522315457059457702685926363609046135741594849552828870486944934279944961141450275825340584526857894276358305115","y":"2582005838098837795547524323127572178802259771861368949407021843932842062429470660339994124417267958467089029228208"},"vk_beta_2":{"x":["1939783643649439894411954639292380480325083064066514758489839949576264033790832222199855423207096319681311897764661","1706194026621083356193355989930697019816904718521063732670105129169394895826011607869652463796292903452110365836723"],"y":["2882059267594982145074446435968797036465922412810323976718195308381780496019512186549577150692215060085753645010613","136198744093121836373741155654870641457272202521015181684471622593886579271321371534413401906554696076306020983958"]},"vk_gamma_2":{"x":["883915147635496103065751910712693603416723586016635604322525380426346448467883988595045708410728643160808643307430","1403820781454575035887906376249698826847651524198721302059624628291164223855649425766388826978966815093121313704809"],"y":["3002767327899819554500200115686041250208298181561565918092043416357118574931590689217528083797982832546853161584202","2001179570787517787359145767693379279385541335622939643917241121822169717089689603171961190522553496833471813324630"]},"vk_delta_1":{"x":"1659961497396109626535052665703152028851925462843715619157065076818222268573743565376319420514796164275962013421560","y":"852108729501396447916216038007962962005725557350906076014199487385922217793757155770200106463874358957413139350609"},"vk_delta_2":{"x":["534020031473045642447278438034060292849838077327028015479069546006573823597593395712527205544556207541519503017828","2064747110497790950196077674120447901647089566913002796494296878869005423506584862817520132699626632921133930942162"],"y":["2967133054993642220270835199995585185539112985976514656438629952937248710482231341340574558822407593019383656325111","654893707336486517882533615152317327607862814027749808270768166648386292824429047505275119004528430330592501340375"]},"IC":[{"x":"3215149929540148867769058662590920228610393374201602848716041633020131250087002322681572748299373984475422616855135","y":"3287151148859427866027955777219844883556867208103719288841952355852695402988828398896226297623292986657704831321769"},{"x":"3101785521102172703202926785964685464915214511035452729284362122343456680282492999444404249489107531306726342138515","y":"3640628316062820719549136473192443101956906663205310473213544832255230166150243209243419141396800629848515623269532"}]} \ No newline at end of file diff --git a/test/simple_bls.sh b/test/simple_bls.sh index 0d41ec9e..24d57b8a 100755 --- a/test/simple_bls.sh +++ b/test/simple_bls.sh @@ -40,4 +40,4 @@ mkdir -p $WORK_DIR/$CIRCUIT_NAME cp ../starkjs/circuits/c12a.verifier.zkin.json $WORK_DIR/final_input.zkin.json cp ../starkjs/circuits/c12a.verifier.circom $WORK_DIR/ -bash -x ./snark_verifier.sh groth16 true bls12381 $CIRCUIT_NAME $WORK_DIR +bash -x ./snark_verifier.sh groth16 true BLS12381 $CIRCUIT_NAME $WORK_DIR diff --git a/test/snark_verifier.sh b/test/snark_verifier.sh index cf57e039..a1c445f6 100755 --- a/test/snark_verifier.sh +++ b/test/snark_verifier.sh @@ -6,10 +6,9 @@ export NODE_OPTIONS="--max-old-space-size=163840" CUR_DIR=$(cd $(dirname $0);pwd) snark_type=${1-groth16} first_run=${2-false} -#bls12381 -CURVE=${3-bn128} +CURVE=${3-BN128} POWER=22 -if [ $CURVE = "bls12381" ]; then +if [ $CURVE = "BLS12381" ]; then POWER=25 fi BIG_POWER=28 @@ -34,9 +33,9 @@ ZKIT="${CUR_DIR}/../target/release/eigen-zkit" if [ $first_run = "true" ]; then echo "compile circom and generate wasm and r1cs" - if [ $CURVE = "bn128" ]; then + if [ $CURVE = "BN128" ]; then $ZKIT compile -i $SNARK_CIRCOM -p $CURVE -l "../starkjs/node_modules/pil-stark/circuits.bn128" -l "../starkjs/node_modules/circomlib/circuits" --O2=full -o $WORK_DIR - elif [ $CURVE = "bls12381" ]; then + elif [ $CURVE = "BLS12381" ]; then $ZKIT compile -i $SNARK_CIRCOM -p $CURVE -l "../stark-circuits/circuits" -l "../starkjs/node_modules/circomlib/circuits" --O2=full -o $WORK_DIR fi # cp $WORK_DIR/$CIRCUIT_NAME"_js"/$CIRCUIT_NAME.wasm /tmp/aggregation/circuits.wasm @@ -44,14 +43,6 @@ fi if [ $snark_type = "groth16" ]; then - if [ ! -f $SRS ]; then - echo "downloading powersOfTau28_hez_final_${POWER}.ptau" - #curl https://hermez.s3-eu-west-1.amazonaws.com/powersOfTau28_hez_final_${POWER}.ptau -o $SRS - $SNARKJS powersoftau new $CURVE ${POWER} /tmp/pot${POWER}_0000.ptau -v - $SNARKJS powersoftau contribute /tmp/pot${POWER}_0000.ptau /tmp/pot${POWER}_0001.ptau --name="First contribution" -v - $SNARKJS powersoftau prepare phase2 /tmp/pot${POWER}_0001.ptau $SRS -v - fi - if [ $first_run = "true" ]; then $ZKIT groth16_setup -c $CURVE --r1cs $WORK_DIR/$CIRCUIT_NAME.r1cs -p $WORK_DIR/g16.zkey -v $WORK_DIR/verification_key.json fi @@ -64,7 +55,7 @@ if [ $snark_type = "groth16" ]; then $ZKIT groth16_verify -c $CURVE -v $WORK_DIR/verification_key.json --public-input $WORK_DIR/public_input.json --proof $WORK_DIR/proof.json # TODO: add g16 solidity verifier - #if [ $CURVE = "bn128" ]; then + #if [ $CURVE = "BN128" ]; then # echo "5. generate verifier contract" # $SNARKJS zkesv $WORK_DIR/g16.zkey ${CUR_DIR}/aggregation/contracts/final_verifier.sol @@ -74,7 +65,7 @@ if [ $snark_type = "groth16" ]; then fi else - if [ $CURVE != "bn128" ]; then + if [ $CURVE != "BN128" ]; then echo "Not support ${CURVE}" exit -1 fi diff --git a/test/stark_aggregation.sh b/test/stark_aggregation.sh index fb5b4a11..baa39500 100755 --- a/test/stark_aggregation.sh +++ b/test/stark_aggregation.sh @@ -15,7 +15,7 @@ CIRCUIT="fibonacci" PILEXECJS="fibonacci/fibonacci.js" first_run=${1-no} -CURVE=${2-bn128} +CURVE=${2-BN128} WORKSPACE=/tmp/aggregation_${CURVE}_$CIRCUIT if [ $first_run = "yes" ]; then rm -rf $WORKSPACE && mkdir -p $WORKSPACE @@ -128,7 +128,7 @@ ${ZKIT} compressor12_exec \ echo "4. generate final proof " # Remark: the N of final.starkStruct must be 2^20 , because the degree of $RECURSIVE2_CIRCUIT.pil is 2^20 which determined by the proocess of converting $RECURSIVE_CIRCUIT2.circom to $RECURSIVE_CIRCUIT2.pil STARK_STRUCT=$CUR_DIR/../starky/data/final.starkStruct.bls12381.json -if [ $CURVE = "bn128" ]; then +if [ $CURVE = "BN128" ]; then STARK_STRUCT=$CUR_DIR/../starky/data/final.starkStruct.bn128.json fi $ZKIT stark_prove -s $STARK_STRUCT \ diff --git a/zkit/src/groth16_api.rs b/zkit/src/groth16_api.rs index 91fa7380..ca4b106d 100644 --- a/zkit/src/groth16_api.rs +++ b/zkit/src/groth16_api.rs @@ -28,12 +28,12 @@ pub fn groth16_setup( ) -> Result<()> { let mut rng = rand::thread_rng(); match curve_type { - "bn128" => { + "BN128" => { let circuit = create_circuit_from_file::(circuit_file, None); let (pk, vk) = Groth16::circuit_specific_setup(circuit, &mut rng)?; write_pk_vk_to_files(curve_type, pk, vk, pk_file, vk_file)? } - "bls12381" => { + "BLS12381" => { let circuit = create_circuit_from_file::(circuit_file, None); let (pk, vk) = Groth16::circuit_specific_setup(circuit, &mut rng)?; write_pk_vk_to_files(curve_type, pk, vk, pk_file, vk_file)? @@ -63,7 +63,7 @@ pub fn groth16_prove( let inputs = load_input_for_witness(input_file); let w = wtns.calculate_witness(inputs, false)?; match curve_type { - "bn128" => { + "BN128" => { let pk: Parameters = read_pk_from_file(pk_file, false)?; let w = w .iter() @@ -82,7 +82,7 @@ pub fn groth16_prove( let input_json = circuit.get_public_inputs_json(); std::fs::write(public_input_file, input_json)?; } - "bls12381" => { + "BLS12381" => { let pk: Parameters = read_pk_from_file(pk_file, false)?; let w = w .iter() @@ -119,7 +119,7 @@ pub fn groth16_verify( proof_file: &str, ) -> Result<()> { match curve_type { - "bn128" => { + "BN128" => { let vk = read_vk_from_file(vk_file)?; let inputs = read_public_input_from_file::(public_input_file)?; let proof = read_proof_from_file(proof_file)?; @@ -132,7 +132,7 @@ pub fn groth16_verify( } } - "bls12381" => { + "BLS12381" => { let vk = read_vk_from_file(vk_file)?; let inputs = read_public_input_from_file::(public_input_file)?; let proof = read_proof_from_file(proof_file)?; diff --git a/zkit/src/main.rs b/zkit/src/main.rs index 3f41cc1d..0dde7aef 100644 --- a/zkit/src/main.rs +++ b/zkit/src/main.rs @@ -30,7 +30,7 @@ pub struct CompilierOpt { no_simplification: bool, /// prime field, like goldilocks - #[arg(short, default_value = "bn128")] + #[arg(short, default_value = "BN128")] prime: String, ///Set reduced simplification @@ -279,7 +279,7 @@ struct JoinZkinExecOpt { /// Setup groth16 #[derive(Parser, Debug)] pub struct Groth16SetupOpt { - #[arg(short, required = true, default_value = "bn128")] + #[arg(short, required = true, default_value = "BN128")] curve_type: String, #[arg(long = "r1cs", required = true)] circuit_file: String, @@ -292,7 +292,7 @@ pub struct Groth16SetupOpt { /// Prove with groth16 #[derive(Parser, Debug)] pub struct Groth16ProveOpt { - #[arg(short, required = true, default_value = "bn128")] + #[arg(short, required = true, default_value = "BN128")] curve_type: String, #[arg(long = "r1cs", required = true)] circuit_file: String, @@ -315,7 +315,7 @@ pub struct Groth16ProveOpt { /// Verify with groth16 #[derive(Parser, Debug)] pub struct Groth16VerifyOpt { - #[arg(short, required = true, default_value = "bn128")] + #[arg(short, required = true, default_value = "BN128")] curve_type: String, #[arg(short, required = true, default_value = "verification_key.json")] vk_file: String, @@ -393,7 +393,7 @@ fn main() { Command::Setup(args) => setup(args.power, &args.srs_monomial_form), Command::Compile(args) => circom_compiler( args.input, - args.prime, + args.prime.to_lowercase(), args.full_simplification, args.link_directories, args.output,