def keygen_only(pk_fname="pysnark_pk", vk_fname="pysnark_vk", do_print=True): try: pk_fname_file = open(pk_fname, "w") vk_fname_file = open(vk_fname, "w") except: print("File open issue") raise RuntimeError("*** File open issue") sys.exit() if pb.num_constraints() == 0: # libsnark does not work in this case, add a no-op pb.add_r1cs_constraint( libsnark.R1csConstraint(libsnark.LinearCombination(), libsnark.LinearCombination(), libsnark.LinearCombination())) cs = pb.get_constraint_system_pubs() pubvals = pb.primary_input_pubs() privvals = pb.auxiliary_input_pubs() generator = (libsnark.zkgg_generator if use_groth else libsnark.zk_generator) keypair = generator(cs) keypair.pk.write(pk_fname_file) keypair.vk.write(vk_fname_file) return (keypair.pk, keypair.vk)
def prove(do_keygen=True, do_write=True, do_print=True): if pb.num_constraints() == 0: # libsnark does not work in this case, add a no-op pb.add_r1cs_constraint( libsnark.R1csConstraint(libsnark.LinearCombination(), libsnark.LinearCombination(), libsnark.LinearCombination())) cs = pb.get_constraint_system_pubs() pubvals = pb.primary_input_pubs() privvals = pb.auxiliary_input_pubs() read_key = (libsnark.zkgg_read_key if use_groth else libsnark.zk_read_key) generator = (libsnark.zkgg_generator if use_groth else libsnark.zk_generator) write_keys = (libsnark.zkgg_write_keys if use_groth else libsnark.zk_write_keys) prover = (libsnark.zkgg_prover if use_groth else libsnark.zk_prover) verifier_strong_IC = (libsnark.zkgg_verifier_strong_IC if use_groth else libsnark.zk_verifier_strong_IC) write_proof = (libsnark.zkgg_write_proof if use_groth else libsnark.zk_write_proof) if do_print: print("*** Trying to read pysnark_ek", file=sys.stderr) keypair = read_key("pysnark_ek", cs) if not keypair: if do_keygen: if do_print: print( "*** No pysnark_ek or computation changed, generating keys...", file=sys.stderr) keypair = generator(cs) write_keys(keypair, "pysnark_vk", "pysnark_ek") else: raise RuntimeError( "*** No pysnark_ek or key is for different computation") if do_print: print("*** PySNARK: generating proof pysnark_log (" + "sat=" + str(pb.is_satisfied()) + ", #io=" + str(pubvals.size()) + ", #witness=" + str(privvals.size()) + ", #constraint=" + str(pb.num_constraints()) + ")", file=sys.stderr) proof = prover(keypair.pk, pubvals, privvals) if do_write: write_proof(proof, pubvals, "pysnark_log") if do_print: print("*** Public inputs: " + " ".join([str(pubvals.at(i)) for i in range(pubvals.size())]), file=sys.stderr) if do_print: print("*** Verification status:", verifier_strong_IC(keypair.vk, pubvals, proof), file=sys.stderr) return (keypair.vk, proof, pubvals)
def prove_only(pk_fname="pysnark_pk", proof_log="pysnark_log", pubvals_fname="pysnark_pubvals", do_print=True): try: proof_log_file = open(proof_log, "w") pk_fname_file = open(pk_fname, "r") pubvals_file = open(pubvals_fname, "w") except: print("File open issue") raise RuntimeError("*** File open issue") sys.exit() if pb.num_constraints() == 0: # libsnark does not work in this case, add a no-op pb.add_r1cs_constraint( libsnark.R1csConstraint(libsnark.LinearCombination(), libsnark.LinearCombination(), libsnark.LinearCombination())) cs = pb.get_constraint_system_pubs() pubvals = pb.primary_input_pubs() privvals = pb.auxiliary_input_pubs() prover = (libsnark.zkgg_prover if use_groth else libsnark.zk_prover) write_proof = (libsnark.zkgg_write_proof if use_groth else libsnark.zk_write_proof) read_key = libsnark.ZKProvingKey_read #read_key = libsnark.zk_read_key if do_print: print("*** Trying to read pk", file=sys.stderr) keypair_pk = read_key(pk_fname_file) if not keypair_pk: raise RuntimeError("*** Unable to read proving key") if do_print: print("*** PySNARK: generating proof pysnark_log (" + "sat=" + str(pb.is_satisfied()) + ", #io=" + str(pubvals.size()) + ", #witness=" + str(privvals.size()) + ", #constraint=" + str(pb.num_constraints()) + ")", file=sys.stderr) proof = prover(keypair_pk, pubvals, privvals) proof.write(proof_log_file) proof_log_file.close() make_pubvals_file(pubvals_file, pubvals) #write_proof(proof, pubvals, proof_log) return (proof, pubvals)
def privval(val): pbv = libsnark.PbVariable() pbv.allocate(pb) pb.setval(pbv, val) return libsnark.LinearCombination(pbv)
def one(): return libsnark.LinearCombination(1)
def zero(): return libsnark.LinearCombination()
inv.allocate(pb) pb.setpublic(inv) int = libsnark.PbVariable() int.allocate(pb) outv = libsnark.PbVariable() outv.allocate(pb) pb.setpublic(outv) # create constraints # let int=inv*(2*inv+1) pb.add_r1cs_constraint( libsnark.R1csConstraint( libsnark.LinearCombination(inv), libsnark.LinearCombination(inv) * 2 + libsnark.LinearCombination(1), libsnark.LinearCombination(int))) # let out=(int-1)*inv pb.add_r1cs_constraint( libsnark.R1csConstraint( libsnark.LinearCombination(int) - libsnark.LinearCombination(1), libsnark.LinearCombination(inv), libsnark.LinearCombination(outv))) # create witnesses pb.setval(inv, 3) pb.setval(int, 21) pb.setval(outv, 60) cs = pb.get_constraint_system_pubs()