logos-blockchain/logos-blockchain-circuits
1
0
Fork 0
mirror of https://github.com/logos-blockchain/logos-blockchain-circuits.git synced 2026-01-02 13:13:08 +00:00
Code Issues Packages Projects Releases Wiki Activity
logos-blockchain-circuits/.github/workflows/build-circuits.yml
David Rusu a281b792ca fix(zkey): 2^17 ptau rather than 2^21
2025-11-03 12:56:35 +04:00

858 lines
33 KiB
YAML
Raw Blame History

name: Build Circuits
on:
push:
tags:
- "v*.*.*"
pull_request:
branches:
- main
workflow_dispatch:
inputs:
tag:
description: "Tag to release. Must follow the format of 'vX.Y.Z'."
required: true
jobs:
setup:
name: Configure Environment
runs-on: ubuntu-latest
outputs:
version: ${{ steps.define-version.outputs.version }}
tag: ${{ steps.define-version.outputs.tag }}
steps:
- name: Define version
id: define-version
env:
# Use the tag name if it is available, otherwise use the input version.
# For PR testing, use a test version based on PR number and commit SHA.
TAG: ${{ (github.ref_type == 'tag' && github.ref_name) || inputs.tag || format('v0.0.0-pr{0}-{1}', github.event.pull_request.number || '0', github.sha) }}
run: |
if [ -z "$TAG" ]; then
echo "Could not determine tag."
exit 1
fi
# For pull requests, allow test versions with format v0.0.0-pr*
if [[ "$TAG" =~ ^v0\.0\.0-pr ]]; then
echo "Using test version for PR: $TAG"
VERSION="$TAG"
elif [[ ! "$TAG" =~ ^v[0-9]+\.[0-9]+\.[0-9]+$ ]]; then
echo "TAG must follow the format of 'vX.Y.Z'. Value: '$TAG'."
exit 2
else
# Parse Version: Take only the vX.Y.Z part.
VERSION=$(echo $TAG | cut -d'-' -f1)
fi
# Export the tag and version.
echo "tag=$TAG" >> $GITHUB_OUTPUT
echo "version=$VERSION" >> $GITHUB_OUTPUT
generate-proving-keys:
name: Generate ${{ matrix.circuit.display }} Proving Key
runs-on: ubuntu-latest
needs:
- setup
strategy:
fail-fast: false
matrix:
circuit:
- name: pol
display: PoL
file: pol.circom
dir: mantle
- name: poq
display: PoQ
file: poq.circom
dir: blend
- name: zksign
display: ZKSign
file: signature.circom
dir: mantle
- name: poc
display: PoC
file: poc.circom
dir: mantle
env:
VERSION: ${{ needs.setup.outputs.version }}
PTAU_URL: "https://storage.googleapis.com/zkevm/ptau/powersOfTau28_hez_final_17.ptau"
PTAU_FILE: "powersOfTau28_hez_final_17.ptau"
steps:
- name: Install Rust Toolchain
uses: actions-rust-lang/setup-rust-toolchain@fb51252c7ba57d633bc668f941da052e410add48
with:
toolchain: stable
cache: false
- name: Install Circom
run: |
git clone https://github.com/iden3/circom.git
cd circom
RUSTFLAGS="-A dead_code" cargo build --release
RUSTFLAGS="-A dead_code" cargo install --path circom
circom --version
- name: Checkout
uses: actions/checkout@8edcb1bdb4e267140fa742c62e395cd74f332709
- name: Initialise Submodules
run: git submodule update --init --recursive
- name: Setup Node.js
uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b
with:
node-version: '20'
- name: Install snarkjs
run: npm install -g snarkjs@latest
- name: Cache Powers of Tau
id: cache-ptau
uses: actions/cache@v4
with:
path: ${{ env.PTAU_FILE }}
key: ptau-${{ env.PTAU_FILE }}
- name: Download Powers of Tau
if: steps.cache-ptau.outputs.cache-hit != 'true'
run: |
echo "Downloading Powers of Tau file (this may take a while, ~3GB)..."
curl -L -o "${{ env.PTAU_FILE }}" "${{ env.PTAU_URL }}"
echo "Download complete."
- name: Generate Proving Key
run: |
cd ${{ matrix.circuit.dir }}
circom --r1cs --O2 ${{ matrix.circuit.file }}
snarkjs groth16 setup ${CIRCUIT_NAME}.r1cs ../${{ env.PTAU_FILE }} ${{ matrix.circuit.name }}-0.zkey
head -c 32 /dev/urandom | xxd -p -c 256 | snarkjs zkey contribute ${{ matrix.circuit.name }}-0.zkey ${{ matrix.circuit.name }}.zkey --name="RELEASE" -v
snarkjs zkey export verificationkey ${{ matrix.circuit.name }}.zkey ${{ matrix.circuit.name }}_verification_key.json
env:
CIRCUIT_NAME: ${{ matrix.circuit.file == 'signature.circom' && 'signature' || matrix.circuit.name }}
- name: Upload Proving Key
uses: actions/upload-artifact@de65e23aa2b7e23d713bb51fbfcb6d502f8667d8
with:
name: ${{ matrix.circuit.name }}-proving-key
path: |
${{ matrix.circuit.dir }}/${{ matrix.circuit.name }}.zkey
${{ matrix.circuit.dir }}/${{ matrix.circuit.name }}_verification_key.json
build-linux:
name: Build Linux Binaries (Native)
runs-on: ubuntu-latest
needs:
- setup
- generate-proving-keys
env:
VERSION: ${{ needs.setup.outputs.version }}
OS: linux
ARCH: x86_64
steps:
- name: Install Rust Toolchain
uses: actions-rust-lang/setup-rust-toolchain@fb51252c7ba57d633bc668f941da052e410add48
with:
toolchain: stable
cache: false
- name: Install Circom
run: |
git clone https://github.com/iden3/circom.git
cd circom
RUSTFLAGS="-A dead_code" cargo build --release
RUSTFLAGS="-A dead_code" cargo install --path circom
circom --version
- name: Checkout
uses: actions/checkout@8edcb1bdb4e267140fa742c62e395cd74f332709
- name: Initialise Submodules
run: git submodule update --init --recursive
- name: Setup Dependencies
working-directory: rapidsnark
run: sudo apt update -y
- name: Install Dependencies [Prover]
run: sudo apt install -y build-essential cmake libgmp-dev libsodium-dev nasm curl m4
- name: Install Dependencies [Witness Generator]
run: sudo apt install nlohmann-json3-dev
- name: Replace Prover Makefile # TODO: Make a fork generate the appropriate Linux Makefile
run: cp .github/resources/prover/Makefile rapidsnark/Makefile
- name: Compile Prover and Verifier
working-directory: rapidsnark
run: |
./build_gmp.sh host
make host_linux_x86_64_static
- name: Bundle Rapidsnark Prover
env:
BINARY_NAME: prover
BUNDLE_NAME: prover-${{ env.VERSION }}-${{ env.OS }}-${{ env.ARCH }}
RAPIDSNARK_DIR: rapidsnark/package
run: |
BUNDLE_DIR="${BUNDLE_NAME}/${BINARY_NAME}"
mkdir -p "$BUNDLE_DIR"
mv "${RAPIDSNARK_DIR}"/bin/${BINARY_NAME} "$BUNDLE_DIR/"
tar -czf "${BUNDLE_NAME}.tar.gz" "${BUNDLE_NAME}"
- name: Bundle Rapidsnark Verifier
env:
BINARY_NAME: verifier
BUNDLE_NAME: verifier-${{ env.VERSION }}-${{ env.OS }}-${{ env.ARCH }}
RAPIDSNARK_DIR: rapidsnark/package
run: |
BUNDLE_DIR="${BUNDLE_NAME}/${BINARY_NAME}"
mkdir -p "$BUNDLE_DIR"
mv "${RAPIDSNARK_DIR}"/bin/${BINARY_NAME} "$BUNDLE_DIR/"
tar -czf "${BUNDLE_NAME}.tar.gz" "${BUNDLE_NAME}"
- name: Upload Rapidsnark Prover
uses: actions/upload-artifact@de65e23aa2b7e23d713bb51fbfcb6d502f8667d8
with:
name: prover-${{ env.VERSION }}-${{ env.OS }}-${{ env.ARCH }}.tar.gz
path: prover-${{ env.VERSION }}-${{ env.OS }}-${{ env.ARCH }}.tar.gz
- name: Upload Rapidsnark Verifier
uses: actions/upload-artifact@de65e23aa2b7e23d713bb51fbfcb6d502f8667d8
with:
name: verifier-${{ env.VERSION }}-${{ env.OS }}-${{ env.ARCH }}.tar.gz
path: verifier-${{ env.VERSION }}-${{ env.OS }}-${{ env.ARCH }}.tar.gz
- name: Compile and Bundle PoL
uses: ./.github/actions/compile-and-bundle
with:
circuit-name-display: "PoL"
circuit-name-binary: "pol"
circuit-path: "mantle/pol.circom"
version: ${{ env.VERSION }}
os: ${{ env.OS }}
arch: ${{ env.ARCH }}
- name: Compile and Bundle PoQ
uses: ./.github/actions/compile-and-bundle
with:
circuit-name-display: "PoQ"
circuit-name-binary: "poq"
circuit-path: "blend/poq.circom"
version: ${{ env.VERSION }}
os: ${{ env.OS }}
arch: ${{ env.ARCH }}
- name: Compile and Bundle ZKSign
uses: ./.github/actions/compile-and-bundle
with:
circuit-name-display: "ZKSign"
circuit-name-binary: "zksign"
circuit-path: "mantle/signature.circom"
version: ${{ env.VERSION }}
os: ${{ env.OS }}
arch: ${{ env.ARCH }}
- name: Compile and Bundle PoC
uses: ./.github/actions/compile-and-bundle
with:
circuit-name-display: "PoC"
circuit-name-binary: "poc"
circuit-path: "mantle/poc.circom"
version: ${{ env.VERSION }}
os: ${{ env.OS }}
arch: ${{ env.ARCH }}
- name: Download PoL Witness Generator
uses: actions/download-artifact@448e3f862ab3ef47aa50ff917776823c9946035b
with:
name: pol-${{ env.VERSION }}-${{ env.OS }}-${{ env.ARCH }}
path: witness-generators/pol-artifact
- name: Download PoQ Witness Generator
uses: actions/download-artifact@448e3f862ab3ef47aa50ff917776823c9946035b
with:
name: poq-${{ env.VERSION }}-${{ env.OS }}-${{ env.ARCH }}
path: witness-generators/poq-artifact
- name: Download ZKSign Witness Generator
uses: actions/download-artifact@448e3f862ab3ef47aa50ff917776823c9946035b
with:
name: zksign-${{ env.VERSION }}-${{ env.OS }}-${{ env.ARCH }}
path: witness-generators/zksign-artifact
- name: Download PoC Witness Generator
uses: actions/download-artifact@448e3f862ab3ef47aa50ff917776823c9946035b
with:
name: poc-${{ env.VERSION }}-${{ env.OS }}-${{ env.ARCH }}
path: witness-generators/poc-artifact
- name: Download All Proving Key Artifacts
uses: actions/download-artifact@448e3f862ab3ef47aa50ff917776823c9946035b
with:
pattern: "*-proving-key"
path: proving-keys/
- name: Create Unified Release Bundle
env:
BUNDLE_NAME: nomos-circuits-${{ env.OS }}-${{ env.ARCH }}-${{ env.VERSION }}
run: |
# Create the bundle directory structure
mkdir -p "${BUNDLE_NAME}"/{pol,poq,zksign,poc}
# Create VERSION file
echo "${{ env.VERSION }}" > "${BUNDLE_NAME}/VERSION"
# Move witness generators into their respective circuit directories
mv witness-generators/pol-artifact/pol "${BUNDLE_NAME}/pol/witness_generator"
mv witness-generators/pol-artifact/pol.dat "${BUNDLE_NAME}/pol/witness_generator.dat"
mv witness-generators/poq-artifact/poq "${BUNDLE_NAME}/poq/witness_generator"
mv witness-generators/poq-artifact/poq.dat "${BUNDLE_NAME}/poq/witness_generator.dat"
mv witness-generators/zksign-artifact/signature "${BUNDLE_NAME}/zksign/witness_generator"
mv witness-generators/zksign-artifact/signature.dat "${BUNDLE_NAME}/zksign/witness_generator.dat"
mv witness-generators/poc-artifact/poc "${BUNDLE_NAME}/poc/witness_generator"
mv witness-generators/poc-artifact/poc.dat "${BUNDLE_NAME}/poc/witness_generator.dat"
# Restore execute permissions on witness generators
chmod +x "${BUNDLE_NAME}/pol/witness_generator"
chmod +x "${BUNDLE_NAME}/poq/witness_generator"
chmod +x "${BUNDLE_NAME}/zksign/witness_generator"
chmod +x "${BUNDLE_NAME}/poc/witness_generator"
# Copy proving keys and verification keys into each circuit directory
cp proving-keys/pol-proving-key/pol.zkey "${BUNDLE_NAME}/pol/proving_key.zkey"
cp proving-keys/pol-proving-key/pol_verification_key.json "${BUNDLE_NAME}/pol/verification_key.json"
cp proving-keys/poq-proving-key/poq.zkey "${BUNDLE_NAME}/poq/proving_key.zkey"
cp proving-keys/poq-proving-key/poq_verification_key.json "${BUNDLE_NAME}/poq/verification_key.json"
cp proving-keys/zksign-proving-key/zksign.zkey "${BUNDLE_NAME}/zksign/proving_key.zkey"
cp proving-keys/zksign-proving-key/zksign_verification_key.json "${BUNDLE_NAME}/zksign/verification_key.json"
cp proving-keys/poc-proving-key/poc.zkey "${BUNDLE_NAME}/poc/proving_key.zkey"
cp proving-keys/poc-proving-key/poc_verification_key.json "${BUNDLE_NAME}/poc/verification_key.json"
# Create tarball
tar -czf "${BUNDLE_NAME}.tar.gz" "${BUNDLE_NAME}"
- name: Upload Unified Release Bundle
uses: actions/upload-artifact@de65e23aa2b7e23d713bb51fbfcb6d502f8667d8
with:
name: nomos-circuits-${{ env.OS }}-${{ env.ARCH }}-${{ env.VERSION }}.tar.gz
path: nomos-circuits-${{ env.OS }}-${{ env.ARCH }}-${{ env.VERSION }}.tar.gz
build-windows:
name: Build Windows Binaries (Native)
runs-on: windows-latest
needs:
- setup
- generate-proving-keys
env:
VERSION: ${{ needs.setup.outputs.version }}
OS: windows
ARCH: x86_64
steps:
- name: Setup MSYS2
uses: msys2/setup-msys2@v2.28.0 # FIXME: Ideally use the hash to avoid supply chain attacks. Currently unable to.
with:
update: true
install: >-
base-devel
mingw-w64-x86_64-toolchain
make
git
- name: Install Rust Toolchain
uses: actions-rust-lang/setup-rust-toolchain@fb51252c7ba57d633bc668f941da052e410add48
with:
toolchain: stable
cache: false
- name: Install Circom
run: |
git clone https://github.com/iden3/circom.git
cd circom
$env:RUSTFLAGS="-A dead_code"; cargo build --release
$env:RUSTFLAGS="-A dead_code"; cargo install --path circom
circom --version
- name: Checkout
uses: actions/checkout@8edcb1bdb4e267140fa742c62e395cd74f332709
- name: Initialise Submodules
run: git submodule update --init --recursive
- name: Install Dependencies [Witness Generator]
shell: msys2 {0}
run: |
# nlohmann/json
mkdir -p /include/nlohmann/
wget -O /include/nlohmann/json.hpp https://github.com/nlohmann/json/releases/download/v3.12.0/json.hpp
# mman-win32
git clone https://github.com/alitrack/mman-win32.git
pushd mman-win32
./configure --prefix= # Path: /
make
make install
popd
- name: Install Dependencies [Prover]
shell: msys2 {0}
run: pacman --noconfirm -Sy --needed cmake nasm mingw-w64-ucrt-x86_64-libsodium
- name: Replace Prover Makefile # TODO: Make a fork generate the appropriate Windows Makefile
shell: msys2 {0}
run: cp .github/resources/prover/Makefile rapidsnark/Makefile
- name: Replace Prover CMakeLists
shell: msys2 {0}
run: cp .github/resources/prover/${{ env.OS }}.src-CMakeLists.txt rapidsnark/src/CMakeLists.txt
- name: Patch Windows mman
shell: msys2 {0}
run: cp .github/resources/prover/${{ env.OS }}.mman_patch.hpp /include/mman_patch.hpp
- name: Add uio.h headers
shell: msys2 {0}
run: cp .github/resources/prover/${{ env.OS }}.uio.h /include/sys/uio.h
- name: Replace build_gmp
shell: msys2 {0}
run: cp .github/resources/prover/${{ env.OS }}.build_gmp.sh rapidsnark/build_gmp.sh
- name: Compile Prover and Verifier
shell: msys2 {0}
working-directory: rapidsnark
run: |
./build_gmp.sh host
make host_windows_x86_64_static
- name: Bundle Rapidsnark Prover
shell: msys2 {0}
env:
BINARY_NAME: prover
BUNDLE_NAME: prover-${{ env.VERSION }}-${{ env.OS }}-${{ env.ARCH }}
RAPIDSNARK_DIR: rapidsnark/package
run: |
BUNDLE_DIR="${BUNDLE_NAME}/${BINARY_NAME}"
mkdir -p "$BUNDLE_DIR"
mv "${RAPIDSNARK_DIR}"/bin/${BINARY_NAME}.exe "$BUNDLE_DIR/"
tar -czf "${BUNDLE_NAME}.tar.gz" "${BUNDLE_NAME}"
- name: Bundle Rapidsnark Verifier
shell: msys2 {0}
env:
BINARY_NAME: verifier
BUNDLE_NAME: verifier-${{ env.VERSION }}-${{ env.OS }}-${{ env.ARCH }}
RAPIDSNARK_DIR: rapidsnark/package
run: |
BUNDLE_DIR="${BUNDLE_NAME}/${BINARY_NAME}"
mkdir -p "$BUNDLE_DIR"
mv "${RAPIDSNARK_DIR}"/bin/${BINARY_NAME}.exe "$BUNDLE_DIR/"
tar -czf "${BUNDLE_NAME}.tar.gz" "${BUNDLE_NAME}"
- name: Upload Rapidsnark Prover
uses: actions/upload-artifact@de65e23aa2b7e23d713bb51fbfcb6d502f8667d8
with:
name: prover-${{ env.VERSION }}-${{ env.OS }}-${{ env.ARCH }}.tar.gz
path: prover-${{ env.VERSION }}-${{ env.OS }}-${{ env.ARCH }}.tar.gz
- name: Upload Rapidsnark Verifier
uses: actions/upload-artifact@de65e23aa2b7e23d713bb51fbfcb6d502f8667d8
with:
name: verifier-${{ env.VERSION }}-${{ env.OS }}-${{ env.ARCH }}.tar.gz
path: verifier-${{ env.VERSION }}-${{ env.OS }}-${{ env.ARCH }}.tar.gz
- name: Compile and Bundle PoL
uses: ./.github/actions/compile-and-bundle
with:
circuit-name-display: "PoL"
circuit-name-binary: "pol"
circuit-path: "mantle/pol.circom"
version: ${{ env.VERSION }}
os: ${{ env.OS }}
arch: ${{ env.ARCH }}
- name: Compile and Bundle PoQ
uses: ./.github/actions/compile-and-bundle
with:
circuit-name-display: "PoQ"
circuit-name-binary: "poq"
circuit-path: "blend/poq.circom"
version: ${{ env.VERSION }}
os: ${{ env.OS }}
arch: ${{ env.ARCH }}
- name: Compile and Bundle ZKSign
uses: ./.github/actions/compile-and-bundle
with:
circuit-name-display: "ZKSign"
circuit-name-binary: "zksign"
circuit-path: "mantle/signature.circom"
version: ${{ env.VERSION }}
os: ${{ env.OS }}
arch: ${{ env.ARCH }}
- name: Compile and Bundle PoC
uses: ./.github/actions/compile-and-bundle
with:
circuit-name-display: "PoC"
circuit-name-binary: "poc"
circuit-path: "mantle/poc.circom"
version: ${{ env.VERSION }}
os: ${{ env.OS }}
arch: ${{ env.ARCH }}
- name: Download PoL Witness Generator
uses: actions/download-artifact@448e3f862ab3ef47aa50ff917776823c9946035b
with:
name: pol-${{ env.VERSION }}-${{ env.OS }}-${{ env.ARCH }}
path: witness-generators/pol-artifact
- name: Download PoQ Witness Generator
uses: actions/download-artifact@448e3f862ab3ef47aa50ff917776823c9946035b
with:
name: poq-${{ env.VERSION }}-${{ env.OS }}-${{ env.ARCH }}
path: witness-generators/poq-artifact
- name: Download ZKSign Witness Generator
uses: actions/download-artifact@448e3f862ab3ef47aa50ff917776823c9946035b
with:
name: zksign-${{ env.VERSION }}-${{ env.OS }}-${{ env.ARCH }}
path: witness-generators/zksign-artifact
- name: Download PoC Witness Generator
uses: actions/download-artifact@448e3f862ab3ef47aa50ff917776823c9946035b
with:
name: poc-${{ env.VERSION }}-${{ env.OS }}-${{ env.ARCH }}
path: witness-generators/poc-artifact
- name: Download All Proving Key Artifacts
uses: actions/download-artifact@448e3f862ab3ef47aa50ff917776823c9946035b
with:
pattern: "*-proving-key"
path: proving-keys/
- name: Create Unified Release Bundle
shell: msys2 {0}
env:
BUNDLE_NAME: nomos-circuits-${{ env.OS }}-${{ env.ARCH }}-${{ env.VERSION }}
run: |
# Create the bundle directory structure
mkdir -p "${BUNDLE_NAME}"/{pol,poq,zksign,poc}
# Create VERSION file
echo "${{ env.VERSION }}" > "${BUNDLE_NAME}/VERSION"
# Move witness generators into their respective circuit directories
mv witness-generators/pol-artifact/pol.exe "${BUNDLE_NAME}/pol/witness_generator.exe"
mv witness-generators/pol-artifact/pol.dat "${BUNDLE_NAME}/pol/witness_generator.dat"
mv witness-generators/poq-artifact/poq.exe "${BUNDLE_NAME}/poq/witness_generator.exe"
mv witness-generators/poq-artifact/poq.dat "${BUNDLE_NAME}/poq/witness_generator.dat"
mv witness-generators/zksign-artifact/signature.exe "${BUNDLE_NAME}/zksign/witness_generator.exe"
mv witness-generators/zksign-artifact/signature.dat "${BUNDLE_NAME}/zksign/witness_generator.dat"
mv witness-generators/poc-artifact/poc.exe "${BUNDLE_NAME}/poc/witness_generator.exe"
mv witness-generators/poc-artifact/poc.dat "${BUNDLE_NAME}/poc/witness_generator.dat"
# Copy proving keys and verification keys into each circuit directory
cp proving-keys/pol-proving-key/pol.zkey "${BUNDLE_NAME}/pol/proving_key.zkey"
cp proving-keys/pol-proving-key/pol_verification_key.json "${BUNDLE_NAME}/pol/verification_key.json"
cp proving-keys/poq-proving-key/poq.zkey "${BUNDLE_NAME}/poq/proving_key.zkey"
cp proving-keys/poq-proving-key/poq_verification_key.json "${BUNDLE_NAME}/poq/verification_key.json"
cp proving-keys/zksign-proving-key/zksign.zkey "${BUNDLE_NAME}/zksign/proving_key.zkey"
cp proving-keys/zksign-proving-key/zksign_verification_key.json "${BUNDLE_NAME}/zksign/verification_key.json"
cp proving-keys/poc-proving-key/poc.zkey "${BUNDLE_NAME}/poc/proving_key.zkey"
cp proving-keys/poc-proving-key/poc_verification_key.json "${BUNDLE_NAME}/poc/verification_key.json"
# Create tarball
tar -czf "${BUNDLE_NAME}.tar.gz" "${BUNDLE_NAME}"
- name: Upload Unified Release Bundle
uses: actions/upload-artifact@de65e23aa2b7e23d713bb51fbfcb6d502f8667d8
with:
name: nomos-circuits-${{ env.OS }}-${{ env.ARCH }}-${{ env.VERSION }}.tar.gz
path: nomos-circuits-${{ env.OS }}-${{ env.ARCH }}-${{ env.VERSION }}.tar.gz
build-macos:
name: Build MacOS Binaries (Native)
runs-on: macos-latest
needs:
- setup
- generate-proving-keys
env:
VERSION: ${{ needs.setup.outputs.version }}
ARCH: aarch64
OS: macos
steps:
- name: Install Rust Toolchain
uses: actions-rust-lang/setup-rust-toolchain@fb51252c7ba57d633bc668f941da052e410add48
with:
toolchain: stable
cache: false
- name: Install Circom
run: |
git clone https://github.com/iden3/circom.git
cd circom
RUSTFLAGS="-A dead_code" cargo build --release
RUSTFLAGS="-A dead_code" cargo install --path circom
circom --version
- name: Checkout
uses: actions/checkout@8edcb1bdb4e267140fa742c62e395cd74f332709
- name: Initialise Submodules
run: git submodule update --init --recursive
- name: Setup Dependencies
run: mkdir include
- name: Install Dependencies [Witness Generator]
run: brew install nlohmann-json
- name: Install Dependencies [Prover]
run: brew install nasm m4
- name: Compile Prover and Verifier
working-directory: rapidsnark
run: |
./build_gmp.sh macos_arm64
make macos_arm64
- name: Bundle Rapidsnark Prover
env:
BINARY_NAME: prover
BUNDLE_NAME: prover-${{ env.VERSION }}-${{ env.OS }}-${{ env.ARCH }}
RAPIDSNARK_DIR: rapidsnark/package_macos_arm64
run: |
BUNDLE_DIR="${BUNDLE_NAME}/${BINARY_NAME}"
mkdir -p "$BUNDLE_DIR"
mv "${RAPIDSNARK_DIR}/bin/${BINARY_NAME}" "$BUNDLE_DIR/"
tar -czf "${BUNDLE_NAME}.tar.gz" "${BUNDLE_NAME}"
- name: Bundle Rapidsnark Verifier
env:
BINARY_NAME: verifier
BUNDLE_NAME: verifier-${{ env.VERSION }}-${{ env.OS }}-${{ env.ARCH }}
RAPIDSNARK_DIR: rapidsnark/package_macos_arm64
run: |
BUNDLE_DIR="${BUNDLE_NAME}/${BINARY_NAME}"
mkdir -p "$BUNDLE_DIR"
mv "${RAPIDSNARK_DIR}/bin/${BINARY_NAME}" "$BUNDLE_DIR/"
tar -czf "${BUNDLE_NAME}.tar.gz" "${BUNDLE_NAME}"
- name: Upload Rapidsnark Prover
uses: actions/upload-artifact@de65e23aa2b7e23d713bb51fbfcb6d502f8667d8
with:
name: prover-${{ env.VERSION }}-${{ env.OS }}-${{ env.ARCH }}.tar.gz
path: prover-${{ env.VERSION }}-${{ env.OS }}-${{ env.ARCH }}.tar.gz
- name: Upload Rapidsnark Verifier
uses: actions/upload-artifact@de65e23aa2b7e23d713bb51fbfcb6d502f8667d8
with:
name: verifier-${{ env.VERSION }}-${{ env.OS }}-${{ env.ARCH }}.tar.gz
path: verifier-${{ env.VERSION }}-${{ env.OS }}-${{ env.ARCH }}.tar.gz
- name: Compile and Bundle PoL
uses: ./.github/actions/compile-and-bundle
with:
circuit-name-display: "PoL"
circuit-name-binary: "pol"
circuit-path: "mantle/pol.circom"
version: ${{ env.VERSION }}
os: ${{ env.OS }}
arch: ${{ env.ARCH }}
- name: Compile and Bundle PoQ
uses: ./.github/actions/compile-and-bundle
with:
circuit-name-display: "PoQ"
circuit-name-binary: "poq"
circuit-path: "blend/poq.circom"
version: ${{ env.VERSION }}
os: ${{ env.OS }}
arch: ${{ env.ARCH }}
- name: Compile and Bundle ZKSign
uses: ./.github/actions/compile-and-bundle
with:
circuit-name-display: "ZKSign"
circuit-name-binary: "zksign"
circuit-path: "mantle/signature.circom"
version: ${{ env.VERSION }}
os: ${{ env.OS }}
arch: ${{ env.ARCH }}
- name: Compile and Bundle PoC
uses: ./.github/actions/compile-and-bundle
with:
circuit-name-display: "PoC"
circuit-name-binary: "poc"
circuit-path: "mantle/poc.circom"
version: ${{ env.VERSION }}
os: ${{ env.OS }}
arch: ${{ env.ARCH }}
- name: Download PoL Witness Generator
uses: actions/download-artifact@448e3f862ab3ef47aa50ff917776823c9946035b
with:
name: pol-${{ env.VERSION }}-${{ env.OS }}-${{ env.ARCH }}
path: witness-generators/pol-artifact
- name: Download PoQ Witness Generator
uses: actions/download-artifact@448e3f862ab3ef47aa50ff917776823c9946035b
with:
name: poq-${{ env.VERSION }}-${{ env.OS }}-${{ env.ARCH }}
path: witness-generators/poq-artifact
- name: Download ZKSign Witness Generator
uses: actions/download-artifact@448e3f862ab3ef47aa50ff917776823c9946035b
with:
name: zksign-${{ env.VERSION }}-${{ env.OS }}-${{ env.ARCH }}
path: witness-generators/zksign-artifact
- name: Download PoC Witness Generator
uses: actions/download-artifact@448e3f862ab3ef47aa50ff917776823c9946035b
with:
name: poc-${{ env.VERSION }}-${{ env.OS }}-${{ env.ARCH }}
path: witness-generators/poc-artifact
- name: Download All Proving Key Artifacts
uses: actions/download-artifact@448e3f862ab3ef47aa50ff917776823c9946035b
with:
pattern: "*-proving-key"
path: proving-keys/
- name: Create Unified Release Bundle
env:
BUNDLE_NAME: nomos-circuits-${{ env.OS }}-${{ env.ARCH }}-${{ env.VERSION }}
run: |
# Create the bundle directory structure
mkdir -p "${BUNDLE_NAME}"/{pol,poq,zksign,poc}
# Create VERSION file
echo "${{ env.VERSION }}" > "${BUNDLE_NAME}/VERSION"
# Move witness generators into their respective circuit directories
mv witness-generators/pol-artifact/pol "${BUNDLE_NAME}/pol/witness_generator"
mv witness-generators/pol-artifact/pol.dat "${BUNDLE_NAME}/pol/witness_generator.dat"
mv witness-generators/poq-artifact/poq "${BUNDLE_NAME}/poq/witness_generator"
mv witness-generators/poq-artifact/poq.dat "${BUNDLE_NAME}/poq/witness_generator.dat"
mv witness-generators/zksign-artifact/signature "${BUNDLE_NAME}/zksign/witness_generator"
mv witness-generators/zksign-artifact/signature.dat "${BUNDLE_NAME}/zksign/witness_generator.dat"
mv witness-generators/poc-artifact/poc "${BUNDLE_NAME}/poc/witness_generator"
mv witness-generators/poc-artifact/poc.dat "${BUNDLE_NAME}/poc/witness_generator.dat"
# Restore execute permissions on witness generators
chmod +x "${BUNDLE_NAME}/pol/witness_generator"
chmod +x "${BUNDLE_NAME}/poq/witness_generator"
chmod +x "${BUNDLE_NAME}/zksign/witness_generator"
chmod +x "${BUNDLE_NAME}/poc/witness_generator"
# Copy proving keys and verification keys into each circuit directory
cp proving-keys/pol-proving-key/pol.zkey "${BUNDLE_NAME}/pol/proving_key.zkey"
cp proving-keys/pol-proving-key/pol_verification_key.json "${BUNDLE_NAME}/pol/verification_key.json"
cp proving-keys/poq-proving-key/poq.zkey "${BUNDLE_NAME}/poq/proving_key.zkey"
cp proving-keys/poq-proving-key/poq_verification_key.json "${BUNDLE_NAME}/poq/verification_key.json"
cp proving-keys/zksign-proving-key/zksign.zkey "${BUNDLE_NAME}/zksign/proving_key.zkey"
cp proving-keys/zksign-proving-key/zksign_verification_key.json "${BUNDLE_NAME}/zksign/verification_key.json"
cp proving-keys/poc-proving-key/poc.zkey "${BUNDLE_NAME}/poc/proving_key.zkey"
cp proving-keys/poc-proving-key/poc_verification_key.json "${BUNDLE_NAME}/poc/verification_key.json"
# Create tarball
tar -czf "${BUNDLE_NAME}.tar.gz" "${BUNDLE_NAME}"
- name: Upload Unified Release Bundle
uses: actions/upload-artifact@de65e23aa2b7e23d713bb51fbfcb6d502f8667d8
with:
name: nomos-circuits-${{ env.OS }}-${{ env.ARCH }}-${{ env.VERSION }}.tar.gz
path: nomos-circuits-${{ env.OS }}-${{ env.ARCH }}-${{ env.VERSION }}.tar.gz
publish-release:
name: Create Release
runs-on: ubuntu-latest
# Only create releases for tags, not for PRs
if: github.ref_type == 'tag' || github.event_name == 'workflow_dispatch'
needs:
- setup
- generate-proving-keys
- build-linux
- build-windows
- build-macos
env:
TAG: ${{ needs.setup.outputs.tag }}
VERSION: ${{ needs.setup.outputs.version }}
outputs:
upload_url: ${{ steps.create_release.outputs.upload_url }}
steps:
- name: Create Release
uses: actions/create-release@4c11c9fe1dcd9636620a16455165783b20fc7ea0
id: create_release
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
tag_name: ${{ env.TAG }}
release_name: Circom Circuits ${{ env.VERSION }}
body: |
This is a release of Circom Circuits ${{ env.VERSION }}.
## Changelog
- feature(X): new feature
- fix(Y): bug description
- feature: performance improvement on Z
## Checklist
Before publishing please ensure:
- [ ] Description is complete
- [ ] Changelog is correct
- [ ] Assets for all platforms exist
- [ ] Pre-release is checked if necessary
- [ ] Remove this checklist before publishing the release.
draft: true
prerelease: true
upload-artifacts:
name: Upload Unified Bundles to Release
runs-on: ubuntu-latest
# Only upload to release for tags, not for PRs
if: github.ref_type == 'tag' || github.event_name == 'workflow_dispatch'
needs:
- setup
- publish-release
strategy:
fail-fast: false
matrix:
platform:
- os: linux
arch: x86_64
- os: macos
arch: aarch64
- os: windows
arch: x86_64
env:
UPLOAD_URL: ${{ needs.publish-release.outputs.upload_url }}
ARTIFACT_NAME: nomos-circuits-${{ matrix.platform.os }}-${{ matrix.platform.arch }}-${{ needs.setup.outputs.version }}.tar.gz
steps:
- name: Download Unified Bundle
uses: actions/download-artifact@448e3f862ab3ef47aa50ff917776823c9946035b
with:
name: ${{ env.ARTIFACT_NAME }}
- name: Upload Unified Bundle to Release
uses: actions/upload-release-asset@ef2adfe8cb8ebfa540930c452c576b3819990faa
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
upload_url: ${{ env.UPLOAD_URL }}
asset_path: ${{ env.ARTIFACT_NAME }}
asset_name: ${{ env.ARTIFACT_NAME }}
asset_content_type: application/octet-stream
Reference in New Issue View Git Blame Copy Permalink