minor improvements

2026-01-08 16:43:12 +00:00 · 2023-11-11 17:14:23 +01:00 · 2023-11-11 17:14:23 +01:00 · 9fd8bba4f0
commit 9fd8bba4f0
parent b4f4f7c97f
6 changed files with 39 additions and 32 deletions
--- a/README.md
+++ b/README.md
@ -10,10 +10,17 @@ The implementation is compatible with the `circom` ecosystem.

 At the moment only the `BN254` (aka. `alt-bn128`) curve is supported.

+### License
+
+Licensed and distributed under either of 
+[MIT license](http://opensource.org/licenses/MIT) or
+[Apache License, v2.0](http://www.apache.org/licenses/LICENSE-2.0),
+at your option. 

 ### TODO

 - [ ] make it a nimble package
+- [ ] refactor `bn128.nim` into smaller files
 - [ ] proper MSM implementation (I couldn't make constantine's one to work)
 - [ ] compare `.r1cs` to the "coeffs" section of `.zkey`
 - [ ] generate fake circuit-specific setup ourselves
--- a/bn128.nim
+++ b/bn128.nim
@ -581,26 +581,28 @@ func `-=`*(p: var G2, q: G2) =    p = addG2(p,negG2(q))

 #-------------------------------------------------------------------------------

-# func msmG1( coeffs: seq[Fr] , points: seq[G1] ): G1 = 
-# 
-#   let N = coeffs.len
-#   assert( N == points.len, "incompatible sequence lengths" )
-# 
-# #  var arr1 = toOpenArray(coeffs, 0, N-1)
-# #  var arr2 = toOpenArray(points, 0, N-1)
-# 
-#   var bigcfs : seq[BigInt[254]]
-#   for x in coeffs:
-#     bigcfs.add( x.toBig() )
-# 
-#   var r : G1
-# 
-#   # [Fp,aff.G1]
-#   msm.multiScalarMul_vartime( r, 
-#     toOpenArray(bigcfs, 0, N-1),
-#     toOpenArray(points, 0, N-1) )
-# 
-#   return r
+#[
+func msmG1( coeffs: seq[Fr] , points: seq[G1] ): G1 = 
+
+  let N = coeffs.len
+  assert( N == points.len, "incompatible sequence lengths" )
+
+#  var arr1 = toOpenArray(coeffs, 0, N-1)
+#  var arr2 = toOpenArray(points, 0, N-1)
+
+  var bigcfs : seq[BigInt[254]]
+  for x in coeffs:
+    bigcfs.add( x.toBig() )
+
+  var r : G1
+
+  # [Fp,aff.G1]
+  msm.multiScalarMul_vartime( r, 
+    toOpenArray(bigcfs, 0, N-1),
+    toOpenArray(points, 0, N-1) )
+
+  return r
+]#

 #-------------------------------------------------------------------------------
 #
--- a/example/prove.sh
+++ b/example/prove.sh
@ -7,11 +7,11 @@ NAME="product"
 mkdir -p build

 # --- compile the circom code ---
+cd ${ORIG}
 circom --r1cs --wasm -o build ${NAME}.circom

-cd build
-
 # --- download powers-of-tau ceremony, if necessary ---
+cd ${ORIG}/build
 PTAU_FILE="power_of_tau_10.ptau"
 if ! test -f ./${PTAU_FILE}; then
  echo "downloading powers-of-tau..."
@ -22,6 +22,7 @@ fi
 PTAU_FILE="`pwd`/${PTAU_FILE}"

 # --- perform circuit-specific setup ---
+cd ${ORIG}/build
 snarkjs groth16 setup ${NAME}.r1cs $PTAU_FILE ${NAME}_0000.zkey
 echo "foobar entropy" | \
 snarkjs zkey contribute ${NAME}_0000.zkey ${NAME}_0001.zkey --name="1st Contributor Name" -v
@ -32,6 +33,7 @@ rm ${NAME}_0001.zkey
 mv ${NAME}_0002.zkey ${NAME}.zkey

 # --- export vericiation key ---
+cd ${ORIG}/build
 snarkjs zkey export verificationkey ${NAME}.zkey ${NAME}_vkey.json

 # --- create public input ---
@ -48,8 +50,8 @@ cd $ORIG/build
 # snarkjs groth16 prove ${NAME}.zkey ${NAME}.wtns snarkjs_proof.json snarkjs_public.json

 # --- build & execute nim prover ---
-echo "building and executing the Nim prover..."
 cd $ORIG
+echo "building and executing the Nim prover..."
 nim c -r --processing:off example.nim

 cd $ORIG/build
--- a/export_json.nim
+++ b/export_json.nim
@ -3,8 +3,6 @@
 # export proof and public input in `circom`-compatible JSON files
 #

-import std/sequtils
-
 import constantine/math/arithmetic   except Fp, Fr
 #import constantine/math/io/io_fields except Fp, Fr

@ -82,6 +80,8 @@ proc exportProof*( fpath: string, prf: Proof ) =
 #-------------------------------------------------------------------------------

 #[
+#import std/sequtils
+
 func getFakeProof*() : Proof = 
  let pub : seq[Fr] = map( [1,101,102,103,117,119] , intToFr )
  let p = unsafeMkG1( intToFp(666) , intToFp(777) )
--- a/groth16.nim
+++ b/groth16.nim
@ -2,11 +2,12 @@
 #
 # Groth16 prover
 #
-# WARNING! the points H are *NOT* what normal people would think they are
+# WARNING! 
+# the points H in `.zkey` are *NOT* what normal people would think they are
 # See <https://geometry.xyz/notebook/the-hidden-little-secret-in-snarkjs>
 #

-#[]
+#[
 import sugar
 import constantine/math/config/curves 
 import constantine/math/io/io_fields
--- a/test_proof.nim
+++ b/test_proof.nim
@ -1,6 +1,5 @@

 import ./groth16
-import ./export_json
 import ./witness
 import ./zkey
 import ./zkey_types
@ -21,10 +20,6 @@ proc testProveAndVerify*( zkey_fname, wtns_fname: string): Proof =
  let ok = verifyProof( vkey, proof)
  echo("verification succeeded = ",ok)

-  # echo("exporting proof...")
-  # exportPublicIO( "my_pub.json" , proof )
-  # exportProof(    "my_prf.json" , proof )
-
  return proof

 #-------------------------------------------------------------------------------