mirror of
https://github.com/vacp2p/rln-contract.git
synced 2025-01-24 05:20:16 +00:00
1359 lines
16 KiB
Markdown
1359 lines
16 KiB
Markdown
# Solidity API
|
|
|
|
## IVerifier
|
|
|
|
### verifyProof
|
|
|
|
```solidity
|
|
function verifyProof(uint256[2] a, uint256[2][2] b, uint256[2] c, uint256[2] input) external view returns (bool)
|
|
```
|
|
|
|
## IPoseidonHasher
|
|
|
|
### hash
|
|
|
|
```solidity
|
|
function hash(uint256 input) external pure returns (uint256 result)
|
|
```
|
|
|
|
Hashes the input using the Poseidon hash function, n = 2, second input is the constant 0
|
|
|
|
#### Parameters
|
|
|
|
| Name | Type | Description |
|
|
| ---- | ---- | ----------- |
|
|
| input | uint256 | The input to hash |
|
|
|
|
## PoseidonHasher
|
|
|
|
### Q
|
|
|
|
```solidity
|
|
uint256 Q
|
|
```
|
|
|
|
### C0
|
|
|
|
```solidity
|
|
uint256 C0
|
|
```
|
|
|
|
### C1
|
|
|
|
```solidity
|
|
uint256 C1
|
|
```
|
|
|
|
### C2
|
|
|
|
```solidity
|
|
uint256 C2
|
|
```
|
|
|
|
### C3
|
|
|
|
```solidity
|
|
uint256 C3
|
|
```
|
|
|
|
### C4
|
|
|
|
```solidity
|
|
uint256 C4
|
|
```
|
|
|
|
### C5
|
|
|
|
```solidity
|
|
uint256 C5
|
|
```
|
|
|
|
### C6
|
|
|
|
```solidity
|
|
uint256 C6
|
|
```
|
|
|
|
### C7
|
|
|
|
```solidity
|
|
uint256 C7
|
|
```
|
|
|
|
### C8
|
|
|
|
```solidity
|
|
uint256 C8
|
|
```
|
|
|
|
### C9
|
|
|
|
```solidity
|
|
uint256 C9
|
|
```
|
|
|
|
### C10
|
|
|
|
```solidity
|
|
uint256 C10
|
|
```
|
|
|
|
### C11
|
|
|
|
```solidity
|
|
uint256 C11
|
|
```
|
|
|
|
### C12
|
|
|
|
```solidity
|
|
uint256 C12
|
|
```
|
|
|
|
### C13
|
|
|
|
```solidity
|
|
uint256 C13
|
|
```
|
|
|
|
### C14
|
|
|
|
```solidity
|
|
uint256 C14
|
|
```
|
|
|
|
### C15
|
|
|
|
```solidity
|
|
uint256 C15
|
|
```
|
|
|
|
### C16
|
|
|
|
```solidity
|
|
uint256 C16
|
|
```
|
|
|
|
### C17
|
|
|
|
```solidity
|
|
uint256 C17
|
|
```
|
|
|
|
### C18
|
|
|
|
```solidity
|
|
uint256 C18
|
|
```
|
|
|
|
### C19
|
|
|
|
```solidity
|
|
uint256 C19
|
|
```
|
|
|
|
### C20
|
|
|
|
```solidity
|
|
uint256 C20
|
|
```
|
|
|
|
### C21
|
|
|
|
```solidity
|
|
uint256 C21
|
|
```
|
|
|
|
### C22
|
|
|
|
```solidity
|
|
uint256 C22
|
|
```
|
|
|
|
### C23
|
|
|
|
```solidity
|
|
uint256 C23
|
|
```
|
|
|
|
### C24
|
|
|
|
```solidity
|
|
uint256 C24
|
|
```
|
|
|
|
### C25
|
|
|
|
```solidity
|
|
uint256 C25
|
|
```
|
|
|
|
### C26
|
|
|
|
```solidity
|
|
uint256 C26
|
|
```
|
|
|
|
### C27
|
|
|
|
```solidity
|
|
uint256 C27
|
|
```
|
|
|
|
### C28
|
|
|
|
```solidity
|
|
uint256 C28
|
|
```
|
|
|
|
### C29
|
|
|
|
```solidity
|
|
uint256 C29
|
|
```
|
|
|
|
### C30
|
|
|
|
```solidity
|
|
uint256 C30
|
|
```
|
|
|
|
### C31
|
|
|
|
```solidity
|
|
uint256 C31
|
|
```
|
|
|
|
### C32
|
|
|
|
```solidity
|
|
uint256 C32
|
|
```
|
|
|
|
### C33
|
|
|
|
```solidity
|
|
uint256 C33
|
|
```
|
|
|
|
### C34
|
|
|
|
```solidity
|
|
uint256 C34
|
|
```
|
|
|
|
### C35
|
|
|
|
```solidity
|
|
uint256 C35
|
|
```
|
|
|
|
### C36
|
|
|
|
```solidity
|
|
uint256 C36
|
|
```
|
|
|
|
### C37
|
|
|
|
```solidity
|
|
uint256 C37
|
|
```
|
|
|
|
### C38
|
|
|
|
```solidity
|
|
uint256 C38
|
|
```
|
|
|
|
### C39
|
|
|
|
```solidity
|
|
uint256 C39
|
|
```
|
|
|
|
### C40
|
|
|
|
```solidity
|
|
uint256 C40
|
|
```
|
|
|
|
### C41
|
|
|
|
```solidity
|
|
uint256 C41
|
|
```
|
|
|
|
### C42
|
|
|
|
```solidity
|
|
uint256 C42
|
|
```
|
|
|
|
### C43
|
|
|
|
```solidity
|
|
uint256 C43
|
|
```
|
|
|
|
### C44
|
|
|
|
```solidity
|
|
uint256 C44
|
|
```
|
|
|
|
### C45
|
|
|
|
```solidity
|
|
uint256 C45
|
|
```
|
|
|
|
### C46
|
|
|
|
```solidity
|
|
uint256 C46
|
|
```
|
|
|
|
### C47
|
|
|
|
```solidity
|
|
uint256 C47
|
|
```
|
|
|
|
### C48
|
|
|
|
```solidity
|
|
uint256 C48
|
|
```
|
|
|
|
### C49
|
|
|
|
```solidity
|
|
uint256 C49
|
|
```
|
|
|
|
### C50
|
|
|
|
```solidity
|
|
uint256 C50
|
|
```
|
|
|
|
### C51
|
|
|
|
```solidity
|
|
uint256 C51
|
|
```
|
|
|
|
### C52
|
|
|
|
```solidity
|
|
uint256 C52
|
|
```
|
|
|
|
### C53
|
|
|
|
```solidity
|
|
uint256 C53
|
|
```
|
|
|
|
### C54
|
|
|
|
```solidity
|
|
uint256 C54
|
|
```
|
|
|
|
### C55
|
|
|
|
```solidity
|
|
uint256 C55
|
|
```
|
|
|
|
### C56
|
|
|
|
```solidity
|
|
uint256 C56
|
|
```
|
|
|
|
### C57
|
|
|
|
```solidity
|
|
uint256 C57
|
|
```
|
|
|
|
### C58
|
|
|
|
```solidity
|
|
uint256 C58
|
|
```
|
|
|
|
### C59
|
|
|
|
```solidity
|
|
uint256 C59
|
|
```
|
|
|
|
### C60
|
|
|
|
```solidity
|
|
uint256 C60
|
|
```
|
|
|
|
### C61
|
|
|
|
```solidity
|
|
uint256 C61
|
|
```
|
|
|
|
### C62
|
|
|
|
```solidity
|
|
uint256 C62
|
|
```
|
|
|
|
### C63
|
|
|
|
```solidity
|
|
uint256 C63
|
|
```
|
|
|
|
### C64
|
|
|
|
```solidity
|
|
uint256 C64
|
|
```
|
|
|
|
### C65
|
|
|
|
```solidity
|
|
uint256 C65
|
|
```
|
|
|
|
### C66
|
|
|
|
```solidity
|
|
uint256 C66
|
|
```
|
|
|
|
### C67
|
|
|
|
```solidity
|
|
uint256 C67
|
|
```
|
|
|
|
### C68
|
|
|
|
```solidity
|
|
uint256 C68
|
|
```
|
|
|
|
### C69
|
|
|
|
```solidity
|
|
uint256 C69
|
|
```
|
|
|
|
### C70
|
|
|
|
```solidity
|
|
uint256 C70
|
|
```
|
|
|
|
### C71
|
|
|
|
```solidity
|
|
uint256 C71
|
|
```
|
|
|
|
### C72
|
|
|
|
```solidity
|
|
uint256 C72
|
|
```
|
|
|
|
### C73
|
|
|
|
```solidity
|
|
uint256 C73
|
|
```
|
|
|
|
### C74
|
|
|
|
```solidity
|
|
uint256 C74
|
|
```
|
|
|
|
### C75
|
|
|
|
```solidity
|
|
uint256 C75
|
|
```
|
|
|
|
### C76
|
|
|
|
```solidity
|
|
uint256 C76
|
|
```
|
|
|
|
### C77
|
|
|
|
```solidity
|
|
uint256 C77
|
|
```
|
|
|
|
### C78
|
|
|
|
```solidity
|
|
uint256 C78
|
|
```
|
|
|
|
### C79
|
|
|
|
```solidity
|
|
uint256 C79
|
|
```
|
|
|
|
### C80
|
|
|
|
```solidity
|
|
uint256 C80
|
|
```
|
|
|
|
### C81
|
|
|
|
```solidity
|
|
uint256 C81
|
|
```
|
|
|
|
### C82
|
|
|
|
```solidity
|
|
uint256 C82
|
|
```
|
|
|
|
### C83
|
|
|
|
```solidity
|
|
uint256 C83
|
|
```
|
|
|
|
### C84
|
|
|
|
```solidity
|
|
uint256 C84
|
|
```
|
|
|
|
### C85
|
|
|
|
```solidity
|
|
uint256 C85
|
|
```
|
|
|
|
### C86
|
|
|
|
```solidity
|
|
uint256 C86
|
|
```
|
|
|
|
### C87
|
|
|
|
```solidity
|
|
uint256 C87
|
|
```
|
|
|
|
### C88
|
|
|
|
```solidity
|
|
uint256 C88
|
|
```
|
|
|
|
### C89
|
|
|
|
```solidity
|
|
uint256 C89
|
|
```
|
|
|
|
### C90
|
|
|
|
```solidity
|
|
uint256 C90
|
|
```
|
|
|
|
### C91
|
|
|
|
```solidity
|
|
uint256 C91
|
|
```
|
|
|
|
### C92
|
|
|
|
```solidity
|
|
uint256 C92
|
|
```
|
|
|
|
### C93
|
|
|
|
```solidity
|
|
uint256 C93
|
|
```
|
|
|
|
### C94
|
|
|
|
```solidity
|
|
uint256 C94
|
|
```
|
|
|
|
### C95
|
|
|
|
```solidity
|
|
uint256 C95
|
|
```
|
|
|
|
### C96
|
|
|
|
```solidity
|
|
uint256 C96
|
|
```
|
|
|
|
### C97
|
|
|
|
```solidity
|
|
uint256 C97
|
|
```
|
|
|
|
### C98
|
|
|
|
```solidity
|
|
uint256 C98
|
|
```
|
|
|
|
### C99
|
|
|
|
```solidity
|
|
uint256 C99
|
|
```
|
|
|
|
### C100
|
|
|
|
```solidity
|
|
uint256 C100
|
|
```
|
|
|
|
### C101
|
|
|
|
```solidity
|
|
uint256 C101
|
|
```
|
|
|
|
### C102
|
|
|
|
```solidity
|
|
uint256 C102
|
|
```
|
|
|
|
### C103
|
|
|
|
```solidity
|
|
uint256 C103
|
|
```
|
|
|
|
### C104
|
|
|
|
```solidity
|
|
uint256 C104
|
|
```
|
|
|
|
### C105
|
|
|
|
```solidity
|
|
uint256 C105
|
|
```
|
|
|
|
### C106
|
|
|
|
```solidity
|
|
uint256 C106
|
|
```
|
|
|
|
### C107
|
|
|
|
```solidity
|
|
uint256 C107
|
|
```
|
|
|
|
### C108
|
|
|
|
```solidity
|
|
uint256 C108
|
|
```
|
|
|
|
### C109
|
|
|
|
```solidity
|
|
uint256 C109
|
|
```
|
|
|
|
### C110
|
|
|
|
```solidity
|
|
uint256 C110
|
|
```
|
|
|
|
### C111
|
|
|
|
```solidity
|
|
uint256 C111
|
|
```
|
|
|
|
### C112
|
|
|
|
```solidity
|
|
uint256 C112
|
|
```
|
|
|
|
### C113
|
|
|
|
```solidity
|
|
uint256 C113
|
|
```
|
|
|
|
### C114
|
|
|
|
```solidity
|
|
uint256 C114
|
|
```
|
|
|
|
### C115
|
|
|
|
```solidity
|
|
uint256 C115
|
|
```
|
|
|
|
### C116
|
|
|
|
```solidity
|
|
uint256 C116
|
|
```
|
|
|
|
### C117
|
|
|
|
```solidity
|
|
uint256 C117
|
|
```
|
|
|
|
### C118
|
|
|
|
```solidity
|
|
uint256 C118
|
|
```
|
|
|
|
### C119
|
|
|
|
```solidity
|
|
uint256 C119
|
|
```
|
|
|
|
### C120
|
|
|
|
```solidity
|
|
uint256 C120
|
|
```
|
|
|
|
### C121
|
|
|
|
```solidity
|
|
uint256 C121
|
|
```
|
|
|
|
### C122
|
|
|
|
```solidity
|
|
uint256 C122
|
|
```
|
|
|
|
### C123
|
|
|
|
```solidity
|
|
uint256 C123
|
|
```
|
|
|
|
### C124
|
|
|
|
```solidity
|
|
uint256 C124
|
|
```
|
|
|
|
### C125
|
|
|
|
```solidity
|
|
uint256 C125
|
|
```
|
|
|
|
### C126
|
|
|
|
```solidity
|
|
uint256 C126
|
|
```
|
|
|
|
### C127
|
|
|
|
```solidity
|
|
uint256 C127
|
|
```
|
|
|
|
### M00
|
|
|
|
```solidity
|
|
uint256 M00
|
|
```
|
|
|
|
### M01
|
|
|
|
```solidity
|
|
uint256 M01
|
|
```
|
|
|
|
### M10
|
|
|
|
```solidity
|
|
uint256 M10
|
|
```
|
|
|
|
### M11
|
|
|
|
```solidity
|
|
uint256 M11
|
|
```
|
|
|
|
### hash
|
|
|
|
```solidity
|
|
function hash(uint256 input) external pure returns (uint256 result)
|
|
```
|
|
|
|
Hashes the input using the Poseidon hash function, n = 2, second input is the constant 0
|
|
|
|
#### Parameters
|
|
|
|
| Name | Type | Description |
|
|
| ---- | ---- | ----------- |
|
|
| input | uint256 | The input to hash |
|
|
|
|
### _hash
|
|
|
|
```solidity
|
|
function _hash(uint256 input) internal pure returns (uint256 result)
|
|
```
|
|
|
|
## Rln
|
|
|
|
### constructor
|
|
|
|
```solidity
|
|
constructor(uint256 membershipDeposit, uint256 depth, address _poseidonHasher, address _verifier) public
|
|
```
|
|
|
|
### _validateRegistration
|
|
|
|
```solidity
|
|
function _validateRegistration(uint256 idCommitment) internal pure
|
|
```
|
|
|
|
_Inheriting contracts MUST override this function_
|
|
|
|
### _validateSlash
|
|
|
|
```solidity
|
|
function _validateSlash(uint256 idCommitment, address payable receiver, uint256[8] proof) internal pure
|
|
```
|
|
|
|
## FullTree
|
|
|
|
```solidity
|
|
error FullTree()
|
|
```
|
|
|
|
The tree is full
|
|
|
|
## InsufficientDeposit
|
|
|
|
```solidity
|
|
error InsufficientDeposit(uint256 required, uint256 provided)
|
|
```
|
|
|
|
Invalid deposit amount
|
|
|
|
### Parameters
|
|
|
|
| Name | Type | Description |
|
|
| ---- | ---- | ----------- |
|
|
| required | uint256 | The required deposit amount |
|
|
| provided | uint256 | The provided deposit amount |
|
|
|
|
## DuplicateIdCommitment
|
|
|
|
```solidity
|
|
error DuplicateIdCommitment()
|
|
```
|
|
|
|
Member is already registered
|
|
|
|
## FailedValidation
|
|
|
|
```solidity
|
|
error FailedValidation()
|
|
```
|
|
|
|
Failed validation on registration/slashing
|
|
|
|
## InvalidIdCommitment
|
|
|
|
```solidity
|
|
error InvalidIdCommitment(uint256 idCommitment)
|
|
```
|
|
|
|
Invalid idCommitment
|
|
|
|
## InvalidReceiverAddress
|
|
|
|
```solidity
|
|
error InvalidReceiverAddress(address to)
|
|
```
|
|
|
|
Invalid receiver address, when the receiver is the contract itself or 0x0
|
|
|
|
## MemberNotRegistered
|
|
|
|
```solidity
|
|
error MemberNotRegistered(uint256 idCommitment)
|
|
```
|
|
|
|
Member is not registered
|
|
|
|
## MemberHasNoStake
|
|
|
|
```solidity
|
|
error MemberHasNoStake(uint256 idCommitment)
|
|
```
|
|
|
|
Member has no stake
|
|
|
|
## InsufficientWithdrawalBalance
|
|
|
|
```solidity
|
|
error InsufficientWithdrawalBalance()
|
|
```
|
|
|
|
User has insufficient balance to withdraw
|
|
|
|
## InsufficientContractBalance
|
|
|
|
```solidity
|
|
error InsufficientContractBalance()
|
|
```
|
|
|
|
Contract has insufficient balance to return
|
|
|
|
## InvalidProof
|
|
|
|
```solidity
|
|
error InvalidProof()
|
|
```
|
|
|
|
Invalid proof
|
|
|
|
## RlnBase
|
|
|
|
### MEMBERSHIP_DEPOSIT
|
|
|
|
```solidity
|
|
uint256 MEMBERSHIP_DEPOSIT
|
|
```
|
|
|
|
The deposit amount required to register as a member
|
|
|
|
### DEPTH
|
|
|
|
```solidity
|
|
uint256 DEPTH
|
|
```
|
|
|
|
The depth of the merkle tree
|
|
|
|
### SET_SIZE
|
|
|
|
```solidity
|
|
uint256 SET_SIZE
|
|
```
|
|
|
|
The size of the merkle tree, i.e 2^depth
|
|
|
|
### idCommitmentIndex
|
|
|
|
```solidity
|
|
uint256 idCommitmentIndex
|
|
```
|
|
|
|
The index of the next member to be registered
|
|
|
|
### stakedAmounts
|
|
|
|
```solidity
|
|
mapping(uint256 => uint256) stakedAmounts
|
|
```
|
|
|
|
The amount of eth staked by each member
|
|
maps from idCommitment to the amount staked
|
|
|
|
### members
|
|
|
|
```solidity
|
|
mapping(uint256 => uint256) members
|
|
```
|
|
|
|
The membership status of each member
|
|
maps from idCommitment to their index in the set
|
|
|
|
### withdrawalBalance
|
|
|
|
```solidity
|
|
mapping(address => uint256) withdrawalBalance
|
|
```
|
|
|
|
The balance of each user that can be withdrawn
|
|
|
|
### poseidonHasher
|
|
|
|
```solidity
|
|
contract PoseidonHasher poseidonHasher
|
|
```
|
|
|
|
The Poseidon hasher contract
|
|
|
|
### verifier
|
|
|
|
```solidity
|
|
contract IVerifier verifier
|
|
```
|
|
|
|
The groth16 verifier contract
|
|
|
|
### MemberRegistered
|
|
|
|
```solidity
|
|
event MemberRegistered(uint256 idCommitment, uint256 index)
|
|
```
|
|
|
|
Emitted when a new member is added to the set
|
|
|
|
#### Parameters
|
|
|
|
| Name | Type | Description |
|
|
| ---- | ---- | ----------- |
|
|
| idCommitment | uint256 | The idCommitment of the member |
|
|
| index | uint256 | The index of the member in the set |
|
|
|
|
### MemberWithdrawn
|
|
|
|
```solidity
|
|
event MemberWithdrawn(uint256 idCommitment, uint256 index)
|
|
```
|
|
|
|
Emitted when a member is removed from the set
|
|
|
|
#### Parameters
|
|
|
|
| Name | Type | Description |
|
|
| ---- | ---- | ----------- |
|
|
| idCommitment | uint256 | The idCommitment of the member |
|
|
| index | uint256 | The index of the member in the set |
|
|
|
|
### onlyValidIdCommitment
|
|
|
|
```solidity
|
|
modifier onlyValidIdCommitment(uint256 idCommitment)
|
|
```
|
|
|
|
### constructor
|
|
|
|
```solidity
|
|
constructor(uint256 membershipDeposit, uint256 depth, address _poseidonHasher, address _verifier) internal
|
|
```
|
|
|
|
### register
|
|
|
|
```solidity
|
|
function register(uint256 idCommitment) external payable virtual
|
|
```
|
|
|
|
Allows a user to register as a member
|
|
|
|
#### Parameters
|
|
|
|
| Name | Type | Description |
|
|
| ---- | ---- | ----------- |
|
|
| idCommitment | uint256 | The idCommitment of the member |
|
|
|
|
### _register
|
|
|
|
```solidity
|
|
function _register(uint256 idCommitment, uint256 stake) internal virtual
|
|
```
|
|
|
|
Registers a member
|
|
|
|
#### Parameters
|
|
|
|
| Name | Type | Description |
|
|
| ---- | ---- | ----------- |
|
|
| idCommitment | uint256 | The idCommitment of the member |
|
|
| stake | uint256 | The amount of eth staked by the member |
|
|
|
|
### _validateRegistration
|
|
|
|
```solidity
|
|
function _validateRegistration(uint256 idCommitment) internal view virtual
|
|
```
|
|
|
|
_Inheriting contracts MUST override this function_
|
|
|
|
### slash
|
|
|
|
```solidity
|
|
function slash(uint256 idCommitment, address payable receiver, uint256[8] proof) external virtual
|
|
```
|
|
|
|
_Allows a user to slash a member_
|
|
|
|
#### Parameters
|
|
|
|
| Name | Type | Description |
|
|
| ---- | ---- | ----------- |
|
|
| idCommitment | uint256 | The idCommitment of the member |
|
|
| receiver | address payable | |
|
|
| proof | uint256[8] | |
|
|
|
|
### _slash
|
|
|
|
```solidity
|
|
function _slash(uint256 idCommitment, address payable receiver, uint256[8] proof) internal virtual
|
|
```
|
|
|
|
_Slashes a member by removing them from the set, and adding their
|
|
stake to the receiver's available withdrawal balance_
|
|
|
|
#### Parameters
|
|
|
|
| Name | Type | Description |
|
|
| ---- | ---- | ----------- |
|
|
| idCommitment | uint256 | The idCommitment of the member |
|
|
| receiver | address payable | The address to receive the funds |
|
|
| proof | uint256[8] | |
|
|
|
|
### _validateSlash
|
|
|
|
```solidity
|
|
function _validateSlash(uint256 idCommitment, address payable receiver, uint256[8] proof) internal view virtual
|
|
```
|
|
|
|
### withdraw
|
|
|
|
```solidity
|
|
function withdraw() external virtual
|
|
```
|
|
|
|
Allows a user to withdraw funds allocated to them upon slashing a member
|
|
|
|
### hash
|
|
|
|
```solidity
|
|
function hash(uint256 input) internal view returns (uint256)
|
|
```
|
|
|
|
Hashes a value using the Poseidon hasher
|
|
NOTE: The variant of Poseidon we use accepts only 1 input, assume n=2, and the second input is 0
|
|
|
|
#### Parameters
|
|
|
|
| Name | Type | Description |
|
|
| ---- | ---- | ----------- |
|
|
| input | uint256 | The value to hash |
|
|
|
|
### isValidCommitment
|
|
|
|
```solidity
|
|
function isValidCommitment(uint256 idCommitment) public view returns (bool)
|
|
```
|
|
|
|
### _verifyProof
|
|
|
|
```solidity
|
|
function _verifyProof(uint256 idCommitment, address receiver, uint256[8] proof) internal view virtual returns (bool)
|
|
```
|
|
|
|
_Groth16 proof verification_
|
|
|
|
## Pairing
|
|
|
|
### G1Point
|
|
|
|
```solidity
|
|
struct G1Point {
|
|
uint256 X;
|
|
uint256 Y;
|
|
}
|
|
```
|
|
|
|
### G2Point
|
|
|
|
```solidity
|
|
struct G2Point {
|
|
uint256[2] X;
|
|
uint256[2] Y;
|
|
}
|
|
```
|
|
|
|
### P1
|
|
|
|
```solidity
|
|
function P1() internal pure returns (struct Pairing.G1Point)
|
|
```
|
|
|
|
#### Return Values
|
|
|
|
| Name | Type | Description |
|
|
| ---- | ---- | ----------- |
|
|
| [0] | struct Pairing.G1Point | the generator of G1 |
|
|
|
|
### P2
|
|
|
|
```solidity
|
|
function P2() internal pure returns (struct Pairing.G2Point)
|
|
```
|
|
|
|
#### Return Values
|
|
|
|
| Name | Type | Description |
|
|
| ---- | ---- | ----------- |
|
|
| [0] | struct Pairing.G2Point | the generator of G2 |
|
|
|
|
### negate
|
|
|
|
```solidity
|
|
function negate(struct Pairing.G1Point p) internal pure returns (struct Pairing.G1Point r)
|
|
```
|
|
|
|
#### Return Values
|
|
|
|
| Name | Type | Description |
|
|
| ---- | ---- | ----------- |
|
|
| r | struct Pairing.G1Point | the negation of p, i.e. p.addition(p.negate()) should be zero. |
|
|
|
|
### addition
|
|
|
|
```solidity
|
|
function addition(struct Pairing.G1Point p1, struct Pairing.G1Point p2) internal view returns (struct Pairing.G1Point r)
|
|
```
|
|
|
|
#### Return Values
|
|
|
|
| Name | Type | Description |
|
|
| ---- | ---- | ----------- |
|
|
| r | struct Pairing.G1Point | the sum of two points of G1 |
|
|
|
|
### scalar_mul
|
|
|
|
```solidity
|
|
function scalar_mul(struct Pairing.G1Point p, uint256 s) internal view returns (struct Pairing.G1Point r)
|
|
```
|
|
|
|
#### Return Values
|
|
|
|
| Name | Type | Description |
|
|
| ---- | ---- | ----------- |
|
|
| r | struct Pairing.G1Point | the product of a point on G1 and a scalar, i.e. p == p.scalar_mul(1) and p.addition(p) == p.scalar_mul(2) for all points p. |
|
|
|
|
### pairing
|
|
|
|
```solidity
|
|
function pairing(struct Pairing.G1Point[] p1, struct Pairing.G2Point[] p2) internal view returns (bool)
|
|
```
|
|
|
|
#### Return Values
|
|
|
|
| Name | Type | Description |
|
|
| ---- | ---- | ----------- |
|
|
| [0] | bool | the result of computing the pairing check e(p1[0], p2[0]) * .... * e(p1[n], p2[n]) == 1 For example pairing([P1(), P1().negate()], [P2(), P2()]) should return true. |
|
|
|
|
### pairingProd2
|
|
|
|
```solidity
|
|
function pairingProd2(struct Pairing.G1Point a1, struct Pairing.G2Point a2, struct Pairing.G1Point b1, struct Pairing.G2Point b2) internal view returns (bool)
|
|
```
|
|
|
|
Convenience method for a pairing check for two pairs.
|
|
|
|
### pairingProd3
|
|
|
|
```solidity
|
|
function pairingProd3(struct Pairing.G1Point a1, struct Pairing.G2Point a2, struct Pairing.G1Point b1, struct Pairing.G2Point b2, struct Pairing.G1Point c1, struct Pairing.G2Point c2) internal view returns (bool)
|
|
```
|
|
|
|
Convenience method for a pairing check for three pairs.
|
|
|
|
### pairingProd4
|
|
|
|
```solidity
|
|
function pairingProd4(struct Pairing.G1Point a1, struct Pairing.G2Point a2, struct Pairing.G1Point b1, struct Pairing.G2Point b2, struct Pairing.G1Point c1, struct Pairing.G2Point c2, struct Pairing.G1Point d1, struct Pairing.G2Point d2) internal view returns (bool)
|
|
```
|
|
|
|
Convenience method for a pairing check for four pairs.
|
|
|
|
## Verifier
|
|
|
|
### VerifyingKey
|
|
|
|
```solidity
|
|
struct VerifyingKey {
|
|
struct Pairing.G1Point alfa1;
|
|
struct Pairing.G2Point beta2;
|
|
struct Pairing.G2Point gamma2;
|
|
struct Pairing.G2Point delta2;
|
|
struct Pairing.G1Point[] IC;
|
|
}
|
|
```
|
|
|
|
### Proof
|
|
|
|
```solidity
|
|
struct Proof {
|
|
struct Pairing.G1Point A;
|
|
struct Pairing.G2Point B;
|
|
struct Pairing.G1Point C;
|
|
}
|
|
```
|
|
|
|
### verifyingKey
|
|
|
|
```solidity
|
|
function verifyingKey() internal pure returns (struct Verifier.VerifyingKey vk)
|
|
```
|
|
|
|
### verify
|
|
|
|
```solidity
|
|
function verify(uint256[] input, struct Verifier.Proof proof) internal view returns (uint256)
|
|
```
|
|
|
|
### verifyProof
|
|
|
|
```solidity
|
|
function verifyProof(uint256[2] a, uint256[2][2] b, uint256[2] c, uint256[2] input) public view returns (bool r)
|
|
```
|
|
|
|
#### Return Values
|
|
|
|
| Name | Type | Description |
|
|
| ---- | ---- | ----------- |
|
|
| r | bool | bool true if proof is valid |
|
|
|