From 2fa89d65802b8b63d2380d4f59538bbd4fb5d715 Mon Sep 17 00:00:00 2001 From: psippl Date: Mon, 31 Jan 2022 19:05:29 +0100 Subject: [PATCH] prove with real params and small refactors --- .gitignore | 1 + Cargo.lock | 2 +- Cargo.toml | 2 +- src/identity.rs | 26 +++++++-------------- src/main.rs | 7 ++++-- src/merkle_tree.rs | 9 ++++++++ src/proof.rs | 57 +++++++++++++--------------------------------- 7 files changed, 41 insertions(+), 63 deletions(-) diff --git a/.gitignore b/.gitignore index ea8c4bf..35058a6 100644 --- a/.gitignore +++ b/.gitignore @@ -1 +1,2 @@ /target +.DS_STORE \ No newline at end of file diff --git a/Cargo.lock b/Cargo.lock index e4c25ef..82d15f1 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -79,7 +79,7 @@ dependencies = [ [[package]] name = "ark-circom" version = "0.1.0" -source = "git+https://github.com/gakonst/ark-circom#1a383b6260fd7b68aaade55af3a9edbd70e7f5f5" +source = "git+https://github.com/philsippl/ark-circom#894aac9a20e5bb8fa26bf9cc7639134147ec1454" dependencies = [ "ark-bn254", "ark-ec", diff --git a/Cargo.toml b/Cargo.toml index a751873..647f152 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -6,7 +6,7 @@ edition = "2021" # See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html [dependencies] -ark-circom = { git = "https://github.com/gakonst/ark-circom", features=["circom-2"] } +ark-circom = { git = "https://github.com/philsippl/ark-circom", features=["circom-2"] } ark-std = { version = "0.3.0", default-features = false, features = ["parallel"] } ark-bn254 = { version = "0.3.0" } ark-groth16 = { git = "https://github.com/arkworks-rs/groth16", rev = "765817f", features = ["parallel"] } diff --git a/src/identity.rs b/src/identity.rs index 0341ace..16462ad 100644 --- a/src/identity.rs +++ b/src/identity.rs @@ -1,12 +1,9 @@ -use color_eyre::Result; use ff::{PrimeField, PrimeFieldRepr}; use num_bigint::{BigInt, Sign}; use once_cell::sync::Lazy; use poseidon_rs::{Fr, FrRepr, Poseidon}; use sha2::{Digest, Sha256}; -use crate::{hash::Hash}; - static POSEIDON: Lazy = Lazy::new(Poseidon::new); fn bigint_to_fr(bi: &BigInt) -> Fr { @@ -32,8 +29,8 @@ fn fr_to_bigint(fr: Fr) -> BigInt { #[derive(Clone, PartialEq, Eq, Debug)] pub struct Identity { - pub identity_trapdoor: BigInt, - pub identity_nullifier: BigInt, + pub trapdoor: BigInt, + pub nullifier: BigInt, } // todo: improve @@ -50,26 +47,26 @@ impl Identity { let seed_hash = &sha(seed); // https://github.com/appliedzkp/zk-kit/blob/1ea410456fc2b95877efa7c671bc390ffbfb5d36/packages/identity/src/identity.ts#L58 - let identity_trapdoor = BigInt::from_bytes_be( + let trapdoor = BigInt::from_bytes_be( Sign::Plus, &sha(format!("{}identity_trapdoor", hex::encode(seed_hash)).as_bytes()), ); - let identity_nullifier = BigInt::from_bytes_be( + let nullifier = BigInt::from_bytes_be( Sign::Plus, &sha(format!("{}identity_nullifier", hex::encode(seed_hash)).as_bytes()), ); Self { - identity_trapdoor, - identity_nullifier, + trapdoor, + nullifier, } } pub fn secret_hash(&self) -> BigInt { let res = POSEIDON .hash(vec![ - bigint_to_fr(&self.identity_nullifier), - bigint_to_fr(&self.identity_trapdoor), + bigint_to_fr(&self.nullifier), + bigint_to_fr(&self.trapdoor), ]) .unwrap(); fr_to_bigint(res) @@ -82,11 +79,4 @@ impl Identity { fr_to_bigint(res) } - pub fn identity_commitment_leaf(&self) -> Hash { - let res = POSEIDON - .hash(vec![bigint_to_fr(&self.identity_commitment())]) - .unwrap(); - - res.into() - } } diff --git a/src/main.rs b/src/main.rs index e0db50e..43047cc 100644 --- a/src/main.rs +++ b/src/main.rs @@ -26,12 +26,15 @@ fn main() { let (_, leaf) = id.identity_commitment().to_bytes_be(); dbg!(&leaf); - tree.set(0, leaf.into()); + tree.set(2, leaf.into()); let root: BigInt = tree.root().into(); dbg!(root); - let proof = tree.proof(0).expect("proof should exist"); + let proof = tree.proof(2).expect("proof should exist"); + + dbg!(proof.path_index()); + // let proof: Vec = proof.0.iter().map(|x| { // match x { // Branch::Left(value) => value.into(), diff --git a/src/merkle_tree.rs b/src/merkle_tree.rs index 78e7e63..1e9546e 100644 --- a/src/merkle_tree.rs +++ b/src/merkle_tree.rs @@ -173,6 +173,15 @@ impl Proof { }) } + /// Compute path index (TODO: do we want to keep this here?) + #[allow(dead_code)] + pub fn path_index(&self) -> Vec { + self.0.iter().map(|branch| match branch { + Branch::Left(_) => BigInt::from(0), + Branch::Right(_) => BigInt::from(1), + }).collect() + } + /// Compute the Merkle root given a leaf hash #[allow(dead_code)] pub fn root(&self, hash: H::Hash) -> H::Hash { diff --git a/src/proof.rs b/src/proof.rs index e7d311b..ecda953 100644 --- a/src/proof.rs +++ b/src/proof.rs @@ -1,4 +1,4 @@ -use ark_circom::{CircomConfig, CircomBuilder, read_zkey, WitnessCalculator, CircomReduction}; +use ark_circom::{read_zkey, WitnessCalculator, CircomReduction}; use ark_std::rand::thread_rng; use ark_bn254::Bn254; use color_eyre::Result; @@ -9,19 +9,21 @@ use std::{collections::HashMap, fs::File}; use crate::{identity::*, poseidon_tree::{Proof}, merkle_tree::Branch}; use ark_groth16::{ - create_random_proof as prove, generate_random_parameters, prepare_verifying_key, verify_proof, create_proof_with_reduction_and_matrices, + prepare_verifying_key, verify_proof, create_proof_with_reduction_and_matrices, }; -// WIP: uses dummy proofs for now -pub fn proof_signal(identity: &Identity, proof: &Proof) -> Result<()> { - - // TODO: we should create a From trait for this - let proof = proof.0.iter().map(|x| { +// TODO: we should create a From trait for this +fn proof_to_vec(proof: &Proof) -> Vec { + proof.0.iter().map(|x| { match x { Branch::Left(value) => value.into(), Branch::Right(value) => value.into(), } - }).collect::>(); + }).collect::>() +} + +// WIP: uses dummy proofs for now +pub fn proof_signal(identity: &Identity, merkle_proof: &Proof, external_nullifier: BigInt) -> Result<()> { let mut file = File::open("./snarkfiles/semaphore.zkey").unwrap(); let (params, matrices) = read_zkey(&mut file).unwrap(); @@ -29,40 +31,13 @@ pub fn proof_signal(identity: &Identity, proof: &Proof) -> Result<()> { let num_constraints = matrices.num_constraints; let inputs = { - let mut inputs: HashMap> = HashMap::new(); + let mut inputs: HashMap> = HashMap::new(); - let values = inputs.entry("identity_nullifier".to_string()).or_insert_with(Vec::new); - values.push(BigInt::parse_bytes( - b"4344141139294650952352150677542411196253771789435022697920397562624821372579", - 10, - ) - .unwrap()); - - // - - let values = inputs.entry("identity_trapdoor".to_string()).or_insert_with(Vec::new); - values.push(BigInt::parse_bytes( - b"57215223214535428002775309386374815284773502419290683020798284477163412139477", - 10, - ) - .unwrap()); - - // - - let values = inputs.entry("identity_path_index".to_string()).or_insert_with(Vec::new); - values.push(BigInt::from(0 as i32)); - values.push(BigInt::from(0 as i32)); - - // - let values = inputs.entry("path_elements".to_string()).or_insert_with(Vec::new); - for el in proof { - values.push(el); - } - - // - - let values = inputs.entry("external_nullifier".to_string()).or_insert_with(Vec::new); - values.push(BigInt::from(123 as i32)); + inputs.insert("identity_nullifier".to_string(), vec![identity.nullifier.clone()]); + inputs.insert("identity_trapdoor".to_string(), vec![identity.trapdoor.clone()]); + inputs.insert("identity_path_index".to_string(), merkle_proof.path_index()); + inputs.insert("path_elements".to_string(), proof_to_vec(merkle_proof)); + inputs.insert("external_nullifier".to_string(), vec![external_nullifier]); //