forked from scipr-lab/libsnark
/
run_r1cs_ppzksnark.tcc
138 lines (104 loc) · 5.31 KB
/
run_r1cs_ppzksnark.tcc
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
/** @file
*****************************************************************************
Implementation of functionality that runs the R1CS ppzkSNARK for
a given R1CS example.
See run_r1cs_ppzksnark.hpp .
*****************************************************************************
* @author This file is part of libsnark, developed by SCIPR Lab
* and contributors (see AUTHORS).
* @copyright MIT license (see LICENSE file)
*****************************************************************************/
#ifndef RUN_R1CS_PPZKSNARK_TCC_
#define RUN_R1CS_PPZKSNARK_TCC_
#include "zk_proof_systems/ppzksnark/r1cs_ppzksnark/r1cs_ppzksnark.hpp"
#include <sstream>
#include <type_traits>
#include "common/profiling.hpp"
namespace libsnark {
template<typename ppT>
typename std::enable_if<ppT::has_affine_pairing, void>::type
test_affine_verifier(const r1cs_ppzksnark_verification_key<ppT> &vk,
const r1cs_ppzksnark_primary_input<ppT> &primary_input,
const r1cs_ppzksnark_proof<ppT> &proof,
const bool expected_answer)
{
print_header("R1CS ppzkSNARK Affine Verifier");
const bool answer = r1cs_ppzksnark_affine_verifier_weak_IC<ppT>(vk, primary_input, proof);
assert(answer == expected_answer);
}
template<typename ppT>
typename std::enable_if<!ppT::has_affine_pairing, void>::type
test_affine_verifier(const r1cs_ppzksnark_verification_key<ppT> &vk,
const r1cs_ppzksnark_primary_input<ppT> &primary_input,
const r1cs_ppzksnark_proof<ppT> &proof,
const bool expected_answer)
{
UNUSED(vk, primary_input, proof, expected_answer);
print_header("R1CS ppzkSNARK Affine Verifier");
printf("Affine verifier is not supported; not testing anything.\n");
}
/**
* The code below provides an example of all stages of running a R1CS ppzkSNARK.
*
* Of course, in a real-life scenario, we would have three distinct entities,
* mangled into one in the demonstration below. The three entities are as follows.
* (1) The "generator", which runs the ppzkSNARK generator on input a given
* constraint system CS to create a proving and a verification key for CS.
* (2) The "prover", which runs the ppzkSNARK prover on input the proving key,
* a primary input for CS, and an auxiliary input for CS.
* (3) The "verifier", which runs the ppzkSNARK verifier on input the verification key,
* a primary input for CS, and a proof.
*/
template<typename ppT>
bool run_r1cs_ppzksnark(const r1cs_example<Fr<ppT> > &example,
const bool test_serialization)
{
enter_block("Call to run_r1cs_ppzksnark");
print_header("R1CS ppzkSNARK Generator");
r1cs_ppzksnark_keypair<ppT> keypair = r1cs_ppzksnark_generator<ppT>(example.constraint_system);
printf("\n"); print_indent(); print_mem("after generator");
print_header("Preprocess verification key");
r1cs_ppzksnark_processed_verification_key<ppT> pvk = r1cs_ppzksnark_verifier_process_vk<ppT>(keypair.vk);
if (test_serialization)
{
enter_block("Test serialization of keys");
keypair.pk = reserialize<r1cs_ppzksnark_proving_key<ppT> >(keypair.pk);
keypair.vk = reserialize<r1cs_ppzksnark_verification_key<ppT> >(keypair.vk);
pvk = reserialize<r1cs_ppzksnark_processed_verification_key<ppT> >(pvk);
leave_block("Test serialization of keys");
}
print_header("R1CS ppzkSNARK Prover");
r1cs_ppzksnark_proof<ppT> proof = r1cs_ppzksnark_prover<ppT>(keypair.pk, example.primary_input, example.auxiliary_input, example.constraint_system);
printf("\n"); print_indent(); print_mem("after prover");
if (test_serialization)
{
enter_block("Test serialization of proof");
proof = reserialize<r1cs_ppzksnark_proof<ppT> >(proof);
leave_block("Test serialization of proof");
}
print_header("R1CS ppzkSNARK Verifier");
const bool ans = r1cs_ppzksnark_verifier_strong_IC<ppT>(keypair.vk, example.primary_input, proof);
printf("\n"); print_indent(); print_mem("after verifier");
printf("* The verification result is: %s\n", (ans ? "PASS" : "FAIL"));
print_header("R1CS ppzkSNARK Online Verifier");
const bool ans2 = r1cs_ppzksnark_online_verifier_strong_IC<ppT>(pvk, example.primary_input, proof);
assert(ans == ans2);
test_affine_verifier<ppT>(keypair.vk, example.primary_input, proof, ans);
leave_block("Call to run_r1cs_ppzksnark");
return ans;
}
template<typename ppT>
void add_proof_in_batch_verifier_test(batch_verification_accumulator<ppT> &acc,
const r1cs_ppzksnark_proof<ppT> &proof,
const r1cs_ppzksnark_verification_key<ppT> &vk,
const r1cs_primary_input<Fr<ppT> > &primary_input)
{
enter_block("Call to add_proof_in_batch_verifier_test");
//r1cs_ppzksnark_keypair<ppT> keypair = r1cs_ppzksnark_generator<ppT>(example.constraint_system);
print_header("R1CS ppzkSNARK Prover");
//r1cs_ppzksnark_proof<ppT> proof = r1cs_ppzksnark_prover<ppT>(keypair.pk, example.primary_input, example.auxiliary_input);
r1cs_ppzksnark_batcher<ppT>(vk, acc, primary_input, proof);
leave_block("Call to add_proof_in_batch_verifier_test");
}
} // libsnark
#endif // RUN_R1CS_PPZKSNARK_TCC_