<a href="https://colab.research.google.com/github/giu176/NetworkSecurity-ZKP/blob/main/ZKP.ipynb" target="_parent"><img src="https://colab.research.google.com/assets/colab-badge.svg" alt="Open In Colab"/></a>

# ZERO KNOWLEDGE PROOF

---





Project for Network Security and Cryptography
by Giulio Bosisio

The aim of the simulation is to perform a ZK-SNARK (Zero Knowledge - Succinct Non-Interactive Argument of Knowledge) computation of a python script. Succint means that the computation produce a proof that is both small in size and fast to verify. This proof is also constructed without interacting the verifier which makes the computation Non-Interactive, a classical Interactive protocol would have required the Verifier to challenge the Prover in real time. With a SNARK proof (a textual file) the Verifier can perform a verification whenever he wants without gaining any additional information about the witness (solution of the problem, the python script in this simulation) the verifier knows only the output of a specific input of the program (Zero Knowledge).

Properties of Zero Knowledge:
*   Completeness: If the Prover is honest, then it will eventually convince the Verifier.
*   Soundness: The Prover can only convince the Verifier if the statement is true.
*   Zero-knowledge(ness): The Verifier learns no information beyond the fact that the statement is true.



### Initialization


---

Installing pysnark and creating folders:

In [1]:
!mkdir TrustedParty && mkdir Prover && mkdir Verifier
!pip3 install git+https://github.com/meilof/pysnark

Looking in indexes: https://pypi.org/simple, https://us-python.pkg.dev/colab-wheels/public/simple/
Collecting git+https://github.com/meilof/pysnark
  Cloning https://github.com/meilof/pysnark to /tmp/pip-req-build-vzqtd5oj
  Running command git clone -q https://github.com/meilof/pysnark /tmp/pip-req-build-vzqtd5oj
Building wheels for collected packages: PySNARK
  Building wheel for PySNARK (setup.py) ... [?25l[?25hdone
  Created wheel for PySNARK: filename=PySNARK-0.3.1-py3-none-any.whl size=116886 sha256=a1248ea8151bb6a13024bbd6e06305a37d8c8fa56cdd47535bd15f5a5bb89d03
  Stored in directory: /tmp/pip-ephem-wheel-cache-ahsworm2/wheels/ee/ac/e0/e83d7fb143db3e217346b033cccb8100fecdac64bc9d9237ab
Successfully built PySNARK
Installing collected packages: PySNARK
Successfully installed PySNARK-0.3.1


Default backend for pysnark:
```
!pip3 install python-libsnark
```
libsnark backend doesn't work on Google Colab, so I tried another backend.

Install **one** between: [qaptools](https://github.com/Charterhouse/qaptools) and [snarkjs](https://github.com/iden3/snarkjs).


### Installing snarkjs backend


---



In [2]:
!npm install -g npm

[K[?25h/tools/node/bin/npm -> /tools/node/lib/node_modules/npm/bin/npm-cli.js
/tools/node/bin/npx -> /tools/node/lib/node_modules/npm/bin/npx-cli.js
[K[?25h+ npm@8.18.0
added 67 packages from 21 contributors, removed 296 packages and updated 138 packages in 5.721s


In [3]:
!npm install snarkjs -g


[K[?25h
added 38 packages, and audited 39 packages in 5s

2 packages are looking for funding
  run `npm fund` for details

found [32m[1m0[22m[39m vulnerabilities


In [4]:
!npm install https://github.com/iden3/r1csfile.git -g

[K[?25h
added 10 packages, and audited 11 packages in 2s

found [32m[1m0[22m[39m vulnerabilities


In [9]:
!npm install r1csfile

[K[?25h
added 10 packages, and audited 11 packages in 633ms

found [32m[1m0[22m[39m vulnerabilities


### Installing qaptools backend


---


In [None]:
!sudo apt install build-essential cmake git libgmp3-dev libprocps-dev python3-markdown libboost-program-options-dev libssl-dev python3 pkg-config
!git clone --recursive https://github.com/Charterhouse/qaptools.git
!cd qaptools/ && mkdir build && cd build/ && cmake .. -DCURVE=ALT_BN128 -DUSE_PT_COMPRESSION=OFF -DWITH_PROCPS=OFF -DBINARY_OUTPUT=OFF && make && sudo make install

## Trusted Party


---



The example script solves a quadratic equation (as seen in this [article](https://medium.com/@VitalikButerin/quadratic-arithmetic-programs-from-zero-to-hero-f6d558cea649))


\begin{equation}
x^3+x+5
\end{equation}
 and output the result.

 example.py:


```
import sys

from pysnark.runtime import snark, PrivVal

@snark
def equation(x):
    return x*x*x+x+5

print("output:", equation(int(sys.argv[1])))
```



Downloading the script:

In [5]:
!cd TrustedParty && wget https://raw.githubusercontent.com/giu176/NetworkSecurity-ZKP/main/example.py

--2022-08-25 14:41:36--  https://raw.githubusercontent.com/giu176/NetworkSecurity-ZKP/main/example.py
Resolving raw.githubusercontent.com (raw.githubusercontent.com)... 185.199.108.133, 185.199.109.133, 185.199.110.133, ...
Connecting to raw.githubusercontent.com (raw.githubusercontent.com)|185.199.108.133|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 147 [text/plain]
Saving to: ‘example.py’


2022-08-25 14:41:36 (10.9 MB/s) - ‘example.py’ saved [147/147]



The Trusted Party runs the the script with an input of its choiche. (input x=3 to follow the example in the [article](https://medium.com/@VitalikButerin/quadratic-arithmetic-programs-from-zero-to-hero-f6d558cea649)).

In [6]:
!cd TrustedParty && python example.py 3

*** Error loading backend pysnark.libsnark.backend: No module named 'libsnark'
*** Error loading backend pysnark.libsnark.backendgg: No module named 'libsnark'
*** Error loading backend pysnark.qaptools.backend: Could not find qaptools executable qapgen
output: 35
snarkjs witness.wtns and circuit.r1cs written; see readme


At this point pysnark execute a runtime script that generates a circuit file and a witness file. The circuit is a conversion of the complex mathematical statements inside the python script into simple statements (y = x or y = x [op] z) where [op] is an operator: "+" "-" "*" or "/". 

The quadratic function in the example will be:
\begin{equation}
k=input\times input
\\
y=k\times input
\\
z=y+input
\\
output=z+5
\end{equation}

This is called circuit because the simple statements can be used to build a logic gates circuit using AND gates and OR gates that performs the mathematical operation.

Each logic gate in the circuit is now converted using the standard format R1CS (Rank-1 Constraint System) into a triple of vectors (A,B,C) such as:
\begin{equation}
S\cdot A\times S\cdot B - S\cdot C=0
\end{equation}

Where S is the witness: a vector containing 1, the input, the output and all the solution of the simple statements. 

In our example:

\begin{equation}
S=[1,input,output,k,y,z]
\\
S=[1,3,35,9,27,30]
\end{equation}

The output of the runtime application is circuit.r1cs which contains every A,B and C vectors for every logic gate and the witness.wtns file that contains S.

Those file can be seen if the installation of the backend is skipped because otherwise one of the three available backends for pysnark is called and gets the vectors directly from the runtime script without producing any file.

To visualize the content of circuit.r1cs execute the print_circuit script (the console log function **doesn't stop by itself**, use the STOP button to exit the console after a few seconds):

In [None]:
!cd TrustedParty && wget https://raw.githubusercontent.com/giu176/NetworkSecurity-ZKP/main/print_circuit.js
!cd TrustedParty && node print_circuit.js

Distributing files to the Prover:

In [None]:
!cp ./TrustedParty/example.py ./Prover/example.py
!cp ./TrustedParty/pysnark_schedule ./Prover/pysnark_schedule
!cp ./TrustedParty/pysnark_masterek ./Prover/pysnark_masterek
!cp ./TrustedParty/pysnark_ek_main ./Prover/pysnark_ek_main
!cp ./TrustedParty/pysnark_eqs_main ./Prover/pysnark_eqs_main
!cp ./TrustedParty/pysnark_masterpk ./Prover/pysnark_masterpk

Distributing files to the Verifier:

In [None]:
!cp ./TrustedParty/pysnark_schedule ./Verifier//pysnark_schedule
!cp ./TrustedParty/pysnark_masterpk ./Verifier/pysnark_masterpk
!cp ./TrustedParty/pysnark_vk_main ./Verifier/pysnark_vk_main

## Prover


---



In [None]:
!cd Prover && python example.py 3

*** Error loading backend pysnark.libsnark.backend: No module named 'libsnark'
*** Error loading backend pysnark.libsnark.backendgg: No module named 'libsnark'
output: 35
*** qaptools subroutines:
***    id: main function: main digest: 314adf18c4 #constraints: 5 *
*** verification keys missing, skipping verification
***  prover keys/eqs:  pysnark_masterek pysnark_ek_main pysnark_eqs_main pysnark_schedule
***  prover data:      
***  verifier keys:    pysnark_masterpk pysnark_vk_main pysnark_schedule
***  verifier data:     pysnark_proof pysnark_values
***  verifier cmd:     qapver pysnark_masterpk pysnark_schedule pysnark_proof pysnark_values


Distributing files to the Verifier:

In [None]:
!cp ./Prover/pysnark_proof ./Verifier/pysnark_proof
!cp ./Prover/pysnark_values ./Verifier/pysnark_values

## Verifier


---



In [None]:
!cd Verifier && python -m pysnark.qaptools.runqapver