History compaction zkSNARK circuit for Plasma Cash and Cashflow history compaction
Clone or download
Latest commit 651c7c7 Dec 12, 2018
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
src add explicit benchmark Dec 12, 2018
.gitignore first commit Dec 7, 2018
Cargo.lock fix self-import and add readme Dec 7, 2018
Cargo.toml add explicit benchmark Dec 12, 2018
README.md add explicit benchmark Dec 12, 2018

README.md

Plasma cash history SNARK

Compacts history in Plasma Cashes by hiding Merkle proofs under the private witness. Currently contains only non-inclusion circuit, with inclusion being trivially extended.

Without much optimization is requires 4270718 constraints for 128 block of non-inclusion for 24 tree depth.

Public inputs to the zkSNARK:

  • Start of the interval index (if single coin - just index)
  • Interval length (is single coin - 1)
  • Set of roots for which this coin index is proved to be non-included

Notice

SNARK checks that start of the interval is divisible by the interval length, but in principle such check should be done outside of the snark as range start and length are public inputs.

Run

Requires Rust 1.31 or higher.

Dummy tree and proof are generated for a large set of blocks

cargo run --release --bin benchmark_proof_gen

You can also sent an environment variable BELLMAN_VERBOSE=1 to have some verbose setup and proof generation progress.

Benchmark

    Using test constraint system to check the satisfiability
    Synthsizing a snark for 128 block for 24 tree depth
    Looking for unconstrained variabled:
    Number of constraints = 4263710
    generating setup...
    Has generated 4263684 points
    setup generated in 358.876 s
    creating proof...
    proof created in 39.749 s
    Proof is valid

License

Licensed under either of

at your option.

Contribution

Unless you explicitly state otherwise, any contribution intentionally submitted for inclusion in the work by you, as defined in the Apache-2.0 license, shall be dual licensed as above, without any additional terms or conditions.