This code have been moved to barretenberg/sol.
This repository contains multiple verifier contracts and testing harnesses that are used by Noir, our Zero-Knowledge Programming Language.
The implementations maintain the same interface, regardless of the verifier flavour (Standard, Turbo, Ultra), this should enable upstream implementations to be "plug-and-play".
The verifier will follow an overall architecture below, consisting of 3 contracts/libraries. Namely, the verifier algorithm (stable across circuits), the verification key (circuit dependent) and then the "verifier instance", a base that reads from the verification key and uses the key's values in the verification algorithm. The main advantage of this design is that we can generate verification key's per circuit and plug them into a general verification algorithm.
The verification key is currently generated via Barretenberg, Aztec's backend for generating proofs.
A verifier for standard plonk, the version of plonk that is used to run the Aztec Connect rollup.
The contracts are in the src/standard
directory.
The UltraPlonk Verifier follows the same structure as the Standard Plonk verifier, under the src/ultra
directory.
Run bootstrap.sh
to clone git submodules, bootstrap barretenberg, download SRS and generate verification keys. The bootstrap will also install foundry to ./.foundry
so you can use ./.foundry/bin/forge
if you don't already have foundry installed.
Test are performed with a TestBase
harness, it provides helpers for reading files and printing proofs. The tests also require proofs and verification keys, those are build as part of the bootstrap.sh
.
To run all tests, run the following scripts at the root of the repo:
forge test --no-match-contract TestBase # add -(v, vv, vvv, vvvv) for verbosity of logs, no logs emitted as default
To run test for a specific Contract test,
forge test --match-contract <NAME_OF_CONTRACT> # e.g., StandardTest
To run a specific test
forge test --match-test <NAME_OF_TEST> # e.g., testValidProof
Example to run only testValidProof
for the Standard verifier with logs:
forge test --match-contract StandardTest --match-test testValidProof -vvvv
Debugging from inside the assembly can be pretty inconvenient. The quickest way to get going is to add a custom error:
bytes4 internal constant ERR_S = 0xf7b44074;
error ERR(bytes32,bytes32,bytes32);
Where ERR_S
is the selector (first 4 bytes of keccak256(function signature)).
To revert the contract, and print values, you can then do as
mstore(0x00, ERR_S) // put the selector in memory
mstore(0x04, val_1) // add first value after selector
mstore(0x24, val_2) // add second value after first
mstore(0x44, val_3) // add third value after second
revert(0x00, 0x64) // revert with a message containing 0x64 bytes defined above
When running a test, you will then see the three values val_1, val_2, val_3
in the console.
aztec-verifier-contracts's People
aztec-verifier-contracts's Issues
docs(standard): Elaborate on public input delta implementation
Overview
Current code documentation does not do much to reason about what the public input delta calculation is for and how to reason about it. Include documentation for this.
docs(standard): Alter naming of arith selector opening group element
Overview
Generated from this comment:
@follow-up Elaborate on naming to easily match with the paper (part of step 9?)
Are `_proof` and `_publicInputs` actually unused?
The linters in Remix IDE claim that _proof
and _publicInputs
variables on the verify
function are unused. Is this just a false positive?
Compiling BaseUltraVerifier without optimizations results in StackTooDeep
When copying the verifier contracts into Remix IDE, it errors with StackTooDeep. This goes away when optimizations are enabled (they are disabled by default).
docs(standard): Document execution ordering differences between implementation and paper
Overview
Currently the ordering of the verification steps in the plonk paper are different to the implementation, elaborate on this at the top of the implementation
compiling plonk_vk.sol throws YulException: too deep in the stack & then fails to verify proof format
Linked from issue in noir repo:
noir-lang/noir#1140
Here is the most updated issue:
Update:
I still got the "proof failed" error. Here I am doing it again to show you the results.
I am passing the following format:
0x [function signature] + [proof data pointer] + [length of proof data] + [public input 1] + [public input 2] + [proof data array]
Details
Function Signature
0x8e760afe
Proof Data Pointer
0000000000000000000000000000000000000000000000000000000000000020
Length of proof data array
00000000000000000000000000000000000000000000000000000000000004e0
Public Input 1
0bff8247aa94b08d1c680d7a3e10831bd8c8cf2ea2c756b0d1d89acdcad877ad
Public Input 2
2a5d7253a6ed48462fedb2d350cc768d13956310f54e73a8a47914f34a34c5c4
Proof Data Array
2abfb...
Doing this, I no longer get the G1 point not on curve, or is malformed]
error, but I get the proof failed
error. This seems like it indicates the formatting is correct, but the proof input is wrong...
If I don't prepend my proof data with the two public inputs, then I get the G1 point not on curve, or is malformed]
error again, so it seems like prepending the two public inputs works, but I cannot get past this proof failed
error..
docs(standard): Document how the r_0 calculation differs from the paper
Overview
Elaborate on the reasoning for why the implementation differs, issue created off the back of this recent comment from lasse.
// @note that our r_0 looks different from the paper.
// This related to the public input delta that we mentioned earlier.
// So we are replacing PI with (z̄_ω - ∆PI) * L_n * α^2.
// @follow-up Elaborate on this replacement
// @note that our r_0 differs on the power of alpha from the paper. The alpha is a challenge
// so having a different challenge is fine, as long as both verifier and prover use the same.
Gas usage in readme
Add the gas usage for the different version to the readme so it can easily be found without pulling repo and running tests.
verify function visibility should be public to enable inheritance
Hello, I'm writing educational content about Noir in spanish and @critesjosh has been guiding me on the process. I stumbled into following issue while writing a guide on how to create a dApp. I got redirected here from acvm-backend-barretenberg.
I did a PR #23 that solves this. Happy to hear your comments.
The problem
It should be common for devs to inherit from UltraVerifier
while creating a dApp. This is to keep the codebase organized and readable. A normal implementation should look like the following example:
//SPDX-License-Identifier: MIT
pragma solidity >=0.8.19;
contract MyDApp is UltraVerifier {
// Custom logic
function proveStuff(bytes calldata _proof, bytes32[] calldata _publicInputs) public {
verify(_proof, _publicInputs));
// More custom logic
}
}
However this is currently not possible due to the verify
function being external
. This means that this function is not visible to inherited contracts.
The solution
I think the verify
visibility should be changed to public
. This will enable verify
being called from inherited contracts like the example above.
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.