github/darkfi
1
1
Fork 0
mirror of https://github.com/darkrenaissance/darkfi.git synced 2026-01-08 06:14:08 -05:00
Code Issues Packages Projects Releases Wiki Activity
Files
master
darkfi/proof/tx.zk
parazyd 6a024ab801 zkas: Add a field definition on top of the circuit file. 
Currently unused, but will probably be expanded to define proofs over
different fields.
2023-08-14 17:09:18 +02:00

86 lines
2.9 KiB
Plaintext
Raw Permalink Blame History

k = 13;
field = "pallas";
constant "tx" {
EcFixedPointShort VALUE_COMMIT_VALUE,
EcFixedPoint VALUE_COMMIT_RANDOM,
EcFixedPointBase NULLIFIER_K,
}
witness "tx" {
# coin (1) witnesses
Base root,
Base c1_root_sk,
Base c1_sk,
MerklePath c1_sk_path,
Uint32 c1_sk_pos,
Base c1_rho,
Scalar c1_opening,
Base c1_value,
MerklePath c1_cm_path,
Uint32 c1_cm_pos,
Base c1_sn,
# coin (3) witnesses
Base c3_pk,
Base c3_rho,
Scalar c3_opening,
Base c3_value,
# coin (4) witnesses
Base c4_pk,
Base c4_rho,
Scalar c4_opening,
Base c4_value,
}
circuit "tx" {
ZERO = witness_base(0);
ONE = witness_base(1);
PREFIX_EVL = witness_base(2);
PREFIX_SEED = witness_base(3);
PREFIX_CM = witness_base(4);
PREFIX_PK = witness_base(5);
PREFIX_SN = witness_base(6);
# coin (1) pk/public key
c1_pk = poseidon_hash(PREFIX_PK, c1_root_sk);
#constrain_instance(c1_pk);
# coin (1) cm/commitment
c1_cm_msg = poseidon_hash(PREFIX_CM, c1_pk, c1_value, c1_rho);
c1_cm_v = ec_mul_base(c1_cm_msg, NULLIFIER_K);
c1_cm_r = ec_mul(c1_opening, VALUE_COMMIT_RANDOM);
c1_cm = ec_add(c1_cm_v, c1_cm_r);
c1_cm_x = ec_get_x(c1_cm);
c1_cm_y = ec_get_y(c1_cm);
c1_cm_hash = poseidon_hash(c1_cm_x, c1_cm_y);
constrain_instance(c1_cm_x);
constrain_instance(c1_cm_y);
# coin (3) cm/commitment
c3_cm_msg = poseidon_hash(PREFIX_CM, c3_pk, c3_value, c3_rho);
c3_cm_v = ec_mul_base(c3_cm_msg, NULLIFIER_K);
c3_cm_r = ec_mul(c3_opening, VALUE_COMMIT_RANDOM);
c3_cm = ec_add(c3_cm_v, c3_cm_r);
c3_cm_x = ec_get_x(c3_cm);
constrain_instance(c3_cm_x);
c3_cm_y = ec_get_x(c3_cm);
constrain_instance(c3_cm_y);
# coin (4) cm/commitment
c4_cm_msg = poseidon_hash(PREFIX_CM, c4_pk, c4_value, c4_rho);
c4_cm_v = ec_mul_base(c4_cm_msg, NULLIFIER_K);
c4_cm_r = ec_mul(c4_opening, VALUE_COMMIT_RANDOM);
c4_cm = ec_add(c4_cm_v, c4_cm_r);
c4_cm_x = ec_get_x(c4_cm);
constrain_instance(c4_cm_x);
c4_cm_y = ec_get_y(c4_cm);
constrain_instance(c4_cm_y);
outval = base_add(c3_value, c4_value);
constrain_equal_base(c1_value, outval);
# root of path to coin1 commitment at given position
c1_root = merkle_root(c1_cm_pos, c1_cm_path, c1_cm_hash);
constrain_instance(c1_root);
# root of path to coin(1) sk at given position
c1_sk_root = merkle_root(c1_sk_pos, c1_sk_path, c1_sk);
constrain_instance(c1_sk_root);
# coin (1) sn/nullifier
c1_sn = poseidon_hash(PREFIX_SN, c1_root_sk, c1_rho, ZERO);
constrain_instance(c1_sn);
}
Reference in New Issue View Git Blame Copy Permalink