mirror of
https://github.com/darkrenaissance/darkfi.git
synced 2026-01-09 14:48:08 -05:00
97 lines
2.9 KiB
Rust
97 lines
2.9 KiB
Rust
/* This file is part of DarkFi (https://dark.fi)
|
|
*
|
|
* Copyright (C) 2020-2022 Dyne.org foundation
|
|
*
|
|
* This program is free software: you can redistribute it and/or modify
|
|
* it under the terms of the GNU Affero General Public License as
|
|
* published by the Free Software Foundation, either version 3 of the
|
|
* License, or (at your option) any later version.
|
|
*
|
|
* This program is distributed in the hope that it will be useful,
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
* GNU Affero General Public License for more details.
|
|
*
|
|
* You should have received a copy of the GNU Affero General Public License
|
|
* along with this program. If not, see <https://www.gnu.org/licenses/>.
|
|
*/
|
|
|
|
// ../zkas simple.zk
|
|
|
|
use darkfi::{
|
|
crypto::{
|
|
proof::{ProvingKey, VerifyingKey},
|
|
Proof,
|
|
},
|
|
zk::{
|
|
vm::{Witness, ZkCircuit},
|
|
vm_stack::empty_witnesses,
|
|
},
|
|
zkas::decoder::ZkBinary,
|
|
Result,
|
|
};
|
|
use darkfi_sdk::crypto::pedersen::pedersen_commitment_u64;
|
|
use halo2_proofs::circuit::Value;
|
|
use pasta_curves::{
|
|
arithmetic::CurveAffine,
|
|
group::{ff::Field, Curve},
|
|
pallas,
|
|
};
|
|
use rand::rngs::OsRng;
|
|
|
|
fn main() -> Result<()> {
|
|
let bincode = include_bytes!("simple.zk.bin");
|
|
let zkbin = ZkBinary::decode(bincode)?;
|
|
|
|
// ======
|
|
// Prover
|
|
// ======
|
|
// Bigger k = more rows, but slower circuit
|
|
// Number of rows is 2^k
|
|
let k = 13;
|
|
|
|
// Witness values
|
|
let value = 42;
|
|
let value_blind = pallas::Scalar::random(&mut OsRng);
|
|
|
|
let prover_witnesses = vec![
|
|
Witness::Base(Value::known(pallas::Base::from(value))),
|
|
Witness::Scalar(Value::known(value_blind)),
|
|
];
|
|
|
|
// Create the public inputs
|
|
let value_commit = pedersen_commitment_u64(value, value_blind);
|
|
let value_coords = value_commit.to_affine().coordinates().unwrap();
|
|
|
|
let public_inputs = vec![*value_coords.x(), *value_coords.y()];
|
|
|
|
// Create the circuit
|
|
let circuit = ZkCircuit::new(prover_witnesses, zkbin.clone());
|
|
|
|
let now = std::time::Instant::now();
|
|
let proving_key = ProvingKey::build(k, &circuit);
|
|
println!("ProvingKey built [{} s]", now.elapsed().as_secs_f64());
|
|
let now = std::time::Instant::now();
|
|
let proof = Proof::create(&proving_key, &[circuit], &public_inputs, &mut OsRng)?;
|
|
println!("Proof created [{} s]", now.elapsed().as_secs_f64());
|
|
|
|
// ========
|
|
// Verifier
|
|
// ========
|
|
|
|
// Construct empty witnesses
|
|
let verifier_witnesses = empty_witnesses(&zkbin);
|
|
|
|
// Create the circuit
|
|
let circuit = ZkCircuit::new(verifier_witnesses, zkbin);
|
|
|
|
let now = std::time::Instant::now();
|
|
let verifying_key = VerifyingKey::build(k, &circuit);
|
|
println!("VerifyingKey built [{} s]", now.elapsed().as_secs_f64());
|
|
let now = std::time::Instant::now();
|
|
proof.verify(&verifying_key, &public_inputs)?;
|
|
println!("proof verify [{} s]", now.elapsed().as_secs_f64());
|
|
|
|
Ok(())
|
|
}
|