github/self
1
1
Fork 0
mirror of https://github.com/selfxyz/self.git synced 2026-04-27 03:01:15 -04:00
Code Issues Packages Projects Releases Wiki Activity

import comparators and bitify from circomlib

Browse Source
This commit is contained in:
turnoffthiscomputer
2024-12-15 12:52:05 +01:00
parent d3958562fa
commit e8f5e5cd62
2 changed files with 138 additions and 94 deletions
Download Patch File Download Diff File Expand all files Collapse all files

79
circuits/circuits/utils/circomlib/bitify/bitify.circom
View File

@@ -1,55 +1,50 @@
pragma circom 2.1.6;
// Here is operation to convert number to bit array and bit array to number
// There are reasons for code to look so bad
// We don`t use loop because of circom compiler
// Circom compiler just ignores linear constraints (only +):
// if u compile circuits with only linear constraints with --O2 flag (maybe --O1 too), there will be 0 constraints
// It means that u can can put literally anything in witness and get valid proof, and we don`t want this to happen
// To avoid it we must use quadratic constraints (where * is).
// Here we use bit * bit instead bit in one place of constraint, and it doesn`t affects logic (0 * 0 == 0 and 1 * 1 == 1)
// Where we can`t use it we use dummy input - it must be zero to pass dummy * dummy === 0 check, and add it to any linear constaint:
// signal a <== b + c + dummy * dummy;
// Nothing changes for arithmetic, but we turned linear contraint into quadratic, any compiler optimisation will not affect it.
// Hope this will be changed in future circom version, but this is the best way to deal with it for now.
/*
Copyright 2018 0KIMS association.
//------------------------------------------------------------------------------------------------------------------------------------------------------------------
This file is part of circom (Zero Knowledge Circuit Compiler).
// Convert number to bit array of len
// We are checking if out[i] is a bit, so LEN + 1 constraints
template Num2Bits(LEN){
assert(LEN <= 253);
assert(LEN > 0);
circom is a free software: you can redistribute it and/or modify it
under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
circom is distributed in the hope that it will be useful, but WITHOUT
ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public
License for more details.
You should have received a copy of the GNU General Public License
along with circom. If not, see <https://www.gnu.org/licenses/>.
*/
template Num2Bits(n) {
signal input in;
signal output out[LEN];
for (var i = 0; i < LEN; i++) {
signal output out[n];
var lc1=0;
var e2=1;
for (var i = 0; i<n; i++) {
out[i] <-- (in >> i) & 1;
out[i] * (out[i] - 1) === 0;
}
signal sum[LEN];
sum[0] <== out[0] * out[0];
for (var i = 1; i < LEN; i++){
sum[i] <== 2 ** i * out[i] + sum[i - 1];
out[i] * (out[i] -1 ) === 0;
lc1 += out[i] * e2;
e2 = e2+e2;
}
in === sum[LEN - 1];
lc1 === in;
}
//------------------------------------------------------------------------------------------------------------------------------------------------------------------
// Here bit check is not present, use only with bits else error will appear!!!
// No bit check so only 1 constarint
template Bits2Num(LEN){
assert(LEN <= 253);
assert(LEN > 0);
signal input in[LEN];
template Bits2Num(n) {
signal input in[n];
signal output out;
signal sum[LEN];
sum[0] <== in[0] * in[0];
for (var i = 1; i < LEN; i++){
sum[i] <== 2 ** i * in[i] + sum[i - 1];
var lc1=0;
var e2 = 1;
for (var i = 0; i<n; i++) {
lc1 += in[i] * e2;
e2 = e2 + e2;
}
out <== sum[LEN-1];
lc1 ==> out;
}

153
circuits/circuits/utils/circomlib/bitify/comparators.circom
View File

@@ -1,93 +1,142 @@
pragma circom 2.1.6;
include "./bitify.circom";
// Comparators for numbers
// Compare equality costs 2 constarints, this is "cheap" operation
// Compare 2 nums (>, >=, <, <=) forces us to bitify it, so it is more "expensive" operation, try to reduce it usage if u can
//------------------------------------------------------------------------------------------------------------------------------------------------------------
/*
Copyright 2018 0KIMS association.
This file is part of circom (Zero Knowledge Circuit Compiler).
circom is a free software: you can redistribute it and/or modify it
under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
circom is distributed in the hope that it will be useful, but WITHOUT
ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public
License for more details.
You should have received a copy of the GNU General Public License
along with circom. If not, see <https://www.gnu.org/licenses/>.
*/
include "bitify.circom";
// Compare in to zero, out is 0 or 1
template IsZero() {
signal input in;
signal output out;
signal inv;
inv <-- in != 0 ? 1 / in : 0;
out <== -in * inv + 1;
in * out === 0;
inv <-- in!=0 ? 1/in : 0;
out <== -in*inv +1;
in*out === 0;
}
// Compare in[0] to in[1], out is 0 or 1
template IsEqual() {
signal input in[2];
signal output out;
component isZero = IsZero();
isZero.in <== in[1] - in[0];
isZero.out ==> out;
component isz = IsZero();
in[1] - in[0] ==> isz.in;
isz.out ==> out;
}
// Compare in[0] to in[1], out is 0 or 1 if enabled == 1 or always 0 if enabled == 0
template ForceEqualIfEnabled() {
signal input enabled;
signal input in[2];
component isEqual = IsEqual();
isEqual.in <== in;
(1 - isEqual.out) * enabled === 0;
component isz = IsZero();
in[1] - in[0] ==> isz.in;
(1 - isz.out)*enabled === 0;
}
// Compare in[0] < in[1], out is 0 or 1
template LessThan(LEN) {
assert(LEN <= 252);
/*
// N is the number of bits the input have.
// The MSF is the sign bit.
template LessThan(n) {
signal input in[2];
signal output out;
component n2b = Num2Bits(LEN + 1);
n2b.in <== in[0] + (1 << LEN) - in[1];
out <== 1 - n2b.out[LEN];
component num2Bits0;
component num2Bits1;
component adder;
adder = BinSum(n, 2);
num2Bits0 = Num2Bits(n);
num2Bits1 = Num2BitsNeg(n);
in[0] ==> num2Bits0.in;
in[1] ==> num2Bits1.in;
var i;
for (i=0;i<n;i++) {
num2Bits0.out[i] ==> adder.in[0][i];
num2Bits1.out[i] ==> adder.in[1][i];
}
adder.out[n-1] ==> out;
}
*/
template LessThan(n) {
assert(n <= 252);
signal input in[2];
signal output out;
component n2b = Num2Bits(n+1);
n2b.in <== in[0]+ (1<<n) - in[1];
out <== 1-n2b.out[n];
}
// Compare in[0] <= in[1], out is 0 or 1
template LessEqThan(LEN) {
// N is the number of bits the input have.
// The MSF is the sign bit.
template LessEqThan(n) {
signal input in[2];
signal output out;
component lessThan = LessThan(LEN);
lessThan.in[0] <== in[0];
lessThan.in[1] <== in[1] + 1;
lessThan.out ==> out;
component lt = LessThan(n);
lt.in[0] <== in[0];
lt.in[1] <== in[1]+1;
lt.out ==> out;
}
// Compare in[0] > in[1], out is 0 or 1
template GreaterThan(LEN) {
// N is the number of bits the input have.
// The MSF is the sign bit.
template GreaterThan(n) {
signal input in[2];
signal output out;
component lt = LessThan(LEN);
component lt = LessThan(n);
lt.in[0] <== in[1];
lt.in[1] <== in[0];
lt.out ==> out;
}
// Compare in[0] >= in[1], out is 0 or 1
template GreaterEqThan(LEN) {
// N is the number of bits the input have.
// The MSF is the sign bit.
template GreaterEqThan(n) {
signal input in[2];
signal output out;
component lt = LessThan(LEN);
component lt = LessThan(n);
lt.in[0] <== in[1];
lt.in[1] <== in[0] + 1;
lt.in[1] <== in[0]+1;
lt.out ==> out;
}