github/sp1-project-template
1
1
Fork 0
mirror of https://github.com/succinctlabs/sp1-project-template.git synced 2026-01-08 23:28:20 -05:00
Code Issues Packages Projects Releases Wiki Activity

feat: sp1 contracts (#4)

Browse Source 
* forge install: sp1-contracts

v1.0.3-testnet

* need to update fixture

* cleanup

* wip

* fixture, program, script

* clean

* fake proof

* add mit license

* forge install: sp1-contracts

v1.0.4-testnet
This commit is contained in:
Ratan Kaliani
2024-05-31 15:54:43 -07:00
committed by GitHub
parent 5ee880394c
commit 9d5e2939f9
19 changed files with 757 additions and 8490 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
.gitmodules vendored
View File

@@ -1,3 +1,6 @@
[submodule "contracts/lib/forge-std"]
path = contracts/lib/forge-std
url = https://github.com/foundry-rs/forge-std
[submodule "contracts/lib/sp1-contracts"]
path = contracts/lib/sp1-contracts
url = https://github.com/succinctlabs/sp1-contracts

5480
Cargo.lock generated
View File

File diff suppressed because it is too large Load Diff

4
Cargo.toml
View File

@@ -1,4 +0,0 @@
[workspace]
exclude = ["program"]
members = ["script"]
resolver = "2"

21
LICENSE-MIT Normal file
View File

@@ -0,0 +1,21 @@
The MIT License (MIT)
Copyright (c) 2024 Succinct Labs
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in
all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
THE SOFTWARE.

14
README.md
View File

@@ -11,18 +11,20 @@ that can generate a proof of any RISC-V program and verify the proof onchain.
- [Foundry](https://book.getfoundry.sh/getting-started/installation)
## Generate Proof
```
RUST_LOG=info cargo run --package fibonacci-script --bin prove --release
```
## Export Solidity Verifier
Generate the proof that will be used as a fixture in the contracts directory.
```
RUST_LOG=info cargo run -p fibonacci-script --bin artifacts --release
cd script
RUST_LOG=info cargo run --bin prove --release
```
## Solidity Proof Verification
Verify the proof with the SP1 EVM verifier.
```
cd contracts/
cd ../contracts
forge test -v
```

5
contracts/README.md
View File

@@ -1,5 +0,0 @@
### Deploy
```shell
$ forge script script/SP1Tendermint.s.sol --rpc-url $RPC_11155111 --private-key $PRIVATE_KEY --etherscan-api-key $ETHERSCAN_API_KEY_11155111 --broadcast --verify
```

1
contracts/lib/sp1-contracts Submodule

Submodule contracts/lib/sp1-contracts added at 6103952070

1
contracts/remappings.txt Normal file
View File

@@ -0,0 +1 @@
@sp1-contracts/=./lib/sp1-contracts/contracts/src/

11
contracts/src/Fibonacci.sol
View File

@@ -1,11 +1,11 @@
// SPDX-License-Identifier: MIT
pragma solidity ^0.8.13;
import {SP1Verifier} from "./SP1Verifier.sol";
import {SP1Verifier} from "@sp1-contracts/SP1Verifier.sol";
/// @title Fibonacci.
/// @author Succinct Labs
/// @notice This contract implements a simple example of verifying the proof of a computing a
/// @notice This contract implements a simple example of verifying the proof of a computing a
/// fibonacci number.
contract Fibonacci is SP1Verifier {
/// @notice The verification key for the fibonacci program.
@@ -13,7 +13,7 @@ contract Fibonacci is SP1Verifier {
constructor(bytes32 _fibonacciProgramVkey) {
fibonacciProgramVkey = _fibonacciProgramVkey;
}
}
/// @notice The entrypoint for verifying the proof of a fibonacci number.
/// @param proof The encoded proof.
@@ -23,7 +23,10 @@ contract Fibonacci is SP1Verifier {
bytes memory publicValues
) public view returns (uint32, uint32, uint32) {
this.verifyProof(fibonacciProgramVkey, publicValues, proof);
(uint32 n, uint32 a, uint32 b) = abi.decode(publicValues, (uint32, uint32, uint32));
(uint32 n, uint32 a, uint32 b) = abi.decode(
publicValues,
(uint32, uint32, uint32)
);
return (n, a, b);
}
}

774
contracts/src/SP1Verifier.sol
View File

@@ -1,774 +0,0 @@
// SPDX-License-Identifier: MIT
pragma solidity ^0.8.0;
/// @title Groth16 verifier template.
/// @author Remco Bloemen
/// @notice Supports verifying Groth16 proofs. Proofs can be in uncompressed
/// (256 bytes) and compressed (128 bytes) format. A view function is provided
/// to compress proofs.
/// @notice See <https://2π.com/23/bn254-compression> for further explanation.
contract Verifier {
/// Some of the provided public input values are larger than the field modulus.
/// @dev Public input elements are not automatically reduced, as this is can be
/// a dangerous source of bugs.
error PublicInputNotInField();
/// The proof is invalid.
/// @dev This can mean that provided Groth16 proof points are not on their
/// curves, that pairing equation fails, or that the proof is not for the
/// provided public input.
error ProofInvalid();
/// The commitment is invalid
/// @dev This can mean that provided commitment points and/or proof of knowledge are not on their
/// curves, that pairing equation fails, or that the commitment and/or proof of knowledge is not for the
/// commitment key.
error CommitmentInvalid();
// Addresses of precompiles
uint256 constant PRECOMPILE_MODEXP = 0x05;
uint256 constant PRECOMPILE_ADD = 0x06;
uint256 constant PRECOMPILE_MUL = 0x07;
uint256 constant PRECOMPILE_VERIFY = 0x08;
// Base field Fp order P and scalar field Fr order R.
// For BN254 these are computed as follows:
// t = 4965661367192848881
// P = 36⋅t⁴ + 36⋅t³ + 24⋅t² + 6⋅t + 1
// R = 36⋅t⁴ + 36⋅t³ + 18⋅t² + 6⋅t + 1
uint256 constant P = 0x30644e72e131a029b85045b68181585d97816a916871ca8d3c208c16d87cfd47;
uint256 constant R = 0x30644e72e131a029b85045b68181585d2833e84879b9709143e1f593f0000001;
// Extension field Fp2 = Fp[i] / (i² + 1)
// Note: This is the complex extension field of Fp with i² = -1.
// Values in Fp2 are represented as a pair of Fp elements (a₀, a₁) as a₀ + a₁⋅i.
// Note: The order of Fp2 elements is *opposite* that of the pairing contract, which
// expects Fp2 elements in order (a₁, a₀). This is also the order in which
// Fp2 elements are encoded in the public interface as this became convention.
// Constants in Fp
uint256 constant FRACTION_1_2_FP = 0x183227397098d014dc2822db40c0ac2ecbc0b548b438e5469e10460b6c3e7ea4;
uint256 constant FRACTION_27_82_FP = 0x2b149d40ceb8aaae81be18991be06ac3b5b4c5e559dbefa33267e6dc24a138e5;
uint256 constant FRACTION_3_82_FP = 0x2fcd3ac2a640a154eb23960892a85a68f031ca0c8344b23a577dcf1052b9e775;
// Exponents for inversions and square roots mod P
uint256 constant EXP_INVERSE_FP = 0x30644E72E131A029B85045B68181585D97816A916871CA8D3C208C16D87CFD45; // P - 2
uint256 constant EXP_SQRT_FP = 0xC19139CB84C680A6E14116DA060561765E05AA45A1C72A34F082305B61F3F52; // (P + 1) / 4;
// Groth16 alpha point in G1
uint256 constant ALPHA_X = 15723512825980522879957839550150373052173394555092353151594184115305589162646;
uint256 constant ALPHA_Y = 11286447733843483566774890588243727117177919477169041553502173804185093706492;
// Groth16 beta point in G2 in powers of i
uint256 constant BETA_NEG_X_0 = 8795119732411805846018157250097000647205588548089505478677836071308151516769;
uint256 constant BETA_NEG_X_1 = 9643992959955715417606974921538134427008352543249530037988879791202755148506;
uint256 constant BETA_NEG_Y_0 = 18662642156602667950083460130914232060110658680012630986934615481673462494473;
uint256 constant BETA_NEG_Y_1 = 19084248794803320463756689278851669084196275555785005758854890471536180986737;
// Groth16 gamma point in G2 in powers of i
uint256 constant GAMMA_NEG_X_0 = 20665759938317744560018059361235229939795186472525103265093532152132329814199;
uint256 constant GAMMA_NEG_X_1 = 3720992360460766933297063624209744170540235668123165886819009792181577229284;
uint256 constant GAMMA_NEG_Y_0 = 19819244448600116595125226908411785740128568247273701682733928754505813504587;
uint256 constant GAMMA_NEG_Y_1 = 7895525592610019911767663532213710544513898004842977358331187643326278086350;
// Groth16 delta point in G2 in powers of i
uint256 constant DELTA_NEG_X_0 = 9376073488708082227432353382756280652748747413235156619074550706280055208381;
uint256 constant DELTA_NEG_X_1 = 12205845439782103830027078625796137188312260443557934469170896905904614760551;
uint256 constant DELTA_NEG_Y_0 = 9806643810889191223029098952284473949385293007914201265015453756066529264578;
uint256 constant DELTA_NEG_Y_1 = 20514646965264922310211010335483129205136789683713442464431138011214380500870;
// Pedersen G point in G2 in powers of i
uint256 constant PEDERSEN_G_X_0 = 1025711959874167405935748764066030993785203183882716191906308168932683588496;
uint256 constant PEDERSEN_G_X_1 = 18777320585736891684446004352838411989851817191469431958335403788622805607077;
uint256 constant PEDERSEN_G_Y_0 = 4337404723149498075032100915121053511797488331823005513419508909341173792033;
uint256 constant PEDERSEN_G_Y_1 = 8138321074633010971247111824808628102999346633884453268086986624920889106641;
// Pedersen GRootSigmaNeg point in G2 in powers of i
uint256 constant PEDERSEN_GROOTSIGMANEG_X_0 = 6521947121868509004362912618965471296796123001719575314261665882408427103702;
uint256 constant PEDERSEN_GROOTSIGMANEG_X_1 = 21314015110907899447243938455900588284059804539439819679225896074900801948296;
uint256 constant PEDERSEN_GROOTSIGMANEG_Y_0 = 15218479124695739616524477192078195312586612122898972542970629576465814650982;
uint256 constant PEDERSEN_GROOTSIGMANEG_Y_1 = 8873683462287802757511097587895344609655913308444843098264106774779883436798;
// Constant and public input points
uint256 constant CONSTANT_X = 11554491975846858456240319019142252844051611486321584266825472391633573316366;
uint256 constant CONSTANT_Y = 20720902655394782795700263548270392211862098926032967578650550778802548459063;
uint256 constant PUB_0_X = 2198493301629044619987721885980246947665579375739765213803504501354859016900;
uint256 constant PUB_0_Y = 19672983057496871921865927713943548880355091682437057554168805566825186569652;
uint256 constant PUB_1_X = 146789740649583344858813712622826966404333750028996516381111529309794650555;
uint256 constant PUB_1_Y = 13200900726297446458323241601161978626264242958241439518957318492775923196313;
uint256 constant PUB_2_X = 18348338869274824910975686691282630578365375651381788511144305046259860684597;
uint256 constant PUB_2_Y = 11558923401464656122754761604877018656228947815923568263508145600489842591454;
/// Negation in Fp.
/// @notice Returns a number x such that a + x = 0 in Fp.
/// @notice The input does not need to be reduced.
/// @param a the base
/// @return x the result
function negate(uint256 a) internal pure returns (uint256 x) {
unchecked {
x = (P - (a % P)) % P; // Modulo is cheaper than branching
}
}
/// Exponentiation in Fp.
/// @notice Returns a number x such that a ^ e = x in Fp.
/// @notice The input does not need to be reduced.
/// @param a the base
/// @param e the exponent
/// @return x the result
function exp(uint256 a, uint256 e) internal view returns (uint256 x) {
bool success;
assembly ("memory-safe") {
let f := mload(0x40)
mstore(f, 0x20)
mstore(add(f, 0x20), 0x20)
mstore(add(f, 0x40), 0x20)
mstore(add(f, 0x60), a)
mstore(add(f, 0x80), e)
mstore(add(f, 0xa0), P)
success := staticcall(gas(), PRECOMPILE_MODEXP, f, 0xc0, f, 0x20)
x := mload(f)
}
if (!success) {
// Exponentiation failed.
// Should not happen.
revert ProofInvalid();
}
}
/// Invertsion in Fp.
/// @notice Returns a number x such that a * x = 1 in Fp.
/// @notice The input does not need to be reduced.
/// @notice Reverts with ProofInvalid() if the inverse does not exist
/// @param a the input
/// @return x the solution
function invert_Fp(uint256 a) internal view returns (uint256 x) {
x = exp(a, EXP_INVERSE_FP);
if (mulmod(a, x, P) != 1) {
// Inverse does not exist.
// Can only happen during G2 point decompression.
revert ProofInvalid();
}
}
/// Square root in Fp.
/// @notice Returns a number x such that x * x = a in Fp.
/// @notice Will revert with InvalidProof() if the input is not a square
/// or not reduced.
/// @param a the square
/// @return x the solution
function sqrt_Fp(uint256 a) internal view returns (uint256 x) {
x = exp(a, EXP_SQRT_FP);
if (mulmod(x, x, P) != a) {
// Square root does not exist or a is not reduced.
// Happens when G1 point is not on curve.
revert ProofInvalid();
}
}
/// Square test in Fp.
/// @notice Returns wheter a number x exists such that x * x = a in Fp.
/// @notice Will revert with InvalidProof() if the input is not a square
/// or not reduced.
/// @param a the square
/// @return x the solution
function isSquare_Fp(uint256 a) internal view returns (bool) {
uint256 x = exp(a, EXP_SQRT_FP);
return mulmod(x, x, P) == a;
}
/// Square root in Fp2.
/// @notice Fp2 is the complex extension Fp[i]/(i^2 + 1). The input is
/// a0 + a1 ⋅ i and the result is x0 + x1 ⋅ i.
/// @notice Will revert with InvalidProof() if
/// * the input is not a square,
/// * the hint is incorrect, or
/// * the input coefficents are not reduced.
/// @param a0 The real part of the input.
/// @param a1 The imaginary part of the input.
/// @param hint A hint which of two possible signs to pick in the equation.
/// @return x0 The real part of the square root.
/// @return x1 The imaginary part of the square root.
function sqrt_Fp2(uint256 a0, uint256 a1, bool hint) internal view returns (uint256 x0, uint256 x1) {
// If this square root reverts there is no solution in Fp2.
uint256 d = sqrt_Fp(addmod(mulmod(a0, a0, P), mulmod(a1, a1, P), P));
if (hint) {
d = negate(d);
}
// If this square root reverts there is no solution in Fp2.
x0 = sqrt_Fp(mulmod(addmod(a0, d, P), FRACTION_1_2_FP, P));
x1 = mulmod(a1, invert_Fp(mulmod(x0, 2, P)), P);
// Check result to make sure we found a root.
// Note: this also fails if a0 or a1 is not reduced.
if (a0 != addmod(mulmod(x0, x0, P), negate(mulmod(x1, x1, P)), P)
|| a1 != mulmod(2, mulmod(x0, x1, P), P)) {
revert ProofInvalid();
}
}
/// Compress a G1 point.
/// @notice Reverts with InvalidProof if the coordinates are not reduced
/// or if the point is not on the curve.
/// @notice The point at infinity is encoded as (0,0) and compressed to 0.
/// @param x The X coordinate in Fp.
/// @param y The Y coordinate in Fp.
/// @return c The compresed point (x with one signal bit).
function compress_g1(uint256 x, uint256 y) internal view returns (uint256 c) {
if (x >= P || y >= P) {
// G1 point not in field.
revert ProofInvalid();
}
if (x == 0 && y == 0) {
// Point at infinity
return 0;
}
// Note: sqrt_Fp reverts if there is no solution, i.e. the x coordinate is invalid.
uint256 y_pos = sqrt_Fp(addmod(mulmod(mulmod(x, x, P), x, P), 3, P));
if (y == y_pos) {
return (x << 1) | 0;
} else if (y == negate(y_pos)) {
return (x << 1) | 1;
} else {
// G1 point not on curve.
revert ProofInvalid();
}
}
/// Decompress a G1 point.
/// @notice Reverts with InvalidProof if the input does not represent a valid point.
/// @notice The point at infinity is encoded as (0,0) and compressed to 0.
/// @param c The compresed point (x with one signal bit).
/// @return x The X coordinate in Fp.
/// @return y The Y coordinate in Fp.
function decompress_g1(uint256 c) internal view returns (uint256 x, uint256 y) {
// Note that X = 0 is not on the curve since 0³ + 3 = 3 is not a square.
// so we can use it to represent the point at infinity.
if (c == 0) {
// Point at infinity as encoded in EIP196 and EIP197.
return (0, 0);
}
bool negate_point = c & 1 == 1;
x = c >> 1;
if (x >= P) {
// G1 x coordinate not in field.
revert ProofInvalid();
}
// Note: (x³ + 3) is irreducible in Fp, so it can not be zero and therefore
// y can not be zero.
// Note: sqrt_Fp reverts if there is no solution, i.e. the point is not on the curve.
y = sqrt_Fp(addmod(mulmod(mulmod(x, x, P), x, P), 3, P));
if (negate_point) {
y = negate(y);
}
}
/// Compress a G2 point.
/// @notice Reverts with InvalidProof if the coefficients are not reduced
/// or if the point is not on the curve.
/// @notice The G2 curve is defined over the complex extension Fp[i]/(i^2 + 1)
/// with coordinates (x0 + x1 ⋅ i, y0 + y1 ⋅ i).
/// @notice The point at infinity is encoded as (0,0,0,0) and compressed to (0,0).
/// @param x0 The real part of the X coordinate.
/// @param x1 The imaginary poart of the X coordinate.
/// @param y0 The real part of the Y coordinate.
/// @param y1 The imaginary part of the Y coordinate.
/// @return c0 The first half of the compresed point (x0 with two signal bits).
/// @return c1 The second half of the compressed point (x1 unmodified).
function compress_g2(uint256 x0, uint256 x1, uint256 y0, uint256 y1)
internal view returns (uint256 c0, uint256 c1) {
if (x0 >= P || x1 >= P || y0 >= P || y1 >= P) {
// G2 point not in field.
revert ProofInvalid();
}
if ((x0 | x1 | y0 | y1) == 0) {
// Point at infinity
return (0, 0);
}
// Compute y^2
// Note: shadowing variables and scoping to avoid stack-to-deep.
uint256 y0_pos;
uint256 y1_pos;
{
uint256 n3ab = mulmod(mulmod(x0, x1, P), P-3, P);
uint256 a_3 = mulmod(mulmod(x0, x0, P), x0, P);
uint256 b_3 = mulmod(mulmod(x1, x1, P), x1, P);
y0_pos = addmod(FRACTION_27_82_FP, addmod(a_3, mulmod(n3ab, x1, P), P), P);
y1_pos = negate(addmod(FRACTION_3_82_FP, addmod(b_3, mulmod(n3ab, x0, P), P), P));
}
// Determine hint bit
// If this sqrt fails the x coordinate is not on the curve.
bool hint;
{
uint256 d = sqrt_Fp(addmod(mulmod(y0_pos, y0_pos, P), mulmod(y1_pos, y1_pos, P), P));
hint = !isSquare_Fp(mulmod(addmod(y0_pos, d, P), FRACTION_1_2_FP, P));
}
// Recover y
(y0_pos, y1_pos) = sqrt_Fp2(y0_pos, y1_pos, hint);
if (y0 == y0_pos && y1 == y1_pos) {
c0 = (x0 << 2) | (hint ? 2 : 0) | 0;
c1 = x1;
} else if (y0 == negate(y0_pos) && y1 == negate(y1_pos)) {
c0 = (x0 << 2) | (hint ? 2 : 0) | 1;
c1 = x1;
} else {
// G1 point not on curve.
revert ProofInvalid();
}
}
/// Decompress a G2 point.
/// @notice Reverts with InvalidProof if the input does not represent a valid point.
/// @notice The G2 curve is defined over the complex extension Fp[i]/(i^2 + 1)
/// with coordinates (x0 + x1 ⋅ i, y0 + y1 ⋅ i).
/// @notice The point at infinity is encoded as (0,0,0,0) and compressed to (0,0).
/// @param c0 The first half of the compresed point (x0 with two signal bits).
/// @param c1 The second half of the compressed point (x1 unmodified).
/// @return x0 The real part of the X coordinate.
/// @return x1 The imaginary poart of the X coordinate.
/// @return y0 The real part of the Y coordinate.
/// @return y1 The imaginary part of the Y coordinate.
function decompress_g2(uint256 c0, uint256 c1)
internal view returns (uint256 x0, uint256 x1, uint256 y0, uint256 y1) {
// Note that X = (0, 0) is not on the curve since 0³ + 3/(9 + i) is not a square.
// so we can use it to represent the point at infinity.
if (c0 == 0 && c1 == 0) {
// Point at infinity as encoded in EIP197.
return (0, 0, 0, 0);
}
bool negate_point = c0 & 1 == 1;
bool hint = c0 & 2 == 2;
x0 = c0 >> 2;
x1 = c1;
if (x0 >= P || x1 >= P) {
// G2 x0 or x1 coefficient not in field.
revert ProofInvalid();
}
uint256 n3ab = mulmod(mulmod(x0, x1, P), P-3, P);
uint256 a_3 = mulmod(mulmod(x0, x0, P), x0, P);
uint256 b_3 = mulmod(mulmod(x1, x1, P), x1, P);
y0 = addmod(FRACTION_27_82_FP, addmod(a_3, mulmod(n3ab, x1, P), P), P);
y1 = negate(addmod(FRACTION_3_82_FP, addmod(b_3, mulmod(n3ab, x0, P), P), P));
// Note: sqrt_Fp2 reverts if there is no solution, i.e. the point is not on the curve.
// Note: (X³ + 3/(9 + i)) is irreducible in Fp2, so y can not be zero.
// But y0 or y1 may still independently be zero.
(y0, y1) = sqrt_Fp2(y0, y1, hint);
if (negate_point) {
y0 = negate(y0);
y1 = negate(y1);
}
}
/// Compute the public input linear combination.
/// @notice Reverts with PublicInputNotInField if the input is not in the field.
/// @notice Computes the multi-scalar-multiplication of the public input
/// elements and the verification key including the constant term.
/// @param input The public inputs. These are elements of the scalar field Fr.
/// @param publicCommitments public inputs generated from pedersen commitments.
/// @param commitments The Pedersen commitments from the proof.
/// @return x The X coordinate of the resulting G1 point.
/// @return y The Y coordinate of the resulting G1 point.
function publicInputMSM(
uint256[2] calldata input,
uint256[1] memory publicCommitments,
uint256[2] memory commitments
)
internal view returns (uint256 x, uint256 y) {
// Note: The ECMUL precompile does not reject unreduced values, so we check this.
// Note: Unrolling this loop does not cost much extra in code-size, the bulk of the
// code-size is in the PUB_ constants.
// ECMUL has input (x, y, scalar) and output (x', y').
// ECADD has input (x1, y1, x2, y2) and output (x', y').
// We reduce commitments(if any) with constants as the first point argument to ECADD.
// We call them such that ecmul output is already in the second point
// argument to ECADD so we can have a tight loop.
bool success = true;
assembly ("memory-safe") {
let f := mload(0x40)
let g := add(f, 0x40)
let s
mstore(f, CONSTANT_X)
mstore(add(f, 0x20), CONSTANT_Y)
success := and(success, staticcall(gas(), PRECOMPILE_ADD, commitments, 64, g, 0x40))
success := and(success, staticcall(gas(), PRECOMPILE_ADD, f, 0x80, f, 0x40))
mstore(g, PUB_0_X)
mstore(add(g, 0x20), PUB_0_Y)
s := calldataload(input)
mstore(add(g, 0x40), s)
success := and(success, lt(s, R))
success := and(success, staticcall(gas(), PRECOMPILE_MUL, g, 0x60, g, 0x40))
success := and(success, staticcall(gas(), PRECOMPILE_ADD, f, 0x80, f, 0x40))
mstore(g, PUB_1_X)
mstore(add(g, 0x20), PUB_1_Y)
s := calldataload(add(input, 32))
mstore(add(g, 0x40), s)
success := and(success, lt(s, R))
success := and(success, staticcall(gas(), PRECOMPILE_MUL, g, 0x60, g, 0x40))
success := and(success, staticcall(gas(), PRECOMPILE_ADD, f, 0x80, f, 0x40))
mstore(g, PUB_2_X)
mstore(add(g, 0x20), PUB_2_Y)
s := mload(publicCommitments)
mstore(add(g, 0x40), s)
success := and(success, lt(s, R))
success := and(success, staticcall(gas(), PRECOMPILE_MUL, g, 0x60, g, 0x40))
success := and(success, staticcall(gas(), PRECOMPILE_ADD, f, 0x80, f, 0x40))
x := mload(f)
y := mload(add(f, 0x20))
}
if (!success) {
// Either Public input not in field, or verification key invalid.
// We assume the contract is correctly generated, so the verification key is valid.
revert PublicInputNotInField();
}
}
/// Compress a proof.
/// @notice Will revert with InvalidProof if the curve points are invalid,
/// but does not verify the proof itself.
/// @param proof The uncompressed Groth16 proof. Elements are in the same order as for
/// verifyProof. I.e. Groth16 points (A, B, C) encoded as in EIP-197.
/// @param commitments Pedersen commitments from the proof.
/// @param commitmentPok proof of knowledge for the Pedersen commitments.
/// @return compressed The compressed proof. Elements are in the same order as for
/// verifyCompressedProof. I.e. points (A, B, C) in compressed format.
/// @return compressedCommitments compressed Pedersen commitments from the proof.
/// @return compressedCommitmentPok compressed proof of knowledge for the Pedersen commitments.
function compressProof(
uint256[8] calldata proof,
uint256[2] calldata commitments,
uint256[2] calldata commitmentPok
)
public view returns (
uint256[4] memory compressed,
uint256[1] memory compressedCommitments,
uint256 compressedCommitmentPok
) {
compressed[0] = compress_g1(proof[0], proof[1]);
(compressed[2], compressed[1]) = compress_g2(proof[3], proof[2], proof[5], proof[4]);
compressed[3] = compress_g1(proof[6], proof[7]);
compressedCommitments[0] = compress_g1(commitments[0], commitments[1]);
compressedCommitmentPok = compress_g1(commitmentPok[0], commitmentPok[1]);
}
/// Verify a Groth16 proof with compressed points.
/// @notice Reverts with InvalidProof if the proof is invalid or
/// with PublicInputNotInField the public input is not reduced.
/// @notice There is no return value. If the function does not revert, the
/// proof was successfully verified.
/// @param compressedProof the points (A, B, C) in compressed format
/// matching the output of compressProof.
/// @param compressedCommitments compressed Pedersen commitments from the proof.
/// @param compressedCommitmentPok compressed proof of knowledge for the Pedersen commitments.
/// @param input the public input field elements in the scalar field Fr.
/// Elements must be reduced.
function verifyCompressedProof(
uint256[4] calldata compressedProof,
uint256[1] calldata compressedCommitments,
uint256 compressedCommitmentPok,
uint256[2] calldata input
) public view {
uint256[1] memory publicCommitments;
uint256[2] memory commitments;
uint256[24] memory pairings;
{
(commitments[0], commitments[1]) = decompress_g1(compressedCommitments[0]);
(uint256 Px, uint256 Py) = decompress_g1(compressedCommitmentPok);
uint256[] memory publicAndCommitmentCommitted;
publicCommitments[0] = uint256(
sha256(
abi.encodePacked(
commitments[0],
commitments[1],
publicAndCommitmentCommitted
)
)
) % R;
// Commitments
pairings[ 0] = commitments[0];
pairings[ 1] = commitments[1];
pairings[ 2] = PEDERSEN_G_X_1;
pairings[ 3] = PEDERSEN_G_X_0;
pairings[ 4] = PEDERSEN_G_Y_1;
pairings[ 5] = PEDERSEN_G_Y_0;
pairings[ 6] = Px;
pairings[ 7] = Py;
pairings[ 8] = PEDERSEN_GROOTSIGMANEG_X_1;
pairings[ 9] = PEDERSEN_GROOTSIGMANEG_X_0;
pairings[10] = PEDERSEN_GROOTSIGMANEG_Y_1;
pairings[11] = PEDERSEN_GROOTSIGMANEG_Y_0;
// Verify pedersen commitments
bool success;
assembly ("memory-safe") {
let f := mload(0x40)
success := staticcall(gas(), PRECOMPILE_VERIFY, pairings, 0x180, f, 0x20)
success := and(success, mload(f))
}
if (!success) {
revert CommitmentInvalid();
}
}
{
(uint256 Ax, uint256 Ay) = decompress_g1(compressedProof[0]);
(uint256 Bx0, uint256 Bx1, uint256 By0, uint256 By1) = decompress_g2(compressedProof[2], compressedProof[1]);
(uint256 Cx, uint256 Cy) = decompress_g1(compressedProof[3]);
(uint256 Lx, uint256 Ly) = publicInputMSM(
input,
publicCommitments,
commitments
);
// Verify the pairing
// Note: The precompile expects the F2 coefficients in big-endian order.
// Note: The pairing precompile rejects unreduced values, so we won't check that here.
// e(A, B)
pairings[ 0] = Ax;
pairings[ 1] = Ay;
pairings[ 2] = Bx1;
pairings[ 3] = Bx0;
pairings[ 4] = By1;
pairings[ 5] = By0;
// e(C, -δ)
pairings[ 6] = Cx;
pairings[ 7] = Cy;
pairings[ 8] = DELTA_NEG_X_1;
pairings[ 9] = DELTA_NEG_X_0;
pairings[10] = DELTA_NEG_Y_1;
pairings[11] = DELTA_NEG_Y_0;
// e(α, -β)
pairings[12] = ALPHA_X;
pairings[13] = ALPHA_Y;
pairings[14] = BETA_NEG_X_1;
pairings[15] = BETA_NEG_X_0;
pairings[16] = BETA_NEG_Y_1;
pairings[17] = BETA_NEG_Y_0;
// e(L_pub, -γ)
pairings[18] = Lx;
pairings[19] = Ly;
pairings[20] = GAMMA_NEG_X_1;
pairings[21] = GAMMA_NEG_X_0;
pairings[22] = GAMMA_NEG_Y_1;
pairings[23] = GAMMA_NEG_Y_0;
// Check pairing equation.
bool success;
uint256[1] memory output;
assembly ("memory-safe") {
success := staticcall(gas(), PRECOMPILE_VERIFY, pairings, 0x300, output, 0x20)
}
if (!success || output[0] != 1) {
// Either proof or verification key invalid.
// We assume the contract is correctly generated, so the verification key is valid.
revert ProofInvalid();
}
}
}
/// Verify an uncompressed Groth16 proof.
/// @notice Reverts with InvalidProof if the proof is invalid or
/// with PublicInputNotInField the public input is not reduced.
/// @notice There is no return value. If the function does not revert, the
/// proof was successfully verified.
/// @param proof the points (A, B, C) in EIP-197 format matching the output
/// of compressProof.
/// @param commitments the Pedersen commitments from the proof.
/// @param commitmentPok the proof of knowledge for the Pedersen commitments.
/// @param input the public input field elements in the scalar field Fr.
/// Elements must be reduced.
function verifyProof(
uint256[8] calldata proof,
uint256[2] calldata commitments,
uint256[2] calldata commitmentPok,
uint256[2] calldata input
) public view {
// HashToField
uint256[1] memory publicCommitments;
uint256[] memory publicAndCommitmentCommitted;
publicCommitments[0] = uint256(
sha256(
abi.encodePacked(
commitments[0],
commitments[1],
publicAndCommitmentCommitted
)
)
) % R;
// Verify pedersen commitments
bool success;
assembly ("memory-safe") {
let f := mload(0x40)
calldatacopy(f, commitments, 0x40) // Copy Commitments
mstore(add(f, 0x40), PEDERSEN_G_X_1)
mstore(add(f, 0x60), PEDERSEN_G_X_0)
mstore(add(f, 0x80), PEDERSEN_G_Y_1)
mstore(add(f, 0xa0), PEDERSEN_G_Y_0)
calldatacopy(add(f, 0xc0), commitmentPok, 0x40)
mstore(add(f, 0x100), PEDERSEN_GROOTSIGMANEG_X_1)
mstore(add(f, 0x120), PEDERSEN_GROOTSIGMANEG_X_0)
mstore(add(f, 0x140), PEDERSEN_GROOTSIGMANEG_Y_1)
mstore(add(f, 0x160), PEDERSEN_GROOTSIGMANEG_Y_0)
success := staticcall(gas(), PRECOMPILE_VERIFY, f, 0x180, f, 0x20)
success := and(success, mload(f))
}
if (!success) {
revert CommitmentInvalid();
}
(uint256 x, uint256 y) = publicInputMSM(
input,
publicCommitments,
commitments
);
// Note: The precompile expects the F2 coefficients in big-endian order.
// Note: The pairing precompile rejects unreduced values, so we won't check that here.
assembly ("memory-safe") {
let f := mload(0x40) // Free memory pointer.
// Copy points (A, B, C) to memory. They are already in correct encoding.
// This is pairing e(A, B) and G1 of e(C, -δ).
calldatacopy(f, proof, 0x100)
// Complete e(C, -δ) and write e(α, -β), e(L_pub, -γ) to memory.
// OPT: This could be better done using a single codecopy, but
// Solidity (unlike standalone Yul) doesn't provide a way to
// to do this.
mstore(add(f, 0x100), DELTA_NEG_X_1)
mstore(add(f, 0x120), DELTA_NEG_X_0)
mstore(add(f, 0x140), DELTA_NEG_Y_1)
mstore(add(f, 0x160), DELTA_NEG_Y_0)
mstore(add(f, 0x180), ALPHA_X)
mstore(add(f, 0x1a0), ALPHA_Y)
mstore(add(f, 0x1c0), BETA_NEG_X_1)
mstore(add(f, 0x1e0), BETA_NEG_X_0)
mstore(add(f, 0x200), BETA_NEG_Y_1)
mstore(add(f, 0x220), BETA_NEG_Y_0)
mstore(add(f, 0x240), x)
mstore(add(f, 0x260), y)
mstore(add(f, 0x280), GAMMA_NEG_X_1)
mstore(add(f, 0x2a0), GAMMA_NEG_X_0)
mstore(add(f, 0x2c0), GAMMA_NEG_Y_1)
mstore(add(f, 0x2e0), GAMMA_NEG_Y_0)
// Check pairing equation.
success := staticcall(gas(), PRECOMPILE_VERIFY, f, 0x300, f, 0x20)
// Also check returned value (both are either 1 or 0).
success := and(success, mload(f))
}
if (!success) {
// Either proof or verification key invalid.
// We assume the contract is correctly generated, so the verification key is valid.
revert ProofInvalid();
}
}
}
/// @title SP1 Verifier
/// @author Succinct Labs
/// @notice This contracts implements a solidity verifier for SP1.
contract SP1Verifier is Verifier {
/// @notice Deserializes a proof from the given bytes.
/// @param proofBytes The proof bytes.
function deserializeProof(
bytes memory proofBytes
)
public
pure
returns (
uint256[8] memory proof,
uint256[2] memory commitments,
uint256[2] memory commitmentPok
)
{
require(
proofBytes.length == 8 * 32 + 4 + 2 * 32 + 2 * 32,
"invalid proof bytes length"
);
uint256 offset = 32;
for (uint256 i = 0; i < 8; i++) {
assembly {
mstore(
add(proof, add(0, mul(32, i))),
mload(add(proofBytes, add(offset, mul(32, i))))
)
}
}
uint32 commitmentCount;
offset += 8 * 32;
assembly {
let dataLocation := add(proofBytes, offset)
let loadedData := mload(dataLocation)
commitmentCount := and(shr(224, loadedData), 0xFFFFFFFF)
}
offset += 4;
for (uint256 i = 0; i < 2; i++) {
assembly {
mstore(
add(commitments, add(0, mul(32, i))),
mload(add(proofBytes, add(offset, mul(32, i))))
)
}
}
offset += 2 * 32;
for (uint256 i = 0; i < 2; i++) {
assembly {
mstore(
add(commitmentPok, add(0, mul(32, i))),
mload(add(proofBytes, add(offset, mul(32, i))))
)
}
}
}
/// @notice Hashes the public values to a field elements inside Bn254.
/// @param publicValues The public values.
function hashPublicValues(
bytes memory publicValues
) public pure returns (bytes32) {
return sha256(publicValues) & bytes32(uint256((1 << 253) - 1));
}
/// @notice Verifies a proof with given public values and vkey.
/// @param vkey The verification key for the RISC-V program.
/// @param publicValues The public values encoded as bytes.
/// @param proofBytes The proof of the program execution the SP1 zkVM encoded as bytes.
function verifyProof(
bytes32 vkey,
bytes memory publicValues,
bytes memory proofBytes
) public view {
(
uint256[8] memory proof,
uint256[2] memory commitments,
uint256[2] memory commitmentPok
) = deserializeProof(proofBytes);
bytes32 publicValuesDigest = hashPublicValues(publicValues);
uint256[2] memory inputs = [
uint256(vkey),
uint256(publicValuesDigest)
];
this.verifyProof(proof, commitments, commitmentPok, inputs);
}
}

4
contracts/src/fixtures/fixture.json
View File

@@ -2,7 +2,7 @@
"a": 1268,
"b": 1926,
"n": 500,
"vkey": "0x00b215855d2449587278ce5d12d034e11272be30b2ecc0609c892055141e1443",
"vkey": "0x000c413c257554c0d44f840ea4e6e3cf6acf1ec722af839547814ce9632fd6bf",
"publicValues": "0x00000000000000000000000000000000000000000000000000000000000001f400000000000000000000000000000000000000000000000000000000000004f40000000000000000000000000000000000000000000000000000000000000786",
"proof": "0x26b7378427b3b40569b37f73b2de2589b07842995d93f7535f1d4a20d9a8890f0bcc9708c3a8703b1c17a35462d0adce605be099c2937167ebf36353af8a19b4101a31e45c66e2af86c43e3316f8dc30f7e423fc8d4791963bada665e95237911748ff40f71f600eb517e8923e673a832b7cae888fab520ce9dc380f1f1b63aa14b063e407df14ce7025fc245b3fc002d1df06c0df128ae9b9468e8aa3b12e702996aeb6c35f8c8a538dd78bf32aef3ebfbbb5787d33189050a7c1e8982b47e408c0d4b536d7c7dd5fb01d205a70c487a2787466c31b8a86552e87b8fb45daa207b70001387c95cdfd79cba87cf6b6e2e84817a4cac447e8c0064e6a88d53eb6000000011f6a61bb75834ec2cfa5706427c250601c39419255c9daf1e7bfbd5d9bcfc0c12f551812822f35096daf734744e2e9ac3371026bd755d8a635c3fc6f92c553cb0a657fafca9680665a25d734c97cbc2fd9fb8b4f60f1e424dee923f5846b173626e51a80d0b55f1b34d0b5cd306b8c38d27ccff8317d3541e683354f9d2d1695"
"proof": "0x1b24bf0ece10786a2307e121b48c2c90c4b07641f81b773502cb132296a837c61c37e1fb4402606cacf385295f7b4832d2222f9ecd9803d022c09fb159e8af8f0fd2cb1fceb65e32058b0f7e04734682cca35b917098b6e0a95aeb02f69272c4168899e7867a5ddfa8246ec4fe35a0e2d2ac85355a26b2490ed78aea20a2869a115b66835ee849fa9fbd3462138bccb3092b4f4cb8cdd5af495ae5ab06f0e1a00c043787dcda55e88dca9a6b845806f626b29c0d191aaf48ae93d00e02ffda7a2680eaf720b34b00aa4477b6b9b4512e0cc94b2df5a865a6c0cb491bdc834f5800c80881e1ce55a364dcce58fb1daaaf9f5986845036b1831024e03072a3ac56051d6c07a287a27414da42ba86bf42cc9d0ef7f17ebb1226f6b263086c2d77b910466c8d8b6675c0d0fce875f6b594722ad5bdaeeca7d4b673467adf065cf00d2f2ecdf78010fe75f1212dd9c6540c96a6e1eb11530290e966699018c1e41d7b07e3a1a08cb13adcf536851e5f58e33f464321118b67f8c80db338733c3bda72039aa214dfe5015f117b6f876b018199424510024b2946bb5f8027245225ff8b240237bdef147c509f04f33a09da19549a27411430c059cd1376f2706549b6671694bb18973c35c9fe8cc4d40f08c60aca4c277ddf09eb2e095556f3c3156ba51550b6a94fd21d4540764d093fb39e4e6c4517bd4ccc87c21f08fdd4588ff27b032cbbfb8c6a8cd431524521677d40aed6700eac960e2ca5f66c6f19cbcbe1af16f962c9e5eae242aab756079cee9a1419474da4e3f5d531f70738e6dac99dd40858cee714f519e6af127d3c57553c1e3ace3206dc24866f6dce3b6a9fa99ced10ef7440dc5227ab24c05201207fdfeb341fbe716f2a969c9663d6b2188c25271abff2b7c68177be370f2d804306693461a5f749de729433ad45e6eff0b692e216c9216e5596d7a39e5971c5bcfed0cebb520014059ec9ade2c7a1196d967f4121aa5603cda863fbda14a380853fdac1e09de824fc8bb65c29ef2fd78d32aa8e24bef20ab27682cd82dcaee11a478bc5f9da361d87262686b1b2d91f135a10d3120954d3a8f3f5c14c069730d0c9bfc2bb86f7cd6a106e294f1ecddd3543b7110bc67355e1fc211b968f314ebcf9ea8352a01d0b9a1bbaac88457409b49388ac189007a6b62c2839220edd1f012ff5331baec07c4077522fce86fd3b8931e8a4"
}

15
contracts/test/Fibonacci.t.sol
View File

@@ -4,7 +4,7 @@ pragma solidity ^0.8.13;
import {Test, console} from "forge-std/Test.sol";
import {stdJson} from "forge-std/StdJson.sol";
import {Fibonacci} from "../src/Fibonacci.sol";
import {SP1Verifier} from "../src/SP1Verifier.sol";
import {SP1Verifier} from "@sp1-contracts/SP1Verifier.sol";
struct SP1ProofFixtureJson {
uint32 a;
@@ -45,10 +45,11 @@ contract FibonacciTest is Test {
}
function testFail_InvalidFibonacciProof() public view {
SP1ProofFixtureJson memory fixture = loadFixture();
fibonacci.verifyFibonacciProof(
fixture.publicValues,
fixture.publicValues
);
}
SP1ProofFixtureJson memory fixture = loadFixture();
// Create a fake proof.
bytes memory fakeProof = new bytes(fixture.proof.length);
fibonacci.verifyFibonacciProof(fakeProof, fixture.publicValues);
}
}

395
program/Cargo.lock generated
View File

@@ -4,9 +4,9 @@ version = 3
[[package]]
name = "alloy-primitives"
version = "0.7.2"
version = "0.7.4"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "525448f6afc1b70dd0f9d0a8145631bf2f5e434678ab23ab18409ca264cae6b3"
checksum = "db8aa973e647ec336810a9356af8aea787249c9d00b1525359f3db29a68d231b"
dependencies = [
"alloy-rlp",
"bytes",
@@ -26,9 +26,9 @@ dependencies = [
[[package]]
name = "alloy-rlp"
version = "0.3.4"
version = "0.3.5"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "8d58d9f5da7b40e9bfff0b7e7816700be4019db97d4b6359fe7f94a9e22e42ac"
checksum = "b155716bab55763c95ba212806cf43d05bcc70e5f35b02bad20cf5ec7fe11fed"
dependencies = [
"arrayvec",
"bytes",
@@ -36,9 +36,23 @@ dependencies = [
[[package]]
name = "alloy-sol-macro"
version = "0.7.2"
version = "0.7.4"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "89c80a2cb97e7aa48611cbb63950336f9824a174cdf670527cc6465078a26ea1"
checksum = "7dbd17d67f3e89478c8a634416358e539e577899666c927bc3d2b1328ee9b6ca"
dependencies = [
"alloy-sol-macro-expander",
"alloy-sol-macro-input",
"proc-macro-error",
"proc-macro2",
"quote",
"syn 2.0.66",
]
[[package]]
name = "alloy-sol-macro-expander"
version = "0.7.4"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "2c6da95adcf4760bb4b108fefa51d50096c5e5fdd29ee72fed3e86ee414f2e34"
dependencies = [
"alloy-sol-macro-input",
"const-hex",
@@ -47,31 +61,31 @@ dependencies = [
"proc-macro-error",
"proc-macro2",
"quote",
"syn 2.0.58",
"syn 2.0.66",
"syn-solidity",
"tiny-keccak",
]
[[package]]
name = "alloy-sol-macro-input"
version = "0.7.2"
version = "0.7.4"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "c58894b58ac50979eeac6249661991ac40b9d541830d9a725f7714cc9ef08c23"
checksum = "32c8da04c1343871fb6ce5a489218f9c85323c8340a36e9106b5fc98d4dd59d5"
dependencies = [
"const-hex",
"dunce",
"heck 0.5.0",
"proc-macro2",
"quote",
"syn 2.0.58",
"syn 2.0.66",
"syn-solidity",
]
[[package]]
name = "alloy-sol-types"
version = "0.7.2"
version = "0.7.4"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "399287f68d1081ed8b1f4903c49687658b95b142207d7cb4ae2f4813915343ef"
checksum = "40a64d2d2395c1ac636b62419a7b17ec39031d6b2367e66e9acbf566e6055e9c"
dependencies = [
"alloy-primitives",
"alloy-sol-macro",
@@ -81,9 +95,9 @@ dependencies = [
[[package]]
name = "anyhow"
version = "1.0.82"
version = "1.0.86"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "f538837af36e6f6a9be0faa67f9a314f8119e4e4b5867c6ab40ed60360142519"
checksum = "b3d1d046238990b9cf5bcde22a3fb3584ee5cf65fb2765f454ed428c7a0063da"
[[package]]
name = "ark-ff"
@@ -115,7 +129,7 @@ dependencies = [
"ark-std 0.4.0",
"derivative",
"digest 0.10.7",
"itertools 0.10.5",
"itertools",
"num-bigint",
"num-traits",
"paste",
@@ -223,14 +237,14 @@ checksum = "3c87f3f15e7794432337fc718554eaa4dc8f04c9677a950ffe366f20a162ae42"
dependencies = [
"proc-macro2",
"quote",
"syn 2.0.58",
"syn 2.0.66",
]
[[package]]
name = "autocfg"
version = "1.2.0"
version = "1.3.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "f1fdabc7756949593fe60f30ec81974b613357de856987752631dea1e3394c80"
checksum = "0c4b4d0bd25bd0b74681c0ad21497610ce1b7c91b1022cd21c80c6fbdd9476b0"
[[package]]
name = "base16ct"
@@ -315,9 +329,9 @@ checksum = "514de17de45fdb8dc022b1a7975556c53c86f9f0aa5f534b98977b171857c2c9"
[[package]]
name = "cc"
version = "1.0.97"
version = "1.0.98"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "099a5357d84c4c61eb35fc8eafa9a79a902c2f76911e5747ced4e032edd8d9b4"
checksum = "41c270e7540d725e65ac7f1b212ac8ce349719624d7bcff99f8e2e488e8cf03f"
[[package]]
name = "cfg-if"
@@ -327,9 +341,9 @@ checksum = "baf1de4339761588bc0619e3cbc0120ee582ebb74b53b4efbf79117bd2da40fd"
[[package]]
name = "const-hex"
version = "1.11.3"
version = "1.12.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "5ba00838774b4ab0233e355d26710fbfc8327a05c017f6dc4873f876d1f79f78"
checksum = "94fb8a24a26d37e1ffd45343323dc9fe6654ceea44c12f2fcb3d7ac29e610bc6"
dependencies = [
"cfg-if",
"cpufeatures",
@@ -464,9 +478,9 @@ dependencies = [
[[package]]
name = "either"
version = "1.10.0"
version = "1.12.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "11157ac094ffbdde99aa67b23417ebdd801842852b500e395a45a9c0aac03e4a"
checksum = "3dca9240753cf90908d7e4aac30f630662b02aebaa1b58a3cadabdb23385b58b"
[[package]]
name = "elliptic-curve"
@@ -496,9 +510,9 @@ checksum = "5443807d6dff69373d433ab9ef5378ad8df50ca6298caf15de6e52e24aaf54d5"
[[package]]
name = "errno"
version = "0.3.8"
version = "0.3.9"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "a258e46cdc063eb8519c00b9fc845fc47bcfca4130e2f08e88665ceda8474245"
checksum = "534c5cf6194dfab3db3242765c03bbe257cf92f22b38f6bc0c58d59108a820ba"
dependencies = [
"libc",
"windows-sys",
@@ -564,12 +578,6 @@ version = "2.0.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "e6d5a32815ae3f33302d95fdcb2ce17862f8c65363dcfd29360480ba1001fc9c"
[[package]]
name = "gcd"
version = "2.3.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "1d758ba1b47b00caf47f24925c0074ecb20d6dfcffe7f6d53395c0465674841a"
[[package]]
name = "generic-array"
version = "0.14.7"
@@ -583,9 +591,9 @@ dependencies = [
[[package]]
name = "getrandom"
version = "0.2.14"
version = "0.2.15"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "94b22e06ecb0110981051723910cbf0b5f5e09a2062dd7663334ee79a9d1286c"
checksum = "c4567c8db10ae91089c99af84c68c38da3ec2f087c3f82960bcdbf3656b6f4d7"
dependencies = [
"cfg-if",
"libc",
@@ -605,9 +613,9 @@ dependencies = [
[[package]]
name = "hashbrown"
version = "0.14.3"
version = "0.14.5"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "290f1a1d9242c78d09ce40a5e87e7554ee637af1351968159f4952f028f75604"
checksum = "e5274423e17b7c9fc20b6e7e208532f9b19825d82dfd615708b70edd83df41f1"
[[package]]
name = "heck"
@@ -681,24 +689,6 @@ dependencies = [
"either",
]
[[package]]
name = "itertools"
version = "0.11.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "b1c173a5686ce8bfa551b3563d0c2170bf24ca44da99c7ca4bfdab5418c3fe57"
dependencies = [
"either",
]
[[package]]
name = "itertools"
version = "0.12.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "ba291022dbbd398a455acf126c1e341954079855bc60dfdda641363bd6922569"
dependencies = [
"either",
]
[[package]]
name = "itoa"
version = "1.0.11"
@@ -721,9 +711,9 @@ dependencies = [
[[package]]
name = "keccak-asm"
version = "0.1.0"
version = "0.1.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "bb8515fff80ed850aea4a1595f2e519c003e2a00a82fe168ebf5269196caf444"
checksum = "47a3633291834c4fbebf8673acbc1b04ec9d151418ff9b8e26dcd79129928758"
dependencies = [
"digest 0.10.7",
"sha3-asm",
@@ -737,9 +727,9 @@ checksum = "e2abad23fbc42b3700f2f279844dc832adb2b2eb069b2df918f455c4e18cc646"
[[package]]
name = "libc"
version = "0.2.153"
version = "0.2.155"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "9c198f91728a82281a64e1f4f9eeb25d82cb32a5de251c6bd1b5154d63a8e7bd"
checksum = "97b3888a4aecf77e811145cadf6eef5901f4782c53886191b2f693f24761847c"
[[package]]
name = "libm"
@@ -749,9 +739,9 @@ checksum = "4ec2a862134d2a7d32d7983ddcdd1c4923530833c9f2ea1a44fc5fa473989058"
[[package]]
name = "linux-raw-sys"
version = "0.4.13"
version = "0.4.14"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "01cda141df6706de531b6c46c3a33ecca755538219bd484262fa09410c13539c"
checksum = "78b3ae25bc7c8c38cec158d1f2757ee79e9b3740fbc7ccf0e59e4b08d793fa89"
[[package]]
name = "memchr"
@@ -761,9 +751,9 @@ checksum = "6c8640c5d730cb13ebd907d8d04b52f55ac9a2eec55b440c8892f40d56c76c1d"
[[package]]
name = "num"
version = "0.4.2"
version = "0.4.3"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "3135b08af27d103b0a51f2ae0f8632117b7b185ccf931445affa8df530576a41"
checksum = "35bd024e8b2ff75562e5f34e7f4905839deb4b22955ef5e73d2fea1b9813cb23"
dependencies = [
"num-bigint",
"num-complex",
@@ -775,20 +765,19 @@ dependencies = [
[[package]]
name = "num-bigint"
version = "0.4.4"
version = "0.4.5"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "608e7659b5c3d7cba262d894801b9ec9d00de989e8a82bd4bef91d08da45cdc0"
checksum = "c165a9ab64cf766f73521c0dd2cfdff64f488b8f0b3e621face3462d3db536d7"
dependencies = [
"autocfg",
"num-integer",
"num-traits",
]
[[package]]
name = "num-complex"
version = "0.4.5"
version = "0.4.6"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "23c6602fda94a57c990fe0df199a035d83576b496aa29f4e634a8ac6004e68a6"
checksum = "73f88a1307638156682bada9d7604135552957b7818057dcef22705b4d509495"
dependencies = [
"num-traits",
]
@@ -804,9 +793,9 @@ dependencies = [
[[package]]
name = "num-iter"
version = "0.1.44"
version = "0.1.45"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "d869c01cc0c455284163fd0092f1f93835385ccab5a98a0dcc497b2f8bf055a9"
checksum = "1429034a0490724d0075ebb2bc9e875d6503c3cf69e235a8941aa757d83ef5bf"
dependencies = [
"autocfg",
"num-integer",
@@ -815,11 +804,10 @@ dependencies = [
[[package]]
name = "num-rational"
version = "0.4.1"
version = "0.4.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "0638a1c9d0a3c0914158145bc76cff373a75a627e6ecbfb71cbe6f453a5a19b0"
checksum = "f83d14da390562dca69fc84082e73e548e1ad308d24accdedd2720017cb37824"
dependencies = [
"autocfg",
"num-bigint",
"num-integer",
"num-traits",
@@ -827,9 +815,9 @@ dependencies = [
[[package]]
name = "num-traits"
version = "0.2.18"
version = "0.2.19"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "da0df0e5185db44f69b44f26786fe401b6c293d1907744beaa7fa62b2e5a517a"
checksum = "071dfc062690e90b734c0b2273ce72ad0ffa95f0c74596bc250dcfd960262841"
dependencies = [
"autocfg",
"libm",
@@ -841,113 +829,11 @@ version = "1.19.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "3fdb12b2476b595f9358c5161aa467c2438859caa136dec86c26fdd2efe17b92"
[[package]]
name = "p3-baby-bear"
version = "0.1.0"
source = "git+https://github.com/Plonky3/Plonky3.git?branch=sp1#d379375a75417ddfd0a059ce7db63e162ec52c69"
dependencies = [
"num-bigint",
"p3-field",
"p3-mds",
"p3-poseidon2",
"p3-symmetric",
"rand",
"serde",
]
[[package]]
name = "p3-dft"
version = "0.1.0"
source = "git+https://github.com/Plonky3/Plonky3.git?branch=sp1#d379375a75417ddfd0a059ce7db63e162ec52c69"
dependencies = [
"p3-field",
"p3-matrix",
"p3-maybe-rayon",
"p3-util",
"tracing",
]
[[package]]
name = "p3-field"
version = "0.1.0"
source = "git+https://github.com/Plonky3/Plonky3.git?branch=sp1#d379375a75417ddfd0a059ce7db63e162ec52c69"
dependencies = [
"itertools 0.12.1",
"num-bigint",
"num-traits",
"p3-util",
"rand",
"serde",
]
[[package]]
name = "p3-matrix"
version = "0.1.0"
source = "git+https://github.com/Plonky3/Plonky3.git?branch=sp1#d379375a75417ddfd0a059ce7db63e162ec52c69"
dependencies = [
"itertools 0.12.1",
"p3-field",
"p3-maybe-rayon",
"p3-util",
"rand",
"serde",
"tracing",
]
[[package]]
name = "p3-maybe-rayon"
version = "0.1.0"
source = "git+https://github.com/Plonky3/Plonky3.git?branch=sp1#d379375a75417ddfd0a059ce7db63e162ec52c69"
[[package]]
name = "p3-mds"
version = "0.1.0"
source = "git+https://github.com/Plonky3/Plonky3.git?branch=sp1#d379375a75417ddfd0a059ce7db63e162ec52c69"
dependencies = [
"itertools 0.11.0",
"p3-dft",
"p3-field",
"p3-matrix",
"p3-symmetric",
"p3-util",
"rand",
]
[[package]]
name = "p3-poseidon2"
version = "0.1.0"
source = "git+https://github.com/Plonky3/Plonky3.git?branch=sp1#d379375a75417ddfd0a059ce7db63e162ec52c69"
dependencies = [
"gcd",
"p3-field",
"p3-mds",
"p3-symmetric",
"rand",
]
[[package]]
name = "p3-symmetric"
version = "0.1.0"
source = "git+https://github.com/Plonky3/Plonky3.git?branch=sp1#d379375a75417ddfd0a059ce7db63e162ec52c69"
dependencies = [
"itertools 0.12.1",
"p3-field",
"serde",
]
[[package]]
name = "p3-util"
version = "0.1.0"
source = "git+https://github.com/Plonky3/Plonky3.git?branch=sp1#d379375a75417ddfd0a059ce7db63e162ec52c69"
dependencies = [
"serde",
]
[[package]]
name = "parity-scale-codec"
version = "3.6.9"
version = "3.6.12"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "881331e34fa842a2fb61cc2db9643a8fedc615e47cfcc52597d1af0db9a7e8fe"
checksum = "306800abfa29c7f16596b5970a588435e3d5b3149683d00c12b699cc19f895ee"
dependencies = [
"arrayvec",
"bitvec",
@@ -959,11 +845,11 @@ dependencies = [
[[package]]
name = "parity-scale-codec-derive"
version = "3.6.9"
version = "3.6.12"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "be30eaf4b0a9fba5336683b38de57bb86d179a35862ba6bfcf57625d006bde5b"
checksum = "d830939c76d294956402033aee57a6da7b438f2294eb94864c37b0569053a42c"
dependencies = [
"proc-macro-crate 2.0.2",
"proc-macro-crate",
"proc-macro2",
"quote",
"syn 1.0.109",
@@ -986,12 +872,6 @@ dependencies = [
"ucd-trie",
]
[[package]]
name = "pin-project-lite"
version = "0.2.14"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "bda66fc9667c18cb2758a2ac84d1167245054bcf85d5d1aaa6923f45801bdd02"
[[package]]
name = "pkcs8"
version = "0.10.2"
@@ -1021,22 +901,11 @@ dependencies = [
[[package]]
name = "proc-macro-crate"
version = "1.3.1"
version = "3.1.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "7f4c021e1093a56626774e81216a4ce732a735e5bad4868a03f3ed65ca0c3919"
checksum = "6d37c51ca738a55da99dc0c4a34860fd675453b8b36209178c2249bb13651284"
dependencies = [
"once_cell",
"toml_edit 0.19.15",
]
[[package]]
name = "proc-macro-crate"
version = "2.0.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "b00f26d3400549137f92511a46ac1cd8ce37cb5598a96d382381458b992a5d24"
dependencies = [
"toml_datetime",
"toml_edit 0.20.2",
"toml_edit",
]
[[package]]
@@ -1065,9 +934,9 @@ dependencies = [
[[package]]
name = "proc-macro2"
version = "1.0.79"
version = "1.0.84"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "e835ff2298f5721608eb1a980ecaee1aef2c132bf95ecc026a11b7bf3c01c02e"
checksum = "ec96c6a92621310b51366f1e28d05ef11489516e93be030060e5fc12024a49d6"
dependencies = [
"unicode-ident",
]
@@ -1259,9 +1128,9 @@ dependencies = [
[[package]]
name = "scale-info"
version = "2.11.2"
version = "2.11.3"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "7c453e59a955f81fb62ee5d596b450383d699f152d350e9d23a0db2adb78e4c0"
checksum = "eca070c12893629e2cc820a9761bedf6ce1dcddc9852984d1dc734b8bd9bd024"
dependencies = [
"cfg-if",
"derive_more",
@@ -1271,11 +1140,11 @@ dependencies = [
[[package]]
name = "scale-info-derive"
version = "2.11.2"
version = "2.11.3"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "18cf6c6447f813ef19eb450e985bcce6705f9ce7660db221b59093d15c79c4b7"
checksum = "2d35494501194174bda522a32605929eefc9ecf7e0a326c26db1fdd85881eb62"
dependencies = [
"proc-macro-crate 1.3.1",
"proc-macro-crate",
"proc-macro2",
"quote",
"syn 1.0.109",
@@ -1321,22 +1190,22 @@ dependencies = [
[[package]]
name = "serde"
version = "1.0.197"
version = "1.0.203"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "3fb1c873e1b9b056a4dc4c0c198b24c3ffa059243875552b2bd0933b1aee4ce2"
checksum = "7253ab4de971e72fb7be983802300c30b5a7f0c2e56fab8abfc6a214307c0094"
dependencies = [
"serde_derive",
]
[[package]]
name = "serde_derive"
version = "1.0.197"
version = "1.0.203"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "7eb0b34b42edc17f6b7cac84a52a1c5f0e1bb2227e997ca9011ea3dd34e8610b"
checksum = "500cbc0ebeb6f46627f50f3f5811ccf6bf00643be300b4c3eabc0ef55dc5b5ba"
dependencies = [
"proc-macro2",
"quote",
"syn 2.0.58",
"syn 2.0.66",
]
[[package]]
@@ -1352,9 +1221,9 @@ dependencies = [
[[package]]
name = "sha3-asm"
version = "0.1.0"
version = "0.1.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "bac61da6b35ad76b195eb4771210f947734321a8d81d7738e1580d953bc7a15e"
checksum = "a9b57fd861253bff08bb1919e995f90ba8f4889de2726091c8876f3a4e823b40"
dependencies = [
"cc",
"cfg-if",
@@ -1383,7 +1252,7 @@ dependencies = [
[[package]]
name = "sp1-precompiles"
version = "0.1.0"
source = "git+https://github.com/succinctlabs/sp1.git#b4ae91969c07a37dac0c38905ee2fb7482dfbaca"
source = "git+https://github.com/succinctlabs/sp1.git?tag=v1.0.4-testnet#2ce75c6e01ab1de0969f60f917dc015fa2e1b843"
dependencies = [
"anyhow",
"bincode",
@@ -1397,23 +1266,10 @@ dependencies = [
"snowbridge-amcl",
]
[[package]]
name = "sp1-primitives"
version = "0.1.0"
source = "git+https://github.com/succinctlabs/sp1.git#b4ae91969c07a37dac0c38905ee2fb7482dfbaca"
dependencies = [
"itertools 0.12.1",
"lazy_static",
"p3-baby-bear",
"p3-field",
"p3-poseidon2",
"p3-symmetric",
]
[[package]]
name = "sp1-zkvm"
version = "0.1.0"
source = "git+https://github.com/succinctlabs/sp1.git#b4ae91969c07a37dac0c38905ee2fb7482dfbaca"
source = "git+https://github.com/succinctlabs/sp1.git?tag=v1.0.4-testnet#2ce75c6e01ab1de0969f60f917dc015fa2e1b843"
dependencies = [
"bincode",
"cfg-if",
@@ -1421,13 +1277,10 @@ dependencies = [
"k256",
"libm",
"once_cell",
"p3-baby-bear",
"p3-field",
"rand",
"serde",
"sha2",
"sp1-precompiles",
"sp1-primitives",
]
[[package]]
@@ -1465,9 +1318,9 @@ dependencies = [
[[package]]
name = "syn"
version = "2.0.58"
version = "2.0.66"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "44cfb93f38070beee36b3fef7d4f5a16f27751d94b187b666a5cc5e9b0d30687"
checksum = "c42f3f41a2de00b01c0aaad383c5a45241efc8b2d1eda5661812fda5f3cdcff5"
dependencies = [
"proc-macro2",
"quote",
@@ -1476,14 +1329,14 @@ dependencies = [
[[package]]
name = "syn-solidity"
version = "0.7.2"
version = "0.7.4"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "5aa0cefd02f532035d83cfec82647c6eb53140b0485220760e669f4bad489e36"
checksum = "b8db114c44cf843a8bacd37a146e37987a0b823a0e8bc4fdc610c9c72ab397a5"
dependencies = [
"paste",
"proc-macro2",
"quote",
"syn 2.0.58",
"syn 2.0.66",
]
[[package]]
@@ -1506,22 +1359,22 @@ dependencies = [
[[package]]
name = "thiserror"
version = "1.0.60"
version = "1.0.61"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "579e9083ca58dd9dcf91a9923bb9054071b9ebbd800b342194c9feb0ee89fc18"
checksum = "c546c80d6be4bc6a00c0f01730c08df82eaa7a7a61f11d656526506112cc1709"
dependencies = [
"thiserror-impl",
]
[[package]]
name = "thiserror-impl"
version = "1.0.60"
version = "1.0.61"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "e2470041c06ec3ac1ab38d0356a6119054dedaea53e12fbefc0de730a1c08524"
checksum = "46c3384250002a6d5af4d114f2845d37b57521033f30d5c3f46c4d70e1197533"
dependencies = [
"proc-macro2",
"quote",
"syn 2.0.58",
"syn 2.0.66",
]
[[package]]
@@ -1535,63 +1388,21 @@ dependencies = [
[[package]]
name = "toml_datetime"
version = "0.6.3"
version = "0.6.6"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "7cda73e2f1397b1262d6dfdcef8aafae14d1de7748d66822d3bfeeb6d03e5e4b"
checksum = "4badfd56924ae69bcc9039335b2e017639ce3f9b001c393c1b2d1ef846ce2cbf"
[[package]]
name = "toml_edit"
version = "0.19.15"
version = "0.21.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "1b5bb770da30e5cbfde35a2d7b9b8a2c4b8ef89548a7a6aeab5c9a576e3e7421"
checksum = "6a8534fd7f78b5405e860340ad6575217ce99f38d4d5c8f2442cb5ecb50090e1"
dependencies = [
"indexmap",
"toml_datetime",
"winnow",
]
[[package]]
name = "toml_edit"
version = "0.20.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "396e4d48bbb2b7554c944bde63101b5ae446cff6ec4a24227428f15eb72ef338"
dependencies = [
"indexmap",
"toml_datetime",
"winnow",
]
[[package]]
name = "tracing"
version = "0.1.40"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "c3523ab5a71916ccf420eebdf5521fcef02141234bbc0b8a49f2fdc4544364ef"
dependencies = [
"pin-project-lite",
"tracing-attributes",
"tracing-core",
]
[[package]]
name = "tracing-attributes"
version = "0.1.27"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "34704c8d6ebcbc939824180af020566b01a7c01f80641264eba0999f6c2b6be7"
dependencies = [
"proc-macro2",
"quote",
"syn 2.0.58",
]
[[package]]
name = "tracing-core"
version = "0.1.32"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "c06d3da6113f116aaee68e4d601191614c9053067f9ab7f6edbcb161237daa54"
dependencies = [
"once_cell",
]
[[package]]
name = "typenum"
version = "1.17.0"
@@ -1748,9 +1559,9 @@ dependencies = [
[[package]]
name = "zeroize"
version = "1.7.0"
version = "1.8.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "525b4ec142c6b68a2d10f01f7bbf6755599ca3f81ea53b8431b7dd348f5fdb2d"
checksum = "ced3678a2879b30306d323f4542626697a464a97c0a07c9aebf7ebca65cd4dde"
dependencies = [
"zeroize_derive",
]
@@ -1763,5 +1574,5 @@ checksum = "ce36e65b0d2999d2aafac989fb249189a141aee1f53c612c1f37d72631959f69"
dependencies = [
"proc-macro2",
"quote",
"syn 2.0.58",
"syn 2.0.66",
]

2
program/Cargo.toml
View File

@@ -6,4 +6,4 @@ edition = "2021"
[dependencies]
alloy-sol-types = "0.7.2"
sp1-zkvm = { git = "https://github.com/succinctlabs/sp1.git" }
sp1-zkvm = { git = "https://github.com/succinctlabs/sp1.git", tag = "v1.0.4-testnet" }

BIN
program/elf/riscv32im-succinct-zkvm-elf
View File

Binary file not shown.

2487
script/Cargo.lock generated
View File

File diff suppressed because it is too large Load Diff

11
script/Cargo.toml
View File

@@ -1,3 +1,4 @@
[workspace]
[package]
version = "0.1.0"
name = "fibonacci-script"
@@ -7,12 +8,10 @@ edition = "2021"
name = "prove"
path = "src/bin/prove.rs"
[[bin]]
name = "artifacts"
path = "src/bin/artifacts.rs"
[dependencies]
sp1-sdk = { git = "https://github.com/succinctlabs/sp1.git", rev = "v1.0.0-testnet" }
sp1-sdk = { git = "https://github.com/succinctlabs/sp1.git", tag = "v1.0.4-testnet", features = [
"plonk",
] }
serde_json = { version = "1.0", default-features = false, features = ["alloc"] }
serde = { version = "1.0", default-features = false, features = ["derive"] }
clap = { version = "4.0", features = ["derive", "env"] }
@@ -20,4 +19,4 @@ tracing = "0.1.40"
alloy-sol-types = "0.7.2"
[build-dependencies]
sp1-helper = { git = "https://github.com/succinctlabs/sp1.git", rev = "277f1b4cfee5129bd40d74748f3d241cdfa56e63" }
sp1-helper = { git = "https://github.com/succinctlabs/sp1.git", tag = "v1.0.4-testnet" }

17
script/src/bin/artifacts.rs
View File

@@ -1,17 +0,0 @@
//! Builds the proving artifacts and exports the solidity verifier.
//!
//! You can run this script using the following command:
//! ```shell
//! RUST_LOG=info cargo run --package fibonacci-script --bin artifacts --release
//! ```
use std::path::PathBuf;
fn main() {
sp1_sdk::utils::setup_logger();
tracing::info!("exporting groth16 verifier");
let contracts_src_dir = PathBuf::from(env!("CARGO_MANIFEST_DIR")).join("../contracts/src");
sp1_sdk::artifacts::export_solidity_groth16_verifier(contracts_src_dir)
.expect("failed to export verifier");
}

2
script/src/bin/prove.rs
View File

@@ -62,7 +62,7 @@ fn main() {
// Generate the proof.
let proof = client
.prove_groth16(&pk, stdin)
.prove_plonk(&pk, stdin)
.expect("failed to generate proof");
// Deserialize the public values.