mirror of https://github.com/personaelabs/spartan-ecdsa.git synced 2026-01-09 14:07:54 -05:00

Go to file

Daniel Tehrani e7f7185371 Move everything under packages/

accidentally committed build files and grew the history locally (hence can't push to github due to file size limit), so recommitting all the changes in one commit

2023-01-11 21:30:14 +09:00

.cargo

Init commit

2022-12-11 14:56:43 +01:00

.vscode

Init commit

2022-12-11 14:56:43 +01:00

packages

Move everything under packages/

2023-01-11 21:30:14 +09:00

scripts

Use secq256k1 as the prime

2023-01-10 17:50:43 +09:00

.eslintrc.js

Init commit

2022-12-11 14:56:43 +01:00

.gitignore

Move everything under packages/

2023-01-11 21:30:14 +09:00

.prettierrc.json

Init commit

2022-12-11 14:56:43 +01:00

Cargo.toml

Move everything under packages/

2023-01-11 21:30:14 +09:00

package.json

Move everything under packages/

2023-01-11 21:30:14 +09:00

README.md

Update README.md

2023-01-10 17:56:32 +09:00

yarn.lock

Add tests and fix circuits

2023-01-02 15:16:32 +01:00

README.md

spartan-ecdsa

An attempt to run Spartan prover in browser.

Todos

Circom compiler that can compile to the scalar field of secq256k1.
Spartan implementation over secq256k1.
- Secq256k1 implementation based on the elliptic-curve crate.
A compiler to generate a Spartan circuit from Circom R1CS. The compiler uses Nova Scotia at its core.
Spartan prover in wasm.
Right-field ECDSA verification + membership proving circuit written in Circom.

Browser proving benchmarks

We use circuits with varying number of Poseidon hash instance (e.g. poseidon5.circom has 5 instances of Poseidon hashes).

Prover

MacBook Pro (M1 Pro)
Internet download speed: 170Mbps
Browser: Brave

Spartan NIZK

Circuit	Constraints	Full proving time	Circuit (i.e. proving key ) size	Circuit download time	Proof size
poseidon5	3045	1s	6.8 MB	320ms	12.9KB
poseidon32	19488	4.5s	43.2 MB	2s	17.4KB
poseidon256	155904	31s	345.9 MB	16s	32.8KB

Groth16

Circuit	Constraints	Full proving time	Zkey size
poseidon5	3045	950ms	4.6 MB
poseidon32	19488	3.7s	29.8 MB
poseidon256	155904	24s	238.1 MB

The prover keys are hosted on Google Cloud Storage.
We don't present the zkey download time for Groth16 due to the difficulty of benchmarking the processes inside snarkjs.
The time required to download the circuit (i.e. proving key) is a major contributor to the full proving time. For mobile applications, we could download the circuit at app installation, relieving the burden of downloading the circuit at proving time.
Spartan NIZK circuit serialization is not optimized; which is why Spartan NIZK has larger “proving keys”.

Compile prover to wasm

Install wasm-pack

curl https://rustwasm.github.io/wasm-pack/installer/init.sh -sSf | sh

Run compile script

sh ./scripts/build_wasm.sh

Compile Circom R1CS to serialized Spartan circuit instance

cargo run --release --bin gen_spartan_inst

Run compiled wasm in browser

Get into browser_benchmark dir

cd ./browser_benchmark

Install dependencies

yarn

Start server

yarn dev

Build

Switch to nightly Rust using rustup:

rustup default nightly

build

cargo build

Run tests

Before running the tests, install this fork of Circom that supports compiling to the secp256k1 base field.

git clone https://github.com/DanTehrani/circom

cd circom && cargo build --release && cargo install --path circom

Run tests

cd circuits && yarn jest

Languages

Rust 70.2%

Circom 11.6%

TypeScript 8.8%

Sage 4.8%

JavaScript 4.4%

Other 0.2%