search

akosba / jsnark

A Java library for zk-SNARK circuits
MIT License
207 stars 85 forks source link

Simple verification circuit #9

Closed hasinitg closed 5 years ago

hasinitg commented 5 years ago

Hi Ahmed @akosba,

As discussed at the end of issue https://github.com/akosba/jsnark/issues/1, this is my first step in creating a verification circuit using jsnark for a statement which includes both private and public inputs. This is the example given in the part 1 of ZCash blog on explaining SNARK. (If you change values for any of the variables x, y, z, such that the statement : x + y = z does not hold, jsnark will throw an error. Otherwise, proof/verification using ZK-SNARK via libsnark runs fine)

My end goal is to: i) create more complex verification circuits and ii) seperating the three steps: key generation, proof and verification (as we discussed offline). Following I include the .arith file and .in files obtained when running this simple circuit.

.aith file total 6 input 0 # The one-input wire. const-mul-0 in 1 <0> out 1 <1> input 2 nizkinput 3 nizkinput 4 add in 2 <3 4> out 1 <5> assert in 2 <2 0> out 1 <5>

.in file 0 1 2 7 3 2 4 5

With your expertise on libsnark, do you think that it will be possible to hide the inputs marked as nizkinput in the .arith file copied above, when submitting the inputs to the verifier (after the aforementioned separation) via jsnark-libsnark interface? (I do not expect any details about how to do it, which I can try by myself with the pointers you have provided offline. I am only curious to know if such thing is possbile with the verification circuits involving both secret and public inputs)

Thank you very much.

edoardopuggioni commented 4 years ago

Dear @hasinitg,

the code you provided in the commit " adding a simple example of a verification circuit (the example given in zcash blog on explaining SNARK.)" was super useful for me.

As you said in the first comment here, my goals are also to i) create more complex verification circuits and ii) seperate the three steps: key generation, proof and verification. Do you have any suggestions or code you can provide for helping me achieving those goals? Your help would be greatly appreciated.

I also sent you an email before finding this post, with similar questions about jsnark, after reading your paper (PrivIdEx). I don't know if the email address indicated in that paper is still active.

Thank you for your time, Edoardo