search

arnaucube / go-snark-study

zkSNARK library implementation in Go from scratch (compiler, setup, prover, verifier)
GNU General Public License v3.0
253 stars 56 forks source link

struct CircomVk in circomVerifier.go doesn't fit the structure in verification_key.json #15

Closed KimiWu123 closed 4 years ago

KimiWu123 commented 4 years ago

The definition of CircomVk is as follows, 

type CircomVk struct {
    IC          [][3]string     `json:"IC"`
    Alpha1      [3]string       `json:"vk_alfa_1"`
    Beta2       [3][2]string    `json:"vk_beta_2"`
    Gamma2      [3][2]string    `json:"vk_gamma_2"`
    Delta2      [3][2]string    `json:"vk_delta_2"`
    AlphaBeta12 [2][3][2]string `json:"vk_alpfabeta_12"` // not really used, for the moment in go-snarks calculed in verification time
}

but the content in verification_key.json is, 

{
 "protocol": "original",
 "nPublic": 5,
 "IC": [
  [
   "5909516017194887780014591301321780000892722821844951797826181001577727880581",
   "5329499221348621305139189103574471329196927280375866642048788071019202104643",
   "1"
  ],
  [
   "935644606830232956841380613504100798489330973974012775460541844770939873930",
   "10575569456856898614999681968827310750912991389249253122340224794782861723306",
   "1"
  ],
  [
   "13649240896101396584274089976767050482745318382794080050529031145918840993339",
   "15326197904619302955821217670131741587544043105130204038949145581175664774587",
   "1"
  ],
  [
   "9307940889852353280370252557168219050564177799946769537078370018295314042246",
   "5855041362972278333848450371323927750278033867635108806943844781656235322005",
   "1"
  ],
  [
   "124982495315272918975451639013355786819241664185663846673589371451292606806",
   "20681262391016500144106112622654996143553609447716826883723716804683913156762",
   "1"
  ],
  [
   "9864011402884151542868513711373687290716966969300765702995194761202006743987",
   "6570131304974335106240634366550076078020134555110080349895508895480079737884",
   "1"
  ]
 ],
 "vk_a": [
  [
   "16993970916517232918787072215560485171148895275275734264097913550596814341523",
   "14561655239558070696480617258518594818454317115154134354088942688151471434654"
  ],
  [
   "17539591511011966162678931282146724677151415891116365816155342439345331687588",
   "4894111281039109720167768199437379142242290591729170558389185095458550327253"
  ],
  [
   "1",
   "0"
  ]
 ],
 "vk_b": [
  "9370833417351582169071303381856019999732832895900772235487239911169805726294",
  "11825811660232166510973473267110121632073332173785268120046804594368464149848",
  "1"
 ],
 "vk_c": [
  [
   "5379976852419769240736652791775030796033652620609520197291715373396016788922",
   "13729786854636580766228970639243402553525736309567185663753194601443481073772"
  ],
  [
   "10556831635373590762584906017080136976623321830194525401412087699360460303347",
   "11071789529181717078902456508314481501397932640291145963269255686206235573991"
  ],
  [
   "1",
   "0"
  ]
 ],
 "vk_gb_1": [
  "13020676706334169694485790343717839573839762675949469564068359840111730423742",
  "14317282793588605212155357098733107424747707808920240057389330902625447065156",
  "1"
 ],
 "vk_gb_2": [
  [
   "6752320666226692785826718805926677936539169183442263359417457502694903063326",
   "4287864260216772869277339286129712828493361687597296567489868056737323947"
  ],
  [
   "4791863505028738810201868295092709911003827064603964120584617439254836365094",
   "15658239203464300777657848211757887883598907594419396655745053803883769664196"
  ],
  [
   "1",
   "0"
  ]
 ],
 "vk_g": [
  [
   "18264145063074449371260724550620681127732058020021986501624733718877315236801",
   "9112048515992597139276899092390461440362631965736822793567780355405831076791"
  ],
  [
   "864402203442173923232200041404356636453440030314434788833394160726283834420",
   "20692151516158122490482219340955063676904321087360402760904700903083112170729"
  ],
  [
   "1",
   "0"
  ]
 ],
 "vk_z": [
  [
   "18696209424797839679855119840690703163330172566389237106319271207584153306025",
   "9885721613966818283362183702824462488910528846717274065582590501934396091068"
  ],
  [
   "10999808962804051304605007933890825959091465559231021191472460451502797254944",
   "14971870832791303746445447351777371361664839722904519744951866320550252610584"
  ],
  [
   "1",
   "0"
  ]
 ]
}

How can I map these two? I'm willing to modify it but I need helps. Thanks.

arnaucube commented 4 years ago

Yes, the output from circom is transformed into that go struct in this line https://github.com/arnaucube/go-snark/blob/master/externalVerif/circomVerifier.go#L26 that then uses the parsers from utils module from go-snark https://github.com/arnaucube/go-snark/blob/master/utils/base10parsers.go#L456

Also, the example of verification_key.json that in the first message of this issue is with the original protocol, but the actual functionality is for the groth protocol

KimiWu123 commented 4 years ago

Sorry, I don't understand. I know the parser coming from. In the CircomVk struct, the json values are vk_alfa_1, va_beta_2... etc, but verification_key.json is using vk_a, vk_b...etc.

"but the actual functionality is for the groth protocol". Do you mean I should use groth protocol in circom when I generate circuit, setup, calculate witness?

arnaucube commented 4 years ago

'original' refears to the https://eprint.iacr.org/2013/279.pdf (Pinocchio), while the 'groth' refears to https://eprint.iacr.org/2016/260.pdf Each one have different structure of Verification Key. The externalVerificator of go-snark to verify snarkjs proofs, is for 'groth', as is the protocol usually used (as the 'original' needs more pairings computation into the verification, so is less optimal)