ZoKrates proofs verification

[madiazp]

Hi.

Are you open to add a module that can verify ZoKrates-generated proofs? a ZoKrates proof with the G16 scheme and 6 public inputs looks like:

{
        "proof": {
            "a": ["0x191ab9b49613733439c8be508a2094f613b44528af0ef5756ea7688c2b931873", "0x04eea6063f3ef8f8db527eceb3fa63e9189f8254b64e7339fcc624963f519a52"],
            "b": [["0x0ff35ce48929fabb88282b2a748e6dbf7362ec42a989d75ac8645afcd053623d", "0x2f3f150cfd8f2eeaa78e8e10bf84de980d115926445cc2cb539ec1b7c7cd16d1"], ["0x083e07af4ffe03880bc03d899cf41a9af14fb9abe26115605a6dc27a013962cb", "0x28461215b5836bc7628930cde32483fc3ad766568af915f8d0394a2350354515"]],
            "c": ["0x01d8e6ba90b2aad6c0acaa7bd3a3e3c6b18d6ddf977752d41aaa6d13f01a614b", "0x1ca36d81667b17964d3b62a6ef47a30c01dba412379083e56f2972cbc47aecd5"]
        },
        "inputs": ["0x00000000000000000000000000000000da928e00e561c2f6abb2ea0102e4cac4", "0x000000000000000000000000000000005ad79a4c125d571028cb04cd2d2ce9e2", "0x000000000000000000000000000000001d12e8c0deb43e3837ac911f3f353752", "0x0000000000000000000000000000000017470d5cca56d643a97286ab31dafa50", "0x0000000000000000000000000000000000000000000000000000000000000001"]
    }

And its Vk:

vk.alpha = 0x1b8a0e10ff76952250efc94dc03c4cd617293fa3e1f56c5b2d0dd6814ab6d675, 0x2b872d445add5133e039f75427df83d08f216704605fe7b960534f94ffe33c98
    vk.beta = [0x14e250ae4237b4a4ba55b4d9f21b1f615c2e9eafe7e3234f8b39c6a752470396, 0x1fea4c6a218196c0e578e90c81f15847d3636e9c04e39e335eaf3992fc91a4b1], [0x03fb83276df91a8aacc4a280b4545ded2e5bc998f964bc7205910ab90d9380fe, 0x1c9782af49fd90f95cb0cae44558ef25dd122d846b290cb6dc87ad4f33ef813e]
    vk.gamma = [0x028023c5712c517b0bcedbd00d5455b760b52709dc305772506b789e805113e5, 0x2365969661bdaaf6e1e5adfcbd7cacc8736dd302e00e2f003f2489addcb646af], [0x0705eacfffbaf5ccab873f206913619134fa51a43a038c57910fdb3dab757c1c, 0x076d62b66ade35d0e45dc51792ed9d3798f274d6f93537205ab06481d3e441d2]
    vk.delta = [0x0d727c95344efc6cf6c9e0c9d5030f15508532ca7f836686159e2c0c635e5948, 0x15336896df65efce71bef61a4672243212d811079f36eaf4dab43294a93ac306], [0x063c622a3a28840e83f593f194b95b9b2a8a581486c0bcb3ecfcad09c9121770, 0x0c455cddcbac3111e3d00a1c96cd11715126fa3bc911c54286c7862706965afd]
    vk.gamma_abc.len() = 6
    vk.gamma_abc[0] = 0x157f9e70350b3a98896e4a7c626755f8f81718e2220f31e03a4c250cb8cb6c3b, 0x1505a3cd8b1aebb8c0443586b6d46848a5b50e9b7e669f019b39c63ee860e65b
vk.gamma_abc[1] = 0x0dc15d6f279737901273d6dbc31f87d2586a33033e4de0a335ca47736f500452, 0x1fa5e42c68caa132e44a943ce879d1c781d30907a706066262cec8117274f0bf
vk.gamma_abc[2] = 0x1dc771a6a6116c8e50d17de342079292511b623a788ea2b79785f7bcd4372c5c, 0x2c46bf3531f38eb4e4d630fcd79fe59edfb447d9589905dca8eddef6bffecb9d
vk.gamma_abc[3] = 0x2faf50b1ac2ebf8aa3ca25a67e9d293c623c8e85b6efa1c7e29a1699109ae56c, 0x26b11b2ed0dc9a3708cdc53879c616017187eca9afb97f6f083eab5bd995cd3e
vk.gamma_abc[4] = 0x1073a08ce3da5f7566b2de1780b4f2eeed3efd269a261fa2f761dcbce4d6b969, 0x2ed8b9658409f01aa30500f711a95f728d657dfc8b78adcc0693a9f57df69835
vk.gamma_abc[5] = 0x0a3e9ac2454a73bc3d7dfe4ed5c6dd2974185a171930ff2efff39c4ffd86a23a, 0x0d1a5e8ee989276b47fb8a68b19163143046d96aeac102bb9c4015abad777c2f

An implementation of this is actually straight forward I think. It needs a Hex then a Jacobian coordinate conversion and then only use your modules for Groth16. I can do a PR with a little module that do this if you feel like it.

[arnaucube]

Hi, yes for sure! Like five months ago I've added the verification of proofs generated by snarkjs & websnark, and my plan was to add verification for proofs generated by bellman, but didn't continued. Should not take much time, as is just a matter of parsing & converting the inputs as you comment, if I have free time next days I'll take a look, but if you want to do it feel free :)

[madiazp]

Nice, I've started already. My problem is that I'm not that familiar with the prime fields. What is this NonResidue in the Fq2 definition?

[madiazp]

I'm having an issue with the points, they won't work. Here more details

[madiazp]

I couldn't use go-snark to address this issue but I finally solve this with the clearmatics/bn256 package. If you're interested in that I can upload the code to use it as reference if you want to add a ZoKrates verification functionality.

[arnaucube]

Hi @madiazp maybe this can be useful for this case https://github.com/arnaucube/go-bellman-verifier