Open thebor1337 opened 7 months ago
pragma circom 2.0.0; template Num2Bits(n) { signal input in; signal output out[n]; var lc1=0; var e2=1; for (var i = 0; i<n; i++) { out[i] <-- (in >> i) & 1; out[i] * (out[i] -1 ) === 0; lc1 += out[i] * e2; e2 = e2+e2; } lc1 === in; } component main = Num2Bits(8);
Compiler returns R1CS with simplification:
[INFO] snarkJS: [ 218882428718392752222464057452572750885483644004160343436982041865758084956161 +main.out[0] ] * [ main.out[0] ] - [ ] = 0 [INFO] snarkJS: [ 218882428718392752222464057452572750885483644004160343436982041865758084956161 +main.out[1] ] * [ main.out[1] ] - [ ] = 0 [INFO] snarkJS: [ 218882428718392752222464057452572750885483644004160343436982041865758084956161 +main.out[2] ] * [ main.out[2] ] - [ ] = 0 [INFO] snarkJS: [ 218882428718392752222464057452572750885483644004160343436982041865758084956161 +main.out[3] ] * [ main.out[3] ] - [ ] = 0 [INFO] snarkJS: [ 218882428718392752222464057452572750885483644004160343436982041865758084956161 +main.out[4] ] * [ main.out[4] ] - [ ] = 0 [INFO] snarkJS: [ 218882428718392752222464057452572750885483644004160343436982041865758084956161 +main.out[5] ] * [ main.out[5] ] - [ ] = 0 [INFO] snarkJS: [ 218882428718392752222464057452572750885483644004160343436982041865758084956161 +main.out[6] ] * [ main.out[6] ] - [ ] = 0 [INFO] snarkJS: [ 218882428718392752222464057452572750885483644004160343436982041865758084956161 +main.out[7] ] * [ main.out[7] ] - [ ] = 0
And this is without simplification (--O0 flag):
[INFO] snarkJS: [ 218882428718392752222464057452572750885483644004160343436982041865758084956161 +main.out[0] ] * [ main.out[0] ] - [ ] = 0 [INFO] snarkJS: [ 218882428718392752222464057452572750885483644004160343436982041865758084956161 +main.out[1] ] * [ main.out[1] ] - [ ] = 0 [INFO] snarkJS: [ 218882428718392752222464057452572750885483644004160343436982041865758084956161 +main.out[2] ] * [ main.out[2] ] - [ ] = 0 [INFO] snarkJS: [ 218882428718392752222464057452572750885483644004160343436982041865758084956161 +main.out[3] ] * [ main.out[3] ] - [ ] = 0 [INFO] snarkJS: [ 218882428718392752222464057452572750885483644004160343436982041865758084956161 +main.out[4] ] * [ main.out[4] ] - [ ] = 0 [INFO] snarkJS: [ 218882428718392752222464057452572750885483644004160343436982041865758084956161 +main.out[5] ] * [ main.out[5] ] - [ ] = 0 [INFO] snarkJS: [ 218882428718392752222464057452572750885483644004160343436982041865758084956161 +main.out[6] ] * [ main.out[6] ] - [ ] = 0 [INFO] snarkJS: [ 218882428718392752222464057452572750885483644004160343436982041865758084956161 +main.out[7] ] * [ main.out[7] ] - [ ] = 0 [INFO] snarkJS: [ ] * [ ] - [ 21888242871839275222246405745257275088548364400416034343698204186575808495616main.out[0] +21888242871839275222246405745257275088548364400416034343698204186575808495615main.out[1] +21888242871839275222246405745257275088548364400416034343698204186575808495613main.out[2] +21888242871839275222246405745257275088548364400416034343698204186575808495609main.out[3] +21888242871839275222246405745257275088548364400416034343698204186575808495601main.out[4] +21888242871839275222246405745257275088548364400416034343698204186575808495585main.out[5] +218
So after simplification, it removes the last constraint that checks the sum of bits and the original input. I miss something or this is a big bug?
Compiler returns R1CS with simplification:
And this is without simplification (--O0 flag):
So after simplification, it removes the last constraint that checks the sum of bits and the original input. I miss something or this is a big bug?