search

iden3 / circom_old

Circuit compiler for zkSNARKs
GNU General Public License v3.0
471 stars 82 forks source link

Question: how should I format the input to the Sha256_2 circuit? #14

Closed weijiekoh closed 5 years ago

weijiekoh commented 5 years ago

I really appreciate your work on the Sha256_2 circuit implementation. It's very useful, especially because it enables useful ZKPs, such as those which use commit-reveal schemes.

I was wondering how exactly to format the input to the Sha256_2 circuit. It accepts a and b, and the corresponding input to the JS sha256 function uses a Buffer of length 54.

In test/sha256.js:

Circuit input: { "a": "1", "b": "0" } JS hash of the same data:

const b = new Buffer.alloc(54);
b[26] = 1;
b[53] = 2;
const hash = crypto.createHash("sha256").update(b).digest('hex')

However, what if I have data of a different format? Let's say I want to compute the sha256 hash of a unicode string Hello, world or the number 1234. How should I format the circuit's a, and b inputs, as well as the JS Buffer?

Thank you!

weijiekoh commented 5 years ago

To answer my own question:

The SHA256 circuit accepts a 54-byte input, split up into two variables a and b.

To encode the number 0x00000001:

Set the buffer in JS as such: b[53] = 1; Set the circom witness as such: {a: 0, b: 1}

To encode the number 256:

Set the buffer in JS as such: b[52] = 1; Set the circom witness as such: {a: 0, b: 256}

256 in binary is 100000000, so b[53] == 0 and b[52] == 1