Skip to content

Commit

Permalink
*: migrate onto [email protected] and add production CRS generation instru…
Browse files Browse the repository at this point in the history
…ctions

1. Close #3079 by using new exported [email protected] APIs.
2. Add an example and instructions for production CRS generation.

Signed-off-by: Anna Shaleva <[email protected]>
  • Loading branch information
AnnaShaleva committed Oct 4, 2023
1 parent d752f96 commit 8c828ab
Show file tree
Hide file tree
Showing 8 changed files with 347 additions and 173 deletions.
56 changes: 56 additions & 0 deletions examples/zkp/cubic_circuit/README.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,56 @@
### Example description

This example demonstrates how to create your own circuit and generate Groth-16
proof based on BLS12-381 elliptic curve points with the help of
[consensys/gnark](https://pkg.go.dev/github.com/consensys/gnark). It also shows how to generate, deploy and invoke Verifier
smart contract to verify proofs for the given circuit on the Neo chain with the
help of [zkpbindings](https://pkg.go.dev/github.com/nspcc-dev/neo-go/pkg/smartcontract/zkpbinding) NeoGo package. The package also contains circuit
tests implemented with [gnark/test](https://pkg.go.dev/github.com/consensys/gnark/test) to check the circuit validity and
end-to-end proof generation/verification test implemented with [neotest](https://pkg.go.dev/github.com/nspcc-dev/neo-go/pkg/neotest)
to demonstrate how to build, deploy and verify proofs via Verifier smart
contract for the given circuit.

### Groth-16 setup notes

Common reference string (CRS) is needed to generate proving and verifying keys
for the given constrained system. In production environment, CRS generation can
be performed via Multi-Party Computation (MPC) ceremony that includes two
phases: Phase 1 (a.k.a. Powers of Tau) that is curve-specific and those
results may be used by all circuits; and Phase 2 that is circuit-specific and
uses the result of Phase 1 as an input.

For testing setups, check out the [`TestCubicCircuit_EndToEnd`](./main_test.go)
keys generation stage. For production usage, read the information below.

Both phases for BLS12-381 curve can be implemented in the Go programming language
using the corresponding `consensys/gnark` API (see the
[test example](https://github.com/Consensys/gnark/blob/36b0b58f02d0381774b24efba0a48032e5f794b4/backend/groth16/bls12-381/mpcsetup/setup_test.go#L34))
and the example of a
[CLI tool that uses the API with BN254 elliptic curve](https://github.com/bnb-chain/zkbnb-setup)
to organize the ceremony and generate proving and verifying keys for a circuit.
However, both phases take a significant amount of time and computations to be
performed. Luckily for the developers, it is possible to omit a curve-specific
part of the MPC and reuse the existing results of Phase 1 got from a trusted
source, e.g. from [Powers of Tau ceremony](https://github.com/filecoin-project/powersoftau/)
held by the [Filecoin project](https://github.com/filecoin-project/phase2-attestations#phase1).
`TestCubicCircuit_EndToEnd_Prod` test of the current circuit example demonstrates
how to use the `response` output file from the Phase 1 of the Filecoin's Powers
of Tau ceremony for BLS12-381 curve:
* [`response8`](./response8) file is the response output from the [Powers of Tau ceremony]
with the `REQUIRED_POWER` set to 8 (to reduce computations and response file size)
that was run locally with the help of [testing script](https://github.com/filecoin-project/powersoftau/blob/master/test.sh).
To get the response file for a production environment, the user has two options:
1. Organize his own ceremony with required number of powers following the
[guide](https://github.com/filecoin-project/powersoftau/tree/master#instructions)
from the source repo.
2. Download the existing suitable `response` file from the
[attestations page](https://github.com/arielgabizon/perpetualpowersoftau#perpetual-powers-of-tau-for-bls381).
* [main_test](./main_test.go) contains the `TestCubicCircuit_EndToEnd_Prod` test
itself and demonstrates how to properly initialize Phase 2 based on the given
response file and make some dummy contributions into it.

Take the [`TestCubicCircuit_EndToEnd_Prod`](./main_test.go) test logic as a basis
while generating the circuit-specific proving and verifying keys for the production
usage. Currently, we don't have a BLS12-381 specific Groth-16 setup CLI utility
like for [https://github.com/bnb-chain/zkbnb-setup](BN254), but eventually it will
be included into the NeoGo toolkit to make the development process easier.
23 changes: 11 additions & 12 deletions examples/zkp/cubic_circuit/go.mod
Original file line number Diff line number Diff line change
Expand Up @@ -3,33 +3,32 @@ module cubic
go 1.18

require (
github.com/consensys/gnark v0.8.1
github.com/consensys/gnark-crypto v0.9.2
github.com/consensys/gnark v0.9.0
github.com/consensys/gnark-crypto v0.11.2
github.com/nspcc-dev/neo-go v0.102.0
github.com/stretchr/testify v1.8.4
)

require (
github.com/benbjohnson/clock v1.1.0 // indirect
github.com/beorn7/perks v1.0.1 // indirect
github.com/bits-and-blooms/bitset v1.7.0 // indirect
github.com/bits-and-blooms/bitset v1.8.0 // indirect
github.com/blang/semver/v4 v4.0.0 // indirect
github.com/cespare/xxhash/v2 v2.2.0 // indirect
github.com/consensys/bavard v0.1.13 // indirect
github.com/cpuguy83/go-md2man/v2 v2.0.0-20190314233015-f79a8a8ca69d // indirect
github.com/davecgh/go-spew v1.1.1 // indirect
github.com/decred/dcrd/dcrec/secp256k1/v4 v4.0.1 // indirect
github.com/fxamacker/cbor/v2 v2.4.0 // indirect
github.com/fxamacker/cbor/v2 v2.5.0 // indirect
github.com/golang/protobuf v1.5.3 // indirect
github.com/golang/snappy v0.0.1 // indirect
github.com/google/pprof v0.0.0-20230207041349-798e818bf904 // indirect
github.com/google/pprof v0.0.0-20230817174616-7a8ec2ada47b // indirect
github.com/google/uuid v1.3.0 // indirect
github.com/gorilla/websocket v1.4.2 // indirect
github.com/hashicorp/golang-lru v0.6.0 // indirect
github.com/holiman/uint256 v1.2.0 // indirect
github.com/kr/text v0.2.0 // indirect
github.com/mattn/go-colorable v0.1.12 // indirect
github.com/mattn/go-isatty v0.0.14 // indirect
github.com/mattn/go-colorable v0.1.13 // indirect
github.com/mattn/go-isatty v0.0.19 // indirect
github.com/matttproud/golang_protobuf_extensions v1.0.1 // indirect
github.com/mmcloughlin/addchain v0.4.0 // indirect
github.com/mr-tron/base58 v1.2.0 // indirect
Expand All @@ -40,8 +39,7 @@ require (
github.com/prometheus/client_model v0.2.0 // indirect
github.com/prometheus/common v0.37.0 // indirect
github.com/prometheus/procfs v0.8.0 // indirect
github.com/rogpeppe/go-internal v1.11.0 // indirect
github.com/rs/zerolog v1.29.0 // indirect
github.com/rs/zerolog v1.30.0 // indirect
github.com/russross/blackfriday/v2 v2.0.1 // indirect
github.com/shurcooL/sanitized_anchor_name v1.0.0 // indirect
github.com/syndtr/goleveldb v1.0.1-0.20210305035536-64b5b1c73954 // indirect
Expand All @@ -58,10 +56,11 @@ require (
golang.org/x/sys v0.11.0 // indirect
golang.org/x/term v0.11.0 // indirect
golang.org/x/text v0.12.0 // indirect
golang.org/x/tools v0.11.1 // indirect
golang.org/x/tools v0.12.1-0.20230815132531-74c255bcf846 // indirect
google.golang.org/genproto/googleapis/rpc v0.0.0-20231002182017-d307bd883b97 // indirect
google.golang.org/protobuf v1.31.0 // indirect
gopkg.in/yaml.v3 v3.0.1 // indirect
rsc.io/tmplfunc v0.0.3 // indirect
)

replace github.com/nspcc-dev/neo-go => ../../../
replace github.com/nspcc-dev/neo-go => ../../../
Loading

0 comments on commit 8c828ab

Please sign in to comment.