Skip to content

Commit

Permalink
Renaming package to libzeropool-zkbob (multicore-wasm + direct_deposi…
Browse files Browse the repository at this point in the history
…ts) (#12)

* use the multicore version of fawkes-crypto

* Reduce number of runtime allocations (#5)

* Replace try_to_vec with serialize

* Try to decrypt not in place

* Implement decrypt account, note and ss in place

* Deserialize only necessary note hashes

* Fix Cargo.toml

* Refactor symcipher_decode

* Bump version

Co-authored-by: Evgen <evgen2k7@yandex.ru>

* Set fawkes-crypto version: 4.3.4 (#6)

* Uses https instead of ssh for fawkes-crypto (#7)

* Feature/delegated deposits v2 (#11)

* Add snark for verifying delegated deposits

* delegated deposits fix & tests covered

* change number of delegated deposits to 16

* add 0xffffffff prefix for message

* join all snarks into one for delegated deposits

* remove tree update from delegated deposit snark

* Fix dependencies

* remove out_commitment from dd secret inputs

---------

Co-authored-by: Igor Gulamov <igor.gulamov@gmail.com>
Co-authored-by: Vladimir Popov <rowdyme0@gmail.com>
Co-authored-by: Alexander Filippov <aleksander.fill@gmail.com>

* Renaming package (libzeropool-zkbob)

* Updating gitignore

* Changing fawkes-crypto branch

---------

Co-authored-by: vms <michail.vms@gmail.com>
Co-authored-by: Alexander Filippov <aleksander.fill@gmail.com>
Co-authored-by: Igor Gulamov <igor.gulamov@gmail.com>
Co-authored-by: Vladimir Popov <rowdyme0@gmail.com>
  • Loading branch information
5 people authored Feb 15, 2023
1 parent 0f406f4 commit 449ef3a
Show file tree
Hide file tree
Showing 21 changed files with 664 additions and 99 deletions.
2 changes: 2 additions & 0 deletions .cargo/config.toml
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
[net]
git-fetch-with-cli = true
12 changes: 11 additions & 1 deletion .gitignore
Original file line number Diff line number Diff line change
Expand Up @@ -14,4 +14,14 @@ Cargo.lock

/target

.vscode
.vscode
.idea/*

#Generated data
**_inputs.json
**_object.json
**_params.bin
**_proof.json
**_key.json
**_verifier.sol
*.DS_Store
34 changes: 25 additions & 9 deletions Cargo.toml
Original file line number Diff line number Diff line change
@@ -1,10 +1,12 @@
[package]
name = "libzeropool"
version = "0.5.6"
name = "libzeropool-zkbob"
version = "0.6.0"
authors = ["Igor Gulamov <igor.gulamov@gmail.com>"]
homepage = "https://github.com/zkbob/libzeropool"
repository = "https://github.com/zkbob/libzeropool"
edition = "2018"
license = "MIT OR Apache-2.0"
description = "zk-SNARK circuit and cryptography for ZeroPool"
description = "zk-SNARK circuit and cryptography for zkBob"

[lib]
crate-type = ["rlib"]
Expand All @@ -17,17 +19,27 @@ name = "libzeropool-setup"
required-features = ["cli_libzeropool_setup"]

[dependencies]
fawkes-crypto = { version = "4.3.3", features = ["rand_support"] }


sha3 = "0.9.1"
serde = { version = "1.0", features = ["derive"] }
serde_json = { version = "1.0"}
lazy_static = "1.4.0"
chacha20poly1305 = "0.8.0"
chacha20poly1305 = { version = "0.8.0", features = ["heapless"] }
clap={ package = "clap-v3", version = "3.0.0-beta.1", optional=true}
convert_case = "0.4.0"

[dependencies.fawkes-crypto]
git = "https://github.com/zkBob/fawkes-crypto"
branch = "master"
package = "fawkes-crypto-zkbob"
version = "4.5.0"
features = ["rand_support"]

[dependencies.fawkes-crypto-keccak256]
git = "https://github.com/zkbob/keccak"
branch = "master"
package = "fawkes-crypto-zkbob-keccak256"
version = "0.1.1"

[features]
in1out127=[]
in3out127=[]
Expand All @@ -36,5 +48,9 @@ in15out127=[]
cli_libzeropool_setup = ["clap", "fawkes-crypto/rand_support", "fawkes-crypto/backend_bellman_groth16"]
default=["cli_libzeropool_setup", "in3out127"]

[dev-dependencies]
fawkes-crypto = { version = "4.3.3", features = ["rand_support", "backend_bellman_groth16"] }
[dev-dependencies.fawkes-crypto]
git = "https://github.com/zkBob/fawkes-crypto"
branch = "master"
package = "fawkes-crypto-zkbob"
version = "4.5.0"
features = ["rand_support", "backend_bellman_groth16"]
9 changes: 9 additions & 0 deletions README.md
Original file line number Diff line number Diff line change
@@ -1,3 +1,12 @@
# libzeropool-zkbob

This is libzeropool core library adapted for (zkBob)[https://zkbob.com/] solution
It was forked from (original ZeroPool repository)[https://github.com/zeropoolnetwork/libzeropool]
This library published in crates.io with the title libzeropool-zkbob

The undderlying dependency of this library: fawkes-crypto-zkbob
This library used by: libzkbob-rs (core zkbob library)

# libzeropool

This is library with circuits and cryptography of ZeroPool.
Expand Down
1 change: 1 addition & 0 deletions src/.gitignore
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
*.DS_Store
132 changes: 132 additions & 0 deletions src/circuit/delegated_deposit.rs
Original file line number Diff line number Diff line change
@@ -0,0 +1,132 @@
use crate::fawkes_crypto::circuit::{
bool::CBool,
num::CNum,
bitify::{c_into_bits_le_strict, c_into_bits_le, c_from_bits_le},
cs::{RCS, CS}
};
use crate::fawkes_crypto::ff_uint::{PrimeFieldParams, Num};
use crate::fawkes_crypto::core::{
signal::Signal,
sizedvec::SizedVec
};
use crate::circuit::{
boundednum::CBoundedNum,
note::CNote,
tx::c_out_commitment_hash,
};
use crate::native::{
params::PoolParams,
note::Note,
boundednum::BoundedNum,
account::Account,
delegated_deposit::{DelegatedDeposit, DelegatedDepositBatchPub, DelegatedDepositBatchSec}
};
use crate::constants::{DIVERSIFIER_SIZE_BITS, BALANCE_SIZE_BITS, DELEGATED_DEPOSITS_NUM, OUT};
use fawkes_crypto_keccak256::circuit::hash::c_keccak256;

#[derive(Clone, Signal)]
#[Value = "DelegatedDeposit<C::Fr>"]
pub struct CDelegatedDeposit<C:CS> {
pub d: CBoundedNum<C, { DIVERSIFIER_SIZE_BITS }>,
pub p_d: CNum<C>,
pub b: CBoundedNum<C, { BALANCE_SIZE_BITS }>,
}



pub fn num_to_iter_bits_be<C:CS>(n:&CNum<C>) -> impl Iterator<Item=CBool<C>> {
assert!(C::Fr::MODULUS_BITS <= 256);
let bits = c_into_bits_le_strict(n);
let zero = n.derive_const(&false);
let bits_le = bits.into_iter().chain(std::iter::repeat(zero)).take(256).collect::<Vec<_>>();
let bits_be = bits_le.chunks(8).rev().flatten().cloned().collect::<Vec<_>>();
bits_be.into_iter()
}


pub fn boundednum_to_iter_bits_be<C:CS, const L:usize>(n:&CBoundedNum<C, L>) -> impl Iterator<Item=CBool<C>> {
assert!(L < C::Fr::MODULUS_BITS as usize);
assert!(L%8 == 0);
let bits_le = c_into_bits_le(n.as_num(), L);
let bits_be = bits_le.chunks(8).rev().flatten().cloned().collect::<Vec<_>>();
bits_be.into_iter()
}

impl<C:CS> CDelegatedDeposit<C> {
pub fn to_note(&self) -> CNote<C> {
let cs = self.d.get_cs();
CNote {
d: self.d.clone(),
p_d: self.p_d.clone(),
b: self.b.clone(),
t: CBoundedNum::new(&CNum::from_const(cs, &Num::ZERO))
}
}

// convert to iter over bits be
pub fn to_iter_bits_be(&self) -> impl Iterator<Item=CBool<C>> {
boundednum_to_iter_bits_be(&self.d)
.chain(num_to_iter_bits_be(&self.p_d))
.chain(boundednum_to_iter_bits_be(&self.b))
}

}

#[derive(Clone, Signal)]
#[Value = "DelegatedDepositBatchPub<C::Fr>"]
pub struct CDelegatedDepositBatchPub<C:CS> {
pub keccak_sum: CNum<C>
}

#[derive(Clone, Signal)]
#[Value = "DelegatedDepositBatchSec<C::Fr>"]
pub struct CDelegatedDepositBatchSec<C:CS> {
pub deposits: SizedVec<CDelegatedDeposit<C>, DELEGATED_DEPOSITS_NUM>
}

fn c_keccak256_be_reduced<C:CS>(cs:&RCS<C>, bits:&[CBool<C>]) -> CNum<C> {
let keccak_bits_be = c_keccak256(cs, &bits);
let keccak_bits_le = keccak_bits_be.as_slice().chunks(8).rev().flatten().cloned().collect::<Vec<_>>();
c_from_bits_le(&keccak_bits_le)
}

pub fn check_delegated_deposit_batch<C:CS, P:PoolParams<Fr=C::Fr>>(
p: &CDelegatedDepositBatchPub<C>,
s: &CDelegatedDepositBatchSec<C>,
params: &P
) {
assert!(DELEGATED_DEPOSITS_NUM <= OUT);
let cs = p.get_cs();

let c_zero_account_hash = CNum::from_const(cs, &Account {
d:BoundedNum::ZERO,
p_d:Num::ZERO,
i:BoundedNum::ZERO,
b:BoundedNum::ZERO,
e:BoundedNum::ZERO,
}.hash(params));

let c_zero_note_hash = CNum::from_const(cs, &Note {
d:BoundedNum::ZERO,
p_d:Num::ZERO,
b:BoundedNum::ZERO,
t:BoundedNum::ZERO
}.hash(params));


let out_hash = std::iter::once(c_zero_account_hash)
.chain(s.deposits.iter().map(|d| d.to_note().hash(params)))
.chain(std::iter::repeat(c_zero_note_hash)).take(OUT+1).collect::<Vec<_>>();

let out_commitment_hash = c_out_commitment_hash(&out_hash, params);

let bits:Vec<_> = num_to_iter_bits_be(&out_commitment_hash)
.chain(
s.deposits.iter().flat_map(
|d| d.to_iter_bits_be()
)).collect();

c_keccak256_be_reduced(cs, &bits).assert_eq(&p.keccak_sum);

}

3 changes: 2 additions & 1 deletion src/circuit/mod.rs
Original file line number Diff line number Diff line change
Expand Up @@ -3,4 +3,5 @@ pub mod boundednum;
pub mod account;
pub mod note;
pub mod key;
pub mod tree;
pub mod tree;
pub mod delegated_deposit;
16 changes: 14 additions & 2 deletions src/constants/mod.rs
Original file line number Diff line number Diff line change
Expand Up @@ -15,8 +15,10 @@ pub const ENERGY_SIZE_BITS: usize = BALANCE_SIZE_BITS+HEIGHT;
pub const SALT_SIZE_BITS: usize = 80;
pub const POOLID_SIZE_BITS: usize = 24;

pub const DELEGATED_DEPOSITS_NUM:usize = 16;

pub const POLY_1305_TAG_SIZE: usize = 16;
pub const U256_SIZE:usize = 32;
pub const U256_SIZE: usize = 32;

pub fn num_size_bits<Fp:PrimeFieldParams+Sized>() -> usize {
Fp::Inner::NUM_WORDS*Fp::Inner::WORD_BITS
Expand All @@ -32,4 +34,14 @@ pub fn account_size_bits<Fp:PrimeFieldParams>() -> usize {


//fist 12 bytes from keccak256("ZeroPool")
pub const ENCRYPTION_NONCE: [u8;12] = [0x5b, 0xbd, 0xff, 0xc6, 0xfe, 0x73, 0xc4, 0x60, 0xf1, 0xb2, 0xb8, 0x5d];
pub const ENCRYPTION_NONCE: [u8;12] = [0x5b, 0xbd, 0xff, 0xc6, 0xfe, 0x73, 0xc4, 0x60, 0xf1, 0xb2, 0xb8, 0x5d];

/// Size of prealloced buffer for shared secrets decryption.
/// It's enough for shared secrets with 10 or less keys.
pub const SHARED_SECRETS_HEAPLESS_SIZE: usize = 32 * 10 + 16;
/// Size of prealloced buffer for account decryption.
/// 86 bytes is an account size for bls12-381, buffer needs 16-bytes overhead for auth tag.
pub const ACCOUNT_HEAPLESS_SIZE: usize = 86 + 16;
/// Size of prealloced buffer for note decryption.
/// 76 bytes is a note size for bls12-381, buffer needs 16-bytes overhead for auth tag.
pub const NOTE_HEAPLESS_SIZE: usize = 76 + 16;
Loading

0 comments on commit 449ef3a

Please sign in to comment.