Skip to content

Latest commit

 

History

History
36 lines (25 loc) · 2.1 KB

Readme.md

File metadata and controls

36 lines (25 loc) · 2.1 KB

Lambdaworks Pinocchio

This is an implementation of Pinocchio protocol using Lambdaworks. This source code is the companion of this blog post aimed at those who want to learn about SNARKs.

Understanding the code

We encourage to start by reading the blog post to understand the code.

Then, in the tests/ module you will find integration tests that will guide you through the happy path: the setup, the prover and the verifier. Each of these components can be located in their own files:

  • pinocchio/setup.rs: generates the VerificationKey and the EvaluationKey with the relevant data to construct and verify proofs. This data comes from the structure of the program P encoded as Polynomials in a QAP (Quadratic arithmetic program). To hide this data, random FieldElements are sampled as ToxicWaste and then mapped to G1Point's and G2Point's via repeated addition of the generator()'s of the curves.

  • pinocchio/prover.rs: takes the circuit encoded as a QAP and the trace of the program as FieldElements. Then, it applies the msm(...) operation in order to generate the proof elements, in this case, G1Point and G2Point hidings.

  • pinocchio/verifier.rs: verifies the proof by checking the conditions mentioned in the paper. This involves computing Pairing::compute(...) operations between a G1Pointand a G2Point.

Example

Step 1: Construct a QAP

let test_qap = new_test_r1cs().into();

Step 2: Setup providing Evaluation and Verification keys.

let (evaluation_key, verification_key) = setup(&test_qap, toxic_waste);

Step 3: The prover constructs the proof using the evaluation key, the QAP and the inputs.

let proof = generate_proof(&evaluation_key, &test_qap, &c_vector);

Step 4: The verifier checks the validity of the proof using the verification key and the public inputs.

let accepted = verify(&verification_key, &proof, &c_io_vector);