interface with snarkjs

Author: meilof

.gitignore

@@ -10,6 +10,7 @@ examples/pysnark_*
 examples/out
 MANIFEST.in
 qaptools/*
+examples/*.json
 examples/contracts/*
 examples/test/*
 examples/migrations/*

README.md

@@ -22,6 +22,7 @@ Features:
 
 * Support Unix platforms (Linux, Mac OS X, ...) and Windows
 * Automatically produce Solidity smart contracts
+* Automatically produce snarkjs verification key/proof/public values
 * Support for [integer arithmetic](https://github.com/meilof/pysnark/blob/master/pysnark/runtime.py#L179), [linear algebra](https://github.com/meilof/pysnark/blob/master/pysnark/linalg.py#L3), [arrays with conditional indexing](https://github.com/meilof/pysnark/blob/master/pysnark/array.py#L36), [if statements](https://github.com/meilof/pysnark/blob/master/pysnark/branching.py#L10) and [branching](https://github.com/meilof/pysnark/blob/master/pysnark/branching.py#L132), and [hashing](https://github.com/meilof/pysnark/blob/master/pysnark/hash.py#L61); see provided [examples](https://github.com/meilof/pysnark/tree/master/examples)
 
 PySNARK may be used for non-commercial, experimental and research purposes; see `LICENSE.md` for details. 
@@ -88,6 +89,22 @@ By default, if available, the libsnark backend will be used. In this case, the f
 * `pysnark_log`: computation log that can be verified with the `pysnark_vk` key: number of inputs/outputs, followed by the inputs/outputs themselves, followed by a proof that the input/outputs were correctly computed 
 
 
+### Combining with snarkjs
+
+PySNARK with the libsnark backend can automatically produce snarkjs `public.json`, `proof.json` and `verification_key.json` files for the performed verifiable computation:
+
+```
+meilofs-air:examples meilof$ python3 cube.py 33
+The cube of 33 is 35937
+*** Trying to read pysnark_ek
+*** PySNARK: generating proof pysnark_log (sat=True, #io=2, #witness=2, #constraint=3)
+*** Public inputs: 33 35937
+*** Verification status: True
+meilofs-air:examples meilof$ python3 -m pysnark.libsnark.tosnarkjs
+meilofs-air:examples meilof$ snarkjs verify
+OK
+```
+
 ## Using PySNARK (qaptools backend)
 
 We discuss the usage of the PySNARK toolchain based on running one of the provided examples acting as each

TODO

@@ -1,6 +1,8 @@
+* write_proof: do non-binary output; check: should be montgomery or not?
+* write_proof does not actually work; convert to public.json, proof.json,
+  verification_key.json; output human readable ver key (see ~/temp/factor/)
+
 * documenteren
-* port smart contracts
-* source release
 * setup.py: detect which depends/ are available, also allow to use exes, even .exe windows...
   also: put in version
 
@@ -30,7 +32,7 @@
    - remove it? produces counter-intuitive results...
    - or check why it does not help that much
 * dealing with huge values, e.g., compute 2^10000 gives segfault
-  time python3 exp.py 2 10000
+  time python3 exp.py 2 10000; do lincomb.reduce() to -p/2,p/2; let nobackend rerurn 2^64 as modulus?
 * TypeError instead of ValueError?
 * remove gtest 
 * solve double dependency thing?

depends/python-libsnark

@@ -56,7 +56,8 @@ def prove():
            ")")
 
     proof=libsnark.zks_prover(keypair.pk, pubvals, privvals);
-    verified=libsnark.zks_verifier_strong_IC(keypair.vk, pubvals, proof);
+    verified=libsnark.zks_verifier_strong_IC(keypair.vk, pubvals, proof)
+    libsnark.write_proof(proof, pubvals, "pysnark_log")
 
     print("*** Public inputs: " + " ".join([str(pubvals.at(i)) for i in range(pubvals.size())]))
     print("*** Verification status:", verified)

pysnark/libsnark/backend.py

@@ -0,0 +1,58 @@
+vkin = open("pysnark_vk", "r")
+vkout = open("verification_key.json", "w")
+
+print('{', file=vkout)
+print(' "protocol": "original",', file=vkout)
+
+def process_g2(nm, fin, fout):
+    a1=list(map(lambda x:x.strip(),next(fin).split(" ")))
+    a2=list(map(lambda x:x.strip(),next(fin).split(" ")))
+    print(' "' + nm + '": [', file=fout)
+    print('   [ "' + a1[0] + '", "' + a1[1] + '"],', file=fout)
+    print('   [ "' + a2[0] + '", "' + a2[1] + '"],', file=fout)
+    print('   [ "1", "0" ] ],', file=fout)
+
+def process_g1(nm, fin, fout):
+    b=[next(fin).strip(), next(fin).strip()]
+    print(' "' + nm + '": ["' + b[0] + '", "' + b[1] + '", "1" ],', file=fout)
+
+process_g2("vk_a", vkin, vkout)
+process_g1("vk_b", vkin, vkout)
+process_g2("vk_c", vkin, vkout)
+process_g2("vk_g", vkin, vkout)
+process_g1("vk_gb_1", vkin, vkout)
+process_g2("vk_gb_2", vkin, vkout)
+process_g2("vk_z", vkin, vkout)
+
+nin = int(next(vkin).strip())
+print(' "nPublic": ' + str(nin-1) + ',', file=vkout)
+
+print(' "IC": [', file=vkout)
+for i in range(nin):
+    b=[next(vkin).strip(), next(vkin).strip()]
+    print('  ["' + b[0] + '", "' + b[1] + '", "1"]' + (',' if i!=nin-1 else ''), file=vkout)
+print(' ]', file=vkout)
+print('}', file=vkout)
+
+login = open("pysnark_log", "r")
+pubout = open("public.json", "w")
+proofout = open("proof.json", "w")
+
+npub = int(next(login).strip())
+
+print('[', file=pubout)
+for i in range(npub):
+    print('  "' + next(login).strip() + '"' + (',' if i!=npub-1 else ''), file=pubout)
+print(']', file=pubout)
+
+print('{', file=proofout)
+process_g1("pi_a", login, proofout)
+process_g1("pi_ap", login, proofout)
+process_g2("pi_b", login, proofout)
+process_g1("pi_bp", login, proofout)
+process_g1("pi_c", login, proofout)
+process_g1("pi_cp", login, proofout)
+process_g1("pi_h", login, proofout)
+process_g1("pi_kp", login, proofout)
+print(' "protocol": "original"', file=proofout)
+print('}', file=proofout)