This repository contains a (WIP) implementation of AES-GCM in Circom. These circuits fork the underconstrained AES-GCM-SIV circuits from electron labs.
To use this repo, you need to install the just
command runner:
cargo install just
# or use cargo binstall for fast install:
cargo binstall -y just
# install dependencies
just install
Generate json witnesses and an AES proof to populate the inputs
dir: just witness
.
Test that the witnesses in inputs are valid using the build/**/generate_witness.js circom artifact:
Run the generate_witness.js
script:
Test witnesses are valid by writing tests in circomkit by running:
just circom-test
Example commands for using circom-kit
just circom-test # test all circom tests
just circom-testg TESTNAME # test a named test
# also see:
`npx circomkit`: circomkit commands
`npx circomkit compile <circuit>`: equiv to `circom --wasm ...`
`npx circomkit witness <circuit> <witness.json>`: equiv to call generate_witness.js
The tests run by circomkit
are are specified in circuits.json
and .mocharc.json
.
To prove an AES execution with the witness files generated above:
Install node, circom, and set up the directory:
TODO(TK 2024-08-10): Move this to justfile
# install node
# setup js
cd client && npm install
cd client && npm start
# add build symlink
cd client/static && ln -s ../../build build
# install circom and snarkjs
git clone https://github.com/iden3/circom.git
cargo build --release
cargo install --path circom
npm install -g snarkjs@latest
# compile circuits
mkdir build
circom --wasm --sym --r1cs --output ./build ./circuits/aes/gcm_siv_dec_2_keys_test.circom
# generate trusted setup
# NOTE: This is currently unused because the rust zkey parser is horrible.
pushd build
curl "https://hermez.s3-eu-west-1.amazonaws.com/powersOfTau28_hez_final_10.ptau" --output 'powersOfTau28_hez_final_10.ptau'
# we just did this:
curl "https://hermez.s3-eu-west-1.amazonaws.com/powersOfTau28_hez_final_19.ptau" --output 'powersOfTau28_hez_final_19.ptau'
popd
SJS_BIN=$(dirname $(npm list -g --depth=0 | head -n 1)); SJS_BIN+="/bin/snarkjs"
node $SJS_BIN groth16 setup ./build/gcm_siv_dec_2_keys_test.r1cs ./build/powersOfTau28_hez_final_19.ptau ./build/test_0000.zkey
# test circuit
circom --wasm --sym --r1cs --output ./build ./circuits/aes/tiny.circom
snarkjs zkey new ./build/tiny.r1cs ./build/powersOfTau28_hez_final_10.ptau ./build/tiny.zkey
Licensed under the Apache License, Version 2.0 (LICENSE-APACHE or http://www.apache.org/licenses/LICENSE-2.0)
We welcome contributions to our open-source projects. If you want to contribute or follow along with contributor discussions, join our main Telegram channel to chat about Pluto's development.
Our contributor guidelines can be found in CONTRIBUTING.md. A good starting point is issues labelled 'bounty' in our repositories.
Unless you explicitly state otherwise, any contribution intentionally submitted for inclusion in the work by you, as defined in the Apache-2.0 license, shall be licensed as above, without any additional terms or conditions.