Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Activity
    benjaaamin
    @benjaaamin
    Hi! I've read the ZoKrates Paper of Eberhardt and Tai. They stated that the on-chain verification of a proof requires ~1.6 million gas (the more inputs, the higher the gas consumption).
    When I call verifyTx(...) with 11 inputs (1 private, 10 public), 330k gas is needed. I used ZoKrates v0.5.1 and Truffle v5.1.45. Can someone please explain me why there is such a big difference?
    Thibaut Schaeffer
    @Schaeff
    Hey @benjaaamin two reasons: since the paper, the precompiles were made cheaper ethereum/EIPs#1108, and we're using a more efficient zk scheme now, so we don't call them as much
    Ayush
    @AyushKaul
    is it possible to cast field to u32[8] array?
    Thibaut Schaeffer
    @Schaeff
    Yes, with utils/pack/u32/nonStrictUnpack256.zok though as the name suggests, uniqueness of the result is not enforced
    Ayush
    @AyushKaul
    thanks @Schaeff , the uniqueness is not a requirement.
    Ayush
    @AyushKaul
    I was trying to compile the pedersen hash pre-image example from the pycrypto repo. I get undeclared variable error. What can be the reason?
    Thibaut Schaeffer
    @Schaeff
    Thanks for flagging this, it may be out of sync with the latest syntax
    We'll have a look
    To fix it, make sure you declare all variables with their type:
    a = foo() // no
    field a = foo() // yes
    Ayush
    @AyushKaul
    the code snippet for signature is outdated it should be:
    import "signatures/verifyEddsa.code" as verifyEddsa
    import "ecc/babyjubjubParams.code" as context
    
    struct BabyJubJubParams {
        field JUBJUBE
        field JUBJUBC
        field JUBJUBA
        field JUBJUBD
        field MONTA
        field MONTB
        field[2] INFINITY
        field Gu
        field Gv
    }
    
    def main(private field[2] R, private field S, field[2] A, u32[8] M0, u32[8] M1) -> (bool):
    
        BabyJubJubParams context = context()
    
        bool isVerified = verifyEddsa(R, S, A, M0, M1, context)
    
        return isVerified
    themighty1
    @themighty1
    Hi, when Zorkates generates the proof, is it calculated over the private inputs AND PUBLIC inputs. In other words, is it possible for the verifier to modify the public inputs so that the verification result is different?
    themighty1
    @themighty1
    OK, to answer my question - the verifier must use the exact same private AND PUBLIC inputs when verifying, otherwise the verification fails.
    Does the underlying zksnark math allow two parties independently of each other to each supply a private input to the same circuit (without either learning the other's inputs) and to calculate the proof in an efficient 2PC-way ?
    Omar Desogus
    @cedoor
    Hi, is there a javascript library to generate a key pair with EdDSA (with BabyJubJub)?
    Thibaut Schaeffer
    @Schaeff
    @themighty1 not that I am aware of. it's a proof of knowledge of the entire witness, which includes all private inputs
    Hey @AyushKaul thanks for reporting this, would you mind opening an issue in the appropriate repo?
    Ayush
    @AyushKaul
    @Schaeff sure, I had a question since the message data type is changed the python script will also need changes, currently its field[256] mo and field[256] m1 or is there a way to cast field[256] to u32[8]?
    Jay Logelin
    @jlogelin

    Hey all - I have a novice question about zokrates functions. Once they are compiled are they homomorphic to witnesses? In other words would I be able to safely do something like this:

    def main(private field a) -> (field):
        field result = sha256(a, 42)
        return result

    Where 42 is a secret?

    Thibaut Schaeffer
    @Schaeff
    @jlogelin A general assumption is that the prover and verifier both know the program, otherwise the verifier doesn't know what they are checking. Therefore the verifier would learn 42 as it's in the code
    whether we're talking about the source code or the compiled one, there's no obfuscation happening there
    Keshav Mundhra
    @mundhrakeshav
    Hey all, I am very new to Zero Knowledge Cr, I wanna implement sort of age verification using zokrates can anyone share any resource?
    Cryptography*
    Jay Logelin
    @jlogelin
    Thanks @Schaeff - I figured as much after messing around with zokrates last night.
    Hey @mundhrakeshav Also a beginner here. Did you try this:
    def main(private field a) -> (bool):
        return a > 18
    Keshav Mundhra
    @mundhrakeshav
    Hey @jlogelin got it
    Thanks
    Keshav Mundhra
    @mundhrakeshav
    Hey, how exactly can we implement a circuit so we can conduct a voting and keep identities of voters private.
    Ayush
    @AyushKaul
    @Schaeff are there any utils for generating the merkle proofs, path digest, direction selector for snarks inputs?
    Yasin Aktimur
    @omgbbqhaxx
    Hello is zokrares functions are visible or public?
    def main(private field a) -> (bool):
        return a > 18
    for examplw when i use this main function is everyone can see that functions details?
    Thibaut Schaeffer
    @Schaeff
    Not the source code, but a lower level version of the program is visible to all participants, yes.
    Yasin Aktimur
    @omgbbqhaxx
    Thank you for answer.
    Eer Kai Jun
    @eerkaijun
    Hello everyone, I'm new to Zokrates. Have a question: when the prover has generated proof, zokrates will output a proof.json file. How do we pass the content of this proof.json to the deployed verifier smart contract? Do we need to manually extract the info of this file as the arguments to verifyTx?
    Thibaut Schaeffer
    @Schaeff
    @eerkaijun have you tried zokrates print-proof -h?
    Ladislav Sládeček
    @sladecek
    Hello everyone! I am experimenting with ZoKrates using it as a
    rust library. I can generate a proof ('G16::generate_proof()') but
    I cannot find a way to extract the curve points a,b, and c from
    the 'Proof' struct for further processing. All the fields
    'proof', and 'a', 'b', 'c' in 'ProofPoints' are private. Is there
    a way to obtain the points other than to serialize the whole proof to JSON
    and then deserialize it and parse from strings? Thanks.
    Thibaut Schaeffer
    @Schaeff
    Hey @sladecek right now it's the way to go, yes
    Ladislav Sládeček
    @sladecek
    Hello Thibaut, thank you for your answer. I tried to make the members public in a fork. The changes are quite minimal. Should I submit them as a pull request?
    Thibaut Schaeffer
    @Schaeff
    Sure! We can discuss it there
    smithsen
    @smithsen
    I have been following the instructions of libsnark in https://github.com/scipr-lab/libsnark I have been trying to install libsnark as a library, I did the symbolic linking, seems like the instructions there were wrong as to use ln -s /path rather than -L/path. I don't understand how to do the compiling to be honest. Any help or suggestions will be extremely useful.
    smithsen
    @smithsen

    I have been following the instructions of libsnark in https://github.com/scipr-lab/libsnark I have been trying to install libsnark as a library, I did the symbolic linking, seems like the instructions there were wrong as to use ln -s /path rather than -L/path. I don't understand how to do the compiling to be honest. Any help or suggestions will be extremely useful.

    Hey could anyone please give me some suggestions as to what am I doing wrong? That would be really great. @Schaeff please guide me to the next step.

    Thibaut Schaeffer
    @Schaeff
    Hey @smithsen what platform are you on?
    smithsen
    @smithsen
    Hey @Schaeff I am on linux system, ubuntu 20.04.
    Thibaut Schaeffer
    @Schaeff
    Do you hit an error running cargo check in ZoKrates?
    smithsen
    @smithsen
    Oh no, I am actually trying to run the library libsnark
    Like using libsnark as a library
    The thing is I want to use libsnark as a library but I am stuck at the aforementioned step. I understand that ZoKrates is potentially using libsnark as a lot of people did ask question concerning https://github.com/howardwu/libsnark-tutorial#compilation and so was wondering if I can get some help in the same
    Thibaut Schaeffer
    @Schaeff
    The only thing I can suggest is for you to check out zokrates_core/build.rs, this is where we build libsnark
    smithsen
    @smithsen
    Oh alright ! Thanks a lot, I will go through it now