Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Activity
    Darko Macesic
    @dark64

    Hey, would I be right in thinking that zokratesProvider.compile("def main(private field a) -> (field): return a * a") is compiling down to web assembly?

    no, zokrates itself is compiled down to web assembly which the javascript library calls to compile your program, this makes it possible for zokrates to be run in browser/node environments

    smithsen
    @smithsen

    Ok so it is like a preliminary stage checking that yes indeed we have the data. So as given in the example there in https://medium.com/zokrates/building-identity-linked-zksnarks-with-zokrates-a36085cdd40 , the author says that Alice wants to prove her age, if I have to consider the picture of Alice's ID card and then work on that, my idea was converting it in matrix and then putting it as a private key in the code written in the blogpost, it is seems too much. Is there a way in Zokrates that I can take the image in ?

    Can someone please help me with this one? Or at least if can give the reference as in where to look for that would be great. Thanks

    DobPP
    @dobpp
    Hi
    DobPP
    @dobpp
    I'd like to create zokrates generating serial numbers, is it possible?
    Thibaut Schaeffer
    @Schaeff
    @smithsen how do you make sure that Alice doesn't photoshop the ID?
    Thibaut Schaeffer
    @Schaeff
    @smithsen One approach for these kinds of situations (say, proving that Alice is over 18) is to have a reputable entity sign Alice's birth date and public key and give the signature to Alice, then Alice inputs her birth date and the signature as private inputs, and her public key and the reputable entity's public key as public inputs, basically saying: "I know a signature by this reputable entity which claims that I was born on date d with d more than 18 years ago". Note that the reputable entity signed the birth date and not the statement "Alice is over 18", so that Alice can reuse this signature to prove whatever she needs to
    smithsen
    @smithsen

    @smithsen how do you make sure that Alice doesn't photoshop the ID?

    I mean Alice can but possibly a reputable entity can hash the image right, as signature ?

    Thibaut Schaeffer
    @Schaeff
    In theory yes, however doing image processing inside a snark is much much more expensive than verifying a digital signature.
    smithsen
    @smithsen
    I see, ok I wanted to process an image inside the snark
    stevewu
    @Stevewu1234
    Hi, I'm learning zk-snark used in Ethereum. And I'm confused with the authenticity of one data: using groth16 algorithm to generate zk-snark proof and the estimation is 1 tx(200bytes) 50MB. Can I use ZoKrates to prove data authenticity? Or have I made a misunderstanding?
    Tim
    @timhc22
    Hello, for anyone who has worked with the zokrates.js library:
    I have managed to get it working with a react app locally, but when I host it (on AWS S3), I'm getting an error with Mime types (HERE: https://web3.unegma.com/page-three and HERE: https://github.com/timhc22/zokrates/blob/main/client/src/pages/PageThree/PageThree.js), I've tried to figure out how to add the mime type on s3, but it isn't specific to one file. Any idea if I will need to make the calculations using zokrates.js on a server, and do an api call from the frontend instead, or is there some kind of workaround? Thanks
    Ozdemir86
    @Ozdemir86
    Hello
    I need a help any support who online?
    Transaction input data sha256 possible ?
    hou
    @turfT
    hi,everyone .. a little confused about bn128 and alt_bn128, are these two curves are the same curves?
    Darko Macesic
    @dark64

    Hello, for anyone who has worked with the zokrates.js library:
    I have managed to get it working with a react app locally, but when I host it (on AWS S3), I'm getting an error with Mime types (HERE: https://web3.unegma.com/page-three and HERE: https://github.com/timhc22/zokrates/blob/main/client/src/pages/PageThree/PageThree.js), I've tried to figure out how to add the mime type on s3, but it isn't specific to one file. Any idea if I will need to make the calculations using zokrates.js on a server, and do an api call from the frontend instead, or is there some kind of workaround? Thanks

    your server might not know how to serve wasm files, you can google around a bit how to add 'application/wasm' mime type in your server configuration for wasm files, if you're using nginx you can just add

    include mime.types;
    types {
        application/wasm wasm;
    }
    Darko Macesic
    @dark64

    hi,everyone .. a little confused about bn128 and alt_bn128, are these two curves are the same curves?

    they should have the same equation, but alt_bn128 has some optimizations specific to the generator point of G2 (don't quote me on this, not completely sure)

    hou
    @turfT
    @dark64 help a lot, thx
    Neo
    @creepteks
    Hi, there; I am having trouble converting the u32 arrays to be used in javascript or python. Imagine this scenario: I have a circut that checks if a u32[16] is the actual preimage for a u32[8] hash. I can feed the arguments properly to Zokrates CLI and it yields the expected result. However, I want to store this hash as a bytes32 inside an Ethereum smart contract, and later on, provide zksnarks proof of knowing the preimage. If I use a circuit, as what is presented in RNG tutorial to produce the hash using zokrates CLI, how I can I later on convert the outputted hash to byte32 or hex string? if I use cryptographic libraries like Crypto-js to compute the hash, how can I convert the preimage and its hash to the in the proper format, u32[16] preimage and u32[8] hash, to be passed to zokrates CLI to compute the witness and generate the proof?
    prographo
    @prographo
    Hi, what is the difference between zokrates and snarkjs/circom ?
    prographo
    @prographo
    I am reading through the documentation, here https://zokrates.github.io/language/types.html
    it says "when working with the ALT_BN128 curve supported by Ethereum." although I don't see anything in the generated verifier.sol contract specific to ethereum, there are no special primitives used afaics
    Neo
    @creepteks
    @prographo This is actually a very good observation. I took a look at these EIPs: https://eips.ethereum.org/EIPS/eip-196, https://eips.ethereum.org/EIPS/eip-197 and https://eips.ethereum.org/EIPS/eip-1108. So Ethereum uses precompiled contracts to reduce the gas costs for scalar addition and multiplication and paring check on this specific curve. I expected to see some invocation of some precompiled contract such as ECADD at 0x06 or ECMUL at 0x07 but could not find any. Istanbul fork list EIP1108 as included, but I do not know why it is not there in the verifier.sol. Sorry if I did not answer your question... :-(
    Thibaut Schaeffer
    @Schaeff
    ZoKrates relies on this library for proof verification, where you'll find calls to the precompiles
    Neo
    @creepteks
    @Schaeff would you be so kind to help me with the question I asked a few lines before? I would really appreciate it.
    Neo
    @creepteks

    ZoKrates relies on this library for proof verification, where you'll find calls to the precompiles

    Also, I was under the impression that EIPs of numbers 196, 197 and 1108 were referring to precompiled EVM opcodes as primitives for skSNARKs computations, but what you provided us with was a series of pre-written solidity contracts that are exported based on the type of the zkp scheme used via zokrates export-verifier command.

    Thibaut Schaeffer
    @Schaeff
    Yes, depending on the scheme you're using, different on chain libraries are required. The central one is the one I linked to above, and it calls the precompiled contracts introduced by the EIPs you just mentioned. Note that only verification happens on chain, proof generation happens off chain.
    Matheus Faria de Alencar
    @mtsalenc
    Hey dev team, how long do you think it will be before you feel comfortable saying that ZoKrates is production ready?
    I'd really like to use it
    Thibaut Schaeffer
    @Schaeff
    Hi @mtsalenc , thanks for the interest! We do not have a date to share on this as the toolbox is still undergoing substantial breaking changes
    Neo
    @creepteks

    Yes, depending on the scheme you're using, different on chain libraries are required. The central one is the one I linked to above, and it calls the precompiled contracts introduced by the EIPs you just mentioned. Note that only verification happens on chain, proof generation happens off chain.

    That's right, but I cannot find the addresses like 0x06 or 0x07 for , respectively,ECADD and ECMUL, as specified by EIPs 196 and 197. How does zorates calls these underlying opcodes?

    Thibaut Schaeffer
    @Schaeff
    @creepteks Addition here
    Neo
    @creepteks
    @Schaeff wow; thanks, man. The thing that misguided me was the fact that EIP 196 referred to ECADD opcode with addr 0x06, not 0x60.
    Darko Macesic
    @dark64
    @creepteks it is actually 0x06, 0x60 is the outsize: staticcall(sub(gas(), 2000), 6, input, 0xc0, r, 0x60) second param a is 6
    Neo
    @creepteks

    @creepteks it is actually 0x06, 0x60 is the outsize: staticcall(sub(gas(), 2000), 6, input, 0xc0, r, 0x60) second param a is 6

    I think I officially proved how noob I am in Solidity :-) thanks for the patience and clarification, man.

    Alexey Tsvetkov
    @aitsvet
    hi all! i'm trying to use ZoKrates to build a custom hash preimage proof
    i have u8[256] pi = [ \ ...
    and i want output[i] = pi[input[i]]
    in def main(u8[64] input) -> u8[64]: ...
    sadly i get Expression input[i] of type u8 cannot be used as type field
    is there any trick to convert u8 to field in ZoKrates ?
    Alexey Tsvetkov
    @aitsvet
    ah, here it is
    Alexey Tsvetkov
    @aitsvet
    well, it's not in the EMBED, had to import that .zok, got stack overflow when called u8_to_bits
    copied the function from the link to my .zok, still got stack overflow
    Thibaut Schaeffer
    @Schaeff
    @aitsvet would you mind opening an issue about this with steps to reproduce?
    Alexey Tsvetkov
    @aitsvet
    then i added -- --test-threads=1 to my cargo test ... and it fixed the SO
    Thibaut Schaeffer
    @Schaeff
    are you running it with --release ?
    Alexey Tsvetkov
    @aitsvet
    no, i just name a specific test, i'll try with --release
    runs faster with same result, thanks!
    Chaitanya Konda
    @ChaitanyaKonda
    Hi, is there a way to optimise memory consumption during compilation? I have a circuit that requires more than a whopping 512GB of memory and so compilation gets killed when it reaches this maximum. Don't think even setup would require this memory
    Alexey Tsvetkov
    @aitsvet
    i double this, a test for one of my functions requires 36 Gb to run, on a 32 Gb host it needs an hour to pass due to swap IO. more of it, i need to stack and loop calls of that function, so would one call require a day to process?