Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Activity
  • Apr 06 2018 08:11
    @Arachnid banned @JohnnyMet
  • Oct 29 2017 09:12
    @Arachnid banned @Musk6666
  • Oct 21 2017 19:17
    @Arachnid banned @Musk55
chriseth
@chriseth
@jaciew it should work with any byzantium-compatible client, yes
jaciew
@jaciew
thanks a lot :)
jaciew
@jaciew
Hi, @JacobEberhardt could you give me some help about how to use zokrates on parity? what function it can do? I have my own private network. thanks a lot
jaciew
@jaciew
hi all, i use zokrate to compile simple_add.code and generate proof. Then i publish the verifier.sol on ropsten test net. When I call the function verifierTx , it failed.
contract address : https://ropsten.etherscan.io/address/0xe9dbc5bf173609e70282a0983768d97d30672af9
jaciew
@jaciew
@JacobEberhardt
@chriseth ]
thanks
jaciew
@jaciew
hi @chriseth . I have a doubt about this line: success := call(sub(gas, 2000), 8, 0, add(input, 0x20), mul(inputSize, 0x20), out, 0x20)
what does the address param (8) means?
As I see in Solidity documentation, this opcode has the following description: "call contract at address a with input mem[in..(in+insize)) providing g gas and v wei and output area mem[out..(out+outsize)) returning 0 on error (eg. out of gas) and 1 on success"
Muskkk
@Muskkk
This message was deleted
lukas-berlin
@lukas-berlin
@jaciew this is a standard low level call. The second param is the address that is called. In this case it´s one of the new byzantium precompiled contracts. I think 8 is the pairing check contract. But you´re right this is not documented very well.
jaciew
@jaciew
hi @chriseth . If i want to use zk-sanrks on my private parity netwokr by using your code. I should have this pairing check contract , right?
lukas-berlin
@lukas-berlin
@jaciew it should work with any byzantium-compatible client, yes
jaciew
@jaciew
But how can i get this pairing chekc contract? @lukas-berlin thanks
lukas-berlin
@lukas-berlin
@jaciew the precompiles are part of the EVM. You can just call it. Just make sure you have a client that supports byzantium
jaciew
@jaciew
OK, I konw, thanks a lot
jaciew
@jaciew
hi, i got this error when i compile the zksnark contract
Warning: Variable is shadowed in inline assembly by an instruction of the same name
function add(G1Point p1, G1Point p2) internal returns (G1Point r) {
^
I have one private node with parity version 1.7.8, Truffle v3.4.9
rebekah mercer
@rbkhmrcr
@jaciew it's just a warning saying the variable name is used elsewhere (within a block of inline assembly)
just change the variable names and you'll be jolly
i think
anyway
jaciew
@jaciew
function add(G1Point p1, G1Point p2) internal returns (G1Point r) {
    uint[4] memory input;
    input[0] = p1.X;
    input[1] = p1.Y;
    input[2] = p2.X;
    input[3] = p2.Y;
    bool success;
    assembly {
        success := call(sub(gas, 2000), 6, 0, input, 0xc0, r, 0x60)
        // Use "invalid" to make gas estimation work
        switch success case 0 { invalid }
    }
    require(success);
}
hi @rmercer93, which variable? bool success?
thanks
rebekah mercer
@rbkhmrcr
your code should still compile it's just a warning
JacobEberhardt
@JacobEberhardt
@jaciew ZoKrates does not make any assumptions regarding your ethereum client besides that it supports the required precompiles. So it should work with the right version of parity right away.
lukas-berlin
@lukas-berlin
@jaciew From the Docs:
It might be that you run into Out-of-Gas for sha256, ripemd160 or ecrecover on a private blockchain. The reason for this is that those are implemented as so-called precompiled contracts and these contracts only really exist after they received the first message (although their contract code is hardcoded). Messages to non-existing contracts are more expensive and thus the execution runs into an Out-of-Gas error. A workaround for this problem is to first send e.g. 1 Wei to each of the contracts before you use them in your actual contracts. This is not an issue on the official or test net.
I think this is also true for the new Pairing precompiles
MaiaVictor
@MaiaVictor
Is this the appropriate room to talk about zk-snarks? I'm finally (for real) needing zk-snarks for a small little feature in a dapp... but I don't know how I can get started. What should I do? A complete tutorial covering what to install, how to generate the keys, how to produce the proofs, how to check them on-chain etc. etc. would be highly appreciated...
jaciew
@jaciew
hi all, i call the verifyTx() function and pair() function on a private network, return false. But g() and f() return true. why?
i sent some ether to 0x6,0x7,0x8 already. @lukas-berlin
any my parity version is 1.7.8
lukas-berlin
@lukas-berlin
@jaciew sorry I cant help you, I´m only scratching the surface on this topic. But I´ll take the holidays to dig deeper into Zokrates.
Joey Stockermans
@jstoxrocky
Is there any work being done (or is it even possible?) to make on-chain verification cheaper in terms of gas? Watching Jacob's devcon3 talk it seems like 1.6M gas per verification @2gwei gasPrice is almost $2.50 USD.
Also would love to see some work on generating proofs in Python. Any zk-snarks/python work being done?
tadhg
@riordant
@jstoxrocky check out TrueBit
@vbuterin has done some zk snark python work for his blog posts on the subject
Joey Stockermans
@jstoxrocky
thanks @splut
peterqard
@peterqard
Hey everyone ! New here :)
chriseth
@chriseth
welcome, peter!
tadhg
@riordant
@MaiaVictor https://github.com/JacobEberhardt/ZoKrates. also see Jacob's talk at Devcon for a tutorial
Zachary James Williamson
@zac-williamson
Hi there everybody. I've been reading @chriseth 's update on integrating zcash into ethereum (https://blog.ethereum.org/2017/01/19/update-integrating-zcash-ethereum/). I'm trying to compile the proof of concept but I'm stuck at the command "git clone --recursive -b snark https://github.com/ethereum/cpp-ethereum.git" . I've rooted around the cpp-ethereum repo but I can't find a 'snark' branch, and the git clone operation fails! I have a smiliar problem when trying to clone the 'snarks' branch of solidity. Does anybody have any pointers on how to proceed?
chriseth
@chriseth
@zac-williamson this has been integrated in the meantime
so you can use the develop branches of both repositories
Zachary James Williamson
@zac-williamson
@criseth thank you very much
annonch
@annonch
How would zksnarks look like on ethereum? I was reading the above linked blog post and the election example. would the recipient address look like a smart contract or from a high level how does this look?
ariary
@ariary
@annonch you can look at the ZoKrates Tool which enables zk-snarks proof using smart-contract : https://github.com/JacobEberhardt/ZoKrates
mariogemoll
@mariogemoll

Hello, can anybody here help with libsnark (is there another place where I could ask?)? What I want to do is make a circuit which verifies the knowledge of the preimage of a sha256 hash, and then verify the proof for that on Ethereum. I took this from libsnark
https://github.com/scipr-lab/libsnark/blob/f7c87b88744ecfd008126d415494d9b34c4c1b20/libsnark/gadgetlib1/gadgets/hashes/sha256/tests/test_sha256_gadget.cpp
and tried to adapt it to match the structure of the examples in Christian Lundkvist's libsnark-tutorial. The result is this:
mariogemoll/libsnark-tutorial@d6cb832
The C++ code seems to be halfway right, the verification works and when I change any of the inputs it (correctly) fails. However this is the output:

Number of R1CS constraints: 27280
Primary (public) input: 1
1

Auxiliary (private) input: 25559
1
1
0
1
... many numbers ...
2567855114
3460354877
185690065
0
1
1
1
0
1
0
1

Verification status: 1

I think the public input is wrong. What do I need to do to hook up the gadget correctly? Also the Ethereum test fails; I guess I need to convert the input somehow? Any help would be very much appreciated!