-
Notifications
You must be signed in to change notification settings - Fork 78
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
examples: add compatibility example for Groth16 veification
Port the neo-project/neo#2647 (comment). Part of the #3002. Signed-off-by: Anna Shaleva <shaleva.ann@nspcc.ru>
- Loading branch information
1 parent
ffc2b41
commit 3e18752
Showing
5 changed files
with
108 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,5 @@ | ||
module verify | ||
|
||
go 1.19 | ||
|
||
require github.com/nspcc-dev/neo-go/pkg/interop v0.0.0-20230606150208-a2daad6ba614 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,2 @@ | ||
github.com/nspcc-dev/neo-go/pkg/interop v0.0.0-20230606150208-a2daad6ba614 h1:MiDBj73HNgPUbJRpXWLXrsGvX4rkYVDrdSmfOwivGR8= | ||
github.com/nspcc-dev/neo-go/pkg/interop v0.0.0-20230606150208-a2daad6ba614/go.mod h1:ZUuXOkdtHZgaC13za/zMgXfQFncZ0jLzfQTe+OsDOtg= |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,72 @@ | ||
/* | ||
TODO: add proper docs and comments. | ||
package main contains example of smart contract that uses BLS12-381 curves | ||
interoperability functionality to verify provided proofs. This example is a full | ||
copy of smart contract presented in | ||
https://github.com/neo-project/neo/issues/2647#issuecomment-1129849870 and is | ||
aimed to check the compatibility of BLS12-381 interoperability functionality. | ||
*/ | ||
package main | ||
|
||
import ( | ||
"github.com/nspcc-dev/neo-go/pkg/interop/native/crypto" | ||
"github.com/nspcc-dev/neo-go/pkg/interop/util" | ||
) | ||
|
||
var ( | ||
alpha = []byte{160, 106, 167, 155, 164, 170, 67, 158, 237, 78, 91, 7, 243, 191, 186, 221, 27, 97, 6, 190, 193, 204, 85, 206, 83, 56, 3, 209, 132, 249, 221, 94, 124, 20, 245, 113, 143, 70, 245, 159, 104, 213, 37, 151, 209, 125, 160, 143} | ||
beta = []byte{163, 91, 30, 20, 61, 202, 142, 33, 164, 33, 215, 106, 219, 39, 136, 96, 112, 254, 117, 55, 156, 44, 55, 125, 240, 63, 166, 206, 157, 17, 201, 11, 33, 172, 226, 58, 254, 202, 46, 128, 2, 179, 227, 37, 230, 127, 121, 118, 6, 59, 84, 145, 104, 196, 68, 37, 209, 54, 86, 148, 155, 251, 36, 110, 127, 190, 205, 52, 100, 136, 226, 196, 249, 172, 122, 215, 230, 42, 92, 175, 190, 120, 19, 80, 56, 148, 236, 157, 108, 74, 45, 29, 157, 243, 96, 94} | ||
gammaInverse = []byte{183, 69, 47, 108, 115, 173, 254, 203, 89, 67, 183, 224, 176, 26, 127, 132, 89, 162, 99, 241, 66, 228, 177, 17, 57, 85, 3, 13, 148, 88, 162, 54, 220, 189, 33, 172, 38, 192, 116, 236, 13, 115, 219, 201, 51, 166, 253, 240, 12, 32, 77, 82, 161, 189, 240, 198, 148, 184, 17, 92, 162, 145, 166, 55, 252, 245, 194, 95, 71, 208, 215, 23, 19, 95, 138, 147, 149, 26, 35, 108, 141, 25, 139, 103, 59, 48, 189, 88, 204, 100, 255, 116, 194, 229, 157, 5} | ||
delta = []byte{129, 78, 83, 175, 159, 103, 127, 217, 80, 213, 0, 194, 108, 30, 210, 241, 138, 209, 0, 164, 117, 32, 68, 102, 121, 36, 40, 65, 89, 205, 198, 1, 14, 144, 196, 236, 176, 214, 119, 139, 225, 118, 215, 185, 36, 216, 183, 27, 22, 126, 193, 21, 173, 212, 250, 104, 25, 69, 107, 40, 199, 160, 228, 239, 112, 102, 144, 85, 58, 109, 122, 73, 221, 170, 145, 188, 60, 9, 228, 178, 36, 227, 175, 140, 40, 181, 158, 175, 91, 189, 92, 169, 90, 90, 30, 153} | ||
ic = [][]byte{ | ||
{174, 152, 253, 159, 101, 142, 227, 5, 166, 71, 152, 207, 32, 152, 56, 172, 191, 43, 184, 28, 148, 40, 224, 42, 135, 137, 181, 215, 96, 34, 200, 127, 77, 151, 165, 11, 130, 57, 91, 83, 71, 38, 253, 159, 103, 191, 139, 120}, | ||
{177, 158, 199, 19, 137, 211, 161, 248, 118, 149, 250, 145, 46, 221, 160, 86, 40, 165, 110, 198, 160, 203, 188, 84, 210, 83, 159, 176, 113, 111, 10, 235, 192, 243, 242, 110, 188, 210, 98, 199, 74, 66, 118, 251, 3, 188, 58, 84}, | ||
} | ||
) | ||
|
||
func Verify(a []byte, b []byte, c []byte, publicInput []int) bool { | ||
alphaPoint := crypto.Bls12381Deserialize(alpha) | ||
betaPoint := crypto.Bls12381Deserialize(beta) | ||
gammaInversePoint := crypto.Bls12381Deserialize(gammaInverse) | ||
deltaPoint := crypto.Bls12381Deserialize(delta) | ||
|
||
aPoint := crypto.Bls12381Deserialize(a) | ||
bPoint := crypto.Bls12381Deserialize(b) | ||
cPoint := crypto.Bls12381Deserialize(c) | ||
|
||
// Equation left1: A*B | ||
lt := crypto.Bls12381Pairing(aPoint, bPoint) | ||
|
||
// Equation right1: alpha*beta | ||
rt1 := crypto.Bls12381Pairing(alphaPoint, betaPoint) | ||
|
||
// Equation right2: sum(pub_input[i]*(beta*u_i(x)+alpha*v_i(x)+w_i(x))/gamma)*gamma | ||
inputlen := len(publicInput) | ||
iclen := len(ic) | ||
|
||
if iclen != inputlen+1 { | ||
panic("error: inputlen or iclen") | ||
} | ||
icPoints := make([]crypto.Bls12381Point, iclen) | ||
for i := 0; i < iclen; i++ { | ||
icPoints[i] = crypto.Bls12381Deserialize(ic[i]) | ||
} | ||
acc := icPoints[0] | ||
for i := 0; i < inputlen; i++ { | ||
scalar := make([]byte, 32) // Temp stub, valid iff publicInput[0] is zero. | ||
// scalar := convert.ToBytes(publicInput[i]) | ||
temp := crypto.Bls12381Mul(icPoints[i+1], scalar, false) | ||
acc = crypto.Bls12381Add(acc, temp) | ||
} | ||
rt2 := crypto.Bls12381Pairing(acc, gammaInversePoint) | ||
|
||
// Equation right3: C*delta | ||
rt3 := crypto.Bls12381Pairing(cPoint, deltaPoint) | ||
|
||
// Check equality. | ||
t1 := crypto.Bls12381Add(rt1, rt2) | ||
t2 := crypto.Bls12381Add(t1, rt3) | ||
|
||
return util.Equals(lt, t2) | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,3 @@ | ||
name: "Groth16 proof compatibility example" | ||
sourceurl: https://github.com/nspcc-dev/neo-go/ | ||
supportedstandards: [] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters