UNPKG

o1js

Version:

TypeScript framework for zk-SNARKs and zkApps

github.com/o1-labs/o1js/

o1-labs/o1js

144 lines (128 loc) 4.84 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
import { Field } from '../field.js'; import { ZkProgram } from '../../proof-system/zkprogram.js'; import { Spec, boolean, equivalentAsync, fieldWithRng } from '../../testing/equivalent.js'; import { Random } from '../../testing/property.js'; import { assert } from '../gadgets/common.js'; import { Gadgets } from '../gadgets/gadgets.js'; import { Gates } from '../gates.js'; import { constraintSystem, contains } from '../../testing/constraint-system.js'; import { FeatureFlags } from '../../proof-system/feature-flags.js'; import { Cache } from '../../proof-system/cache.js'; import { RuntimeTable } from '../gadgets/runtime-table.js'; let uint = (n: number | bigint): Spec<bigint, Field> => { return fieldWithRng(Random.bignat((1n << BigInt(n)) - 1n)); }; // Range-check tests { let RangeCheck = ZkProgram({ name: 'range-check', methods: { three12Bit: { privateInputs: [Field, Field, Field], async method(v0: Field, v1: Field, v2: Field) { // Dummy range check to make sure the lookup table is initialized // It should never fail because 64 > 12 Gadgets.rangeCheck64(v0); Gadgets.rangeCheck3x12(v0, v1, v2); }, }, }, }); // constraint system sanity check constraintSystem.fromZkProgram(RangeCheck, 'three12Bit', contains(['Lookup'])); await RangeCheck.compile(); await equivalentAsync({ from: [uint(12), uint(12), uint(12)], to: boolean }, { runs: 3 })( (x, y, z) => { assert(x < 1n << 12n); assert(y < 1n << 12n); assert(z < 1n << 12n); return true; }, async (x, y, z) => { let { proof } = await RangeCheck.three12Bit(x, y, z); return await RangeCheck.verify(proof); } ); } // Unit test with constant indices using the deprecated API for runtime tables { let RuntimeTable = ZkProgram({ name: 'runtime-table', methods: { runtimeTable: { privateInputs: [Field, Field, Field], async method(v0: Field, v1: Field, v2: Field) { let tableId = 2; let indices = [0n, 1n, 2n, 3n, 4n, 5n, 6n, 7n, 8n, 9n]; Gates.addRuntimeTableConfig(tableId, indices); // values are inserted into the table in the given positions Gadgets.inTable(tableId, [5n, v0], [6n, v1], [7n, v2]); // a second time can be used to check more values in more positions Gadgets.inTable(tableId, [2n, v0]); // can ask for the same index asked previously Gadgets.inTable(tableId, [6n, v1]); // even multiple times in the same call Gadgets.inTable(tableId, [6n, v1], [6n, v1]); }, }, }, }); // constraint system sanity check constraintSystem.fromZkProgram(RuntimeTable, 'runtimeTable', contains(['Lookup'])); // check feature flags are set up correctly const featureFlags = await FeatureFlags.fromZkProgram(RuntimeTable, true); assert(featureFlags.lookup === true); assert(featureFlags.runtimeTables === true); await RuntimeTable.compile({ cache: Cache.None, forceRecompile: true, withRuntimeTables: true, }); await equivalentAsync({ from: [uint(12), uint(12), uint(12)], to: boolean }, { runs: 1 })( (x, y, z) => { assert(x < 1n << 12n); assert(y < 1n << 12n); assert(z < 1n << 12n); return true; }, async (x, y, z) => { let { proof } = await RuntimeTable.runtimeTable(x, y, z); return await RuntimeTable.verify(proof); } ); } // New API runtime table tests using field indices { let PowersetProgram = ZkProgram({ name: 'powers-of-two', methods: { runtimeTable: { privateInputs: [Field, Field], async method(exponent: Field, result: Field) { let tableId = 2; let exponents = [0n, 1n, 2n, 3n, 4n, 5n, 6n, 7n, 8n, 9n]; // At configuration time, we define the indices as bigints let powers = new RuntimeTable(tableId, exponents); // At lookup time, we can use Field values as indices // iterate over the exponents and insert the corresponding power of two for (let exp of exponents) { powers.insert([[Field.from(exp), Field.from(2n ** exp)]]); } // lookup the power of two for the given exponent powers.lookup(exponent, result); powers.check(); // flush pending lookups }, }, }, }); // constraint system sanity check constraintSystem.fromZkProgram(PowersetProgram, 'runtimeTable', contains(['Lookup'])); await PowersetProgram.compile({ cache: Cache.None, forceRecompile: true, withRuntimeTables: true, }); let { proof } = await PowersetProgram.runtimeTable(Field.from(5n), Field.from(32n)); let verified = await PowersetProgram.verify(proof); assert(verified === true); }