UNPKG

o1js

Version:

TypeScript framework for zk-SNARKs and zkApps

github.com/o1-labs/o1js/

o1-labs/o1js

87 lines (72 loc) 3.07 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
import { Snarky } from '../../../bindings.js'; import { FieldConst, VarFieldVar } from './fieldvar.js'; import type { VarField } from '../field.js'; import { MlArray, MlOption } from '../../ml/base.js'; import { createField } from './field-constructor.js'; import { TupleN } from '../../util/types.js'; export { createVarField, exists, existsAsync, existsOne }; /** * Witness `size` field element variables by passing a callback that returns `size` bigints. * * Note: this is called "exists" because in a proof, you use it like this: * > "I prove that there exists x, such that (some statement)" */ function exists<N extends number, C extends () => TupleN<bigint, N>>( size: N, compute: C ): TupleN<VarField, N> { // enter prover block let finish = Snarky.run.enterAsProver(size); if (!Snarky.run.inProver()) { // step outside prover block and create vars: compile case let vars = MlArray.mapFrom(finish(MlOption()), createVarField); return TupleN.fromArray(size, vars); } // run the callback to get values to witness let values = compute(); if (values.length !== size) throw Error(`Expected witnessed values of length ${size}, got ${values.length}.`); // note: here, we deliberately reduce the bigint values modulo the field size // this makes it easier to use normal arithmetic in low-level gadgets, // i.e. you can just witness x - y and it will be a field subtraction let inputValues = MlArray.mapTo(values, FieldConst.fromBigint); // step outside prover block and create vars: prover case let fieldVars = finish(MlOption(inputValues)); let vars = MlArray.mapFrom(fieldVars, createVarField); return TupleN.fromArray(size, vars); } /** * Variant of {@link exists} that witnesses 1 field element. */ function existsOne(compute: () => bigint): VarField { return exists(1, () => [compute()])[0]; } /** * Async variant of {@link exists}, which allows an async callback. */ async function existsAsync<N extends number, C extends () => Promise<TupleN<bigint, N>>>( size: N, compute: C ): Promise<TupleN<VarField, N>> { // enter prover block let finish = Snarky.run.enterAsProver(size); if (!Snarky.run.inProver()) { let vars = MlArray.mapFrom(finish(MlOption()), createVarField); return TupleN.fromArray(size, vars); } // run the async callback to get values to witness let values = await compute(); if (values.length !== size) throw Error(`Expected witnessed values of length ${size}, got ${values.length}.`); // note: here, we deliberately reduce the bigint values modulo the field size // this makes it easier to use normal arithmetic in low-level gadgets, // i.e. you can just witness x - y and it will be a field subtraction let inputValues = MlArray.mapTo(values, FieldConst.fromBigint); let fieldVars = finish(MlOption(inputValues)); let vars = MlArray.mapFrom(fieldVars, createVarField); return TupleN.fromArray(size, vars); } // helpers for varfields function createVarField(x: VarFieldVar): VarField { return createField(x) as VarField; }