UNPKG

snarkjs

Version:

zkSNARKs implementation in JavaScript

github.com/iden3/snarkjs

iden3/snarkjs

66 lines (54 loc) 2.16 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
/* Copyright 2021 0KIMS association. This file is part of snarkJS. snarkJS is a free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version. snarkJS is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with snarkJS. If not, see <https://www.gnu.org/licenses/>. */ import { getCurveFromName } from "./curves.js"; import { utils } from "ffjavascript"; const { unstringifyBigInts} = utils; function i2hex(i) { return ("0" + i.toString(16)).slice(-2); } function p256(n) { let nstr = n.toString(16); while (nstr.length < 64) nstr = "0"+nstr; nstr = `"0x${nstr}"`; return nstr; } export default async function plonkExportSolidityCallData(_proof, _pub) { const proof = unstringifyBigInts(_proof); const pub = unstringifyBigInts(_pub); const curve = await getCurveFromName(proof.curve); const G1 = curve.G1; const Fr = curve.Fr; let inputs = ""; for (let i=0; i<pub.length; i++) { if (inputs != "") inputs = inputs + ","; inputs = inputs + p256(pub[i]); } return `[${p256(proof.A[0])}, ${p256(proof.A[1])},` + `${p256(proof.B[0])},${p256(proof.B[1])},` + `${p256(proof.C[0])},${p256(proof.C[1])},` + `${p256(proof.Z[0])},${p256(proof.Z[1])},` + `${p256(proof.T1[0])},${p256(proof.T1[1])},` + `${p256(proof.T2[0])},${p256(proof.T2[1])},` + `${p256(proof.T3[0])},${p256(proof.T3[1])},` + `${p256(proof.Wxi[0])},${p256(proof.Wxi[1])},` + `${p256(proof.Wxiw[0])},${p256(proof.Wxiw[1])},` + `${p256(proof.eval_a)},` + `${p256(proof.eval_b)},` + `${p256(proof.eval_c)},` + `${p256(proof.eval_s1)},` + `${p256(proof.eval_s2)},` + `${p256(proof.eval_zw)}]` + `[${inputs}]`; }