Add 3 factorization problem example

3_fac/input.json

@@ -0,0 +1 @@
+{"x1": 3, "x2": 11, "x3": 17}

3_fac/proof.json

@@ -0,0 +1,28 @@
+{
+ "pi_a": [
+  "2855044796369946382827590498028074399954178188404052044460392173044055949963055520226458797341961615378727946048206",
+  "3607648035569852498712601197821672930980634267835166890422819022801738069852659753344138199712325573228301683310722",
+  "1"
+ ],
+ "pi_b": [
+  [
+   "2216529660448908459446533763529433361366105288599360068340479797481300540437545794646354474692017045121551582868515",
+   "3867914260234198041425601044308116127196057132281581166005254303219906875747339103782814281378360746808337469178926"
+  ],
+  [
+   "1959291290564527252319212910819685638672433971337410545600749187884388402471099470819029490531580085761840095948690",
+   "2011071151816425671679220330755640211651471450664831295838757345432821939838685402356499133954205160730680575168228"
+  ],
+  [
+   "1",
+   "0"
+  ]
+ ],
+ "pi_c": [
+  "1295247664883995735684917166146384745983218062371398982813013851011964236053567050995264999819727337215745868836854",
+  "425196572825763797251425507115701065909002365213946325141666886779730764869850382851002816252507146444245309603107",
+  "1"
+ ],
+ "protocol": "groth16",
+ "curve": "bls12381"
+}

3_fac/public.json

@@ -0,0 +1,4 @@
+[
+ "562",
+ "3"
+]

3_fac/verification_key.json

@@ -0,0 +1,99 @@
+{
+ "protocol": "groth16",
+ "curve": "bls12381",
+ "nPublic": 2,
+ "vk_alpha_1": [
+  "2191843459987598773590024133079527616758118088671934301945762281620908967162581012712567405019815572665712872623796",
+  "1664035774849863503646003048494213577015151537859184157765549528966387776772789207030433777101994828854739585442222",
+  "1"
+ ],
+ "vk_beta_2": [
+  [
+   "3764231095688882375546394077913791289729500066732987589069835200735210168251677834789785070698671518741236262863583",
+   "1975956737674144585508789155185883489602647165720568470078042365709562638839124474451400468748578229290756203131924"
+  ],
+  [
+   "2664149391785363356913750779411127000638406920365075800895742802208799038187313640182620725503804085435506720148070",
+   "491716795312779218659130638886776306404649091170844785976521584811326619381572211056932234374432526609285865390398"
+  ],
+  [
+   "1",
+   "0"
+  ]
+ ],
+ "vk_gamma_2": [
+  [
+   "352701069587466618187139116011060144890029952792775240219908644239793785735715026873347600343865175952761926303160",
+   "3059144344244213709971259814753781636986470325476647558659373206291635324768958432433509563104347017837885763365758"
+  ],
+  [
+   "1985150602287291935568054521177171638300868978215655730859378665066344726373823718423869104263333984641494340347905",
+   "927553665492332455747201965776037880757740193453592970025027978793976877002675564980949289727957565575433344219582"
+  ],
+  [
+   "1",
+   "0"
+  ]
+ ],
+ "vk_delta_2": [
+  [
+   "413154724199753058200524769130480539747847790863923642234877877680592088694363992783042398840429407626050743066789",
+   "3002644543443356676160163060928218871865410081831733983743342774940778555956806189822098470475670237779542851415944"
+  ],
+  [
+   "2438985653642956949171527495262358641872663641541030192914572463146908921129516216779501221673275997233817960176712",
+   "1153945107219418639093484597929798696693867386162471902015435074259666973369548699571341876110098845066777294832589"
+  ],
+  [
+   "1",
+   "0"
+  ]
+ ],
+ "vk_alphabeta_12": [
+  [
+   [
+    "1119614312890782083309600999057785795397603170170631015257396745570323316457963535074630855686990494673778448196147",
+    "742038601496863801453526417229271542806078110469177730792585776439827530482489842329316749055341641464553626528152"
+   ],
+   [
+    "1088390838327808008035210883448228493907177201542653184182090904196651559543951664333111649677783977078506847884041",
+    "2837214357972618712140457906768388362286637294555761672630024210522781142923797999255029248557137948544249112648333"
+   ],
+   [
+    "3877433249608326965639214147645932794884649572211492101458714681451992481281490963848814775798303784975033778565476",
+    "597955767106016876429201374986914550795954983229979662231585633284625712368958497140704039770602231110571127993019"
+   ]
+  ],
+  [
+   [
+    "2662556007646867761078073839158787132584127608421740379641502416597911492081507983862867550569692646879338719901980",
+    "1728784185468663874776440121711147809386195240021570349495245715254841355674231060337884553346596272099905654906277"
+   ],
+   [
+    "3783046564574746437870408327888798832808904026618842104076700319916198573571995197610592169664700148018523815708027",
+    "1650953322183301436255680254214000225128094685097878264284712810475465218613191405608582106951277280117676043243386"
+   ],
+   [
+    "661282582370783830377759997030246421465048985306548778665276485713752568765509911394270899905744300097503830686188",
+    "554462205254579485033981033913994147758083815475117093767616549931962491805668145901814272592450333224914413991514"
+   ]
+  ]
+ ],
+ "IC": [
+  [
+   "3309896332232763728332884765232343789621967757514439814841772750001004110163769133520530042440224977308143690966538",
+   "2729872703560414785705863386228322151240301147292791955557293720514020028816188672981305414934902446634648161893597",
+   "1"
+  ],
+  [
+   "631322038111762990511918330017151125033987672955885718113870795938008485779609080354246784064816111921692130342156",
+   "2237991347874379964013843270729116257803284877394816325928044453833709035829235921538541619664979249135195864580089",
+   "1"
+  ],
+  [
+   "2156395363321496459977006673790312524899213752348596549626151845365363536870686406447459761442071948022650812037505",
+   "859509658696984707388484840799535446245965210460962278516264652307712352123089491042788915533211361883018851645942",
+   "1"
+  ]
+ ]
+}

circuits/3_fac.circom

@@ -0,0 +1,24 @@
+pragma circom 2.1.5 ;
+
+template Multiplier () {
+  signal input a ;
+  signal input b ;
+  signal output c ;
+  c <== a * b ;
+}
+
+template three_fac () {
+  signal input x1 ;
+  signal input x2 ;
+  signal input x3 ;
+  signal output x4 ;
+  component mult1 = Multiplier() ;
+  component mult2 = Multiplier() ;
+  mult1.a <== x1 ;
+  mult1.b <== x2 ;
+  mult2.a <== mult1.c ;
+  mult2.b <== x3 ;
+  x4 <== mult2.c ;
+}
+
+component main {public [x1]} = three_fac() ;

groth16.sh

@@ -0,0 +1,76 @@
+#!/bin/bash
+
+read -p "What is the name of the circuit?: " CIRCUIT_NAME
+CIRCUIT_PATH="../circuits/$CIRCUIT_NAME.circom"
+
+OUTPUT_PATH="${1:-$CIRCUIT_NAME/}"
+
+if [ ! -d "$OUTPUT_PATH" ]; then
+    mkdir -p "$OUTPUT_PATH"
+fi
+
+echo "[Setup](1/22): Start a new powers of tau ceremony"
+snarkjs powersoftau new bls12-381 15 ${OUTPUT_PATH}pot15_0000.ptau -v
+
+echo "[Setup](2/22): Contribute to the ceremony"
+snarkjs powersoftau contribute ${OUTPUT_PATH}pot15_0000.ptau ${OUTPUT_PATH}pot15_0001.ptau --name="First contribution" -v
+
+echo "[Setup](3/22): Provide a second contribution"
+snarkjs powersoftau contribute ${OUTPUT_PATH}pot15_0001.ptau ${OUTPUT_PATH}pot15_0002.ptau --name="Second contribution" -v 
+
+echo "[Setup](4/22): Verify the protocol so far"
+snarkjs powersoftau verify ${OUTPUT_PATH}pot15_0002.ptau
+
+echo "[Setup](5/22): Apply a random beacon"
+snarkjs powersoftau beacon ${OUTPUT_PATH}pot15_0002.ptau ${OUTPUT_PATH}pot15_beacon.ptau 0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f 10 -n="Final Beacon"
+
+echo "[Setup](6/22): Prepare phase 2"
+snarkjs powersoftau prepare phase2 ${OUTPUT_PATH}pot15_beacon.ptau ${OUTPUT_PATH}pot15_final.ptau -v
+
+echo "[Setup](7/22): Verify the final ptau"
+snarkjs powersoftau verify ${OUTPUT_PATH}pot15_final.ptau
+
+echo "[Setup](8/22): Compile the circuit"
+circom $CIRCUIT_PATH --r1cs --wasm --sym -p bls12381 -o ${OUTPUT_PATH}
+
+echo "[Setup](9/22): View information about the circuit"
+snarkjs r1cs info ${OUTPUT_PATH}${CIRCUIT_NAME}.r1cs
+
+echo "[Setup](10/22): Print the constraints"
+snarkjs r1cs print ${OUTPUT_PATH}${CIRCUIT_NAME}.r1cs ${OUTPUT_PATH}${CIRCUIT_NAME}.sym
+
+echo "[Setup](11/22): Export r1cs to json"
+snarkjs r1cs export json ${OUTPUT_PATH}${CIRCUIT_NAME}.r1cs ${OUTPUT_PATH}${CIRCUIT_NAME}.r1cs.json
+
+echo "[Setup](12/22): Generate witness"
+node ${OUTPUT_PATH}${CIRCUIT_NAME}_js/generate_witness.js ${OUTPUT_PATH}${CIRCUIT_NAME}_js/mastermind.wasm mastermind.input.json  ${OUTPUT_PATH}witness.wtns
+
+echo "[Setup](13/22): Check witness"
+snarkjs wtns check ${OUTPUT_PATH}$CIRCUIT_NAME.r1cs  ${OUTPUT_PATH}witness.wtns
+
+echo "[Setup](14/22): Setup"
+snarkjs groth16 setup ${OUTPUT_PATH}${CIRCUIT_NAME}.r1cs ${OUTPUT_PATH}pot15_final.ptau ${OUTPUT_PATH}${CIRCUIT_NAME}_0000.zkey
+
+echo "[Setup](15/22): Contribute to the phase 2 ceremony"
+snarkjs zkey contribute ${OUTPUT_PATH}${CIRCUIT_NAME}_0000.zkey ${OUTPUT_PATH}${CIRCUIT_NAME}_0001.zkey --name="1st Contributor Name" -v
+
+echo "[Setup](16/22): Provide a second contribution"
+snarkjs zkey contribute ${OUTPUT_PATH}${CIRCUIT_NAME}_0001.zkey ${OUTPUT_PATH}${CIRCUIT_NAME}_0002.zkey --name="Second contribution Name" -v 
+
+echo "[Setup](17/22): Verify the latest zkey"
+snarkjs zkey verify ${OUTPUT_PATH}${CIRCUIT_NAME}.r1cs ${OUTPUT_PATH}pot15_final.ptau ${OUTPUT_PATH}${CIRCUIT_NAME}_0002.zkey
+
+echo "[Setup](18/22): Apply a random beacon"
+snarkjs zkey beacon ${OUTPUT_PATH}${CIRCUIT_NAME}_0002.zkey ${OUTPUT_PATH}${CIRCUIT_NAME}_final.zkey 0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f 10 -n="Final Beacon phase2"
+
+echo "[Setup](19/22): Verify the final zkey"
+snarkjs zkey verify ${OUTPUT_PATH}${CIRCUIT_NAME}.r1cs ${OUTPUT_PATH}pot15_final.ptau ${OUTPUT_PATH}${CIRCUIT_NAME}_final.zkey
+
+echo "[Setup](20/22): Export the verification key"
+snarkjs zkey export verificationkey ${OUTPUT_PATH}${CIRCUIT_NAME}_final.zkey ${OUTPUT_PATH}verification_key.json
+
+echo "[Proof](21/22): Create the proof"
+snarkjs groth16 prove ${OUTPUT_PATH}${CIRCUIT_NAME}_final.zkey ${OUTPUT_PATH}witness.wtns ${OUTPUT_PATH}proof.json ${OUTPUT_PATH}public.json
+
+echo "[Verification](21/22): Verify the proof"
+snarkjs groth16 verify ${OUTPUT_PATH}verification_key.json ${OUTPUT_PATH}public.json ${OUTPUT_PATH}proof.json