gadgetExamples::NAND_Gadget Class Reference

Inheritance diagram for gadgetExamples::NAND_Gadget:

Collaboration diagram for gadgetExamples::NAND_Gadget:

Public Member Functions
void	generateConstraints ()
void	generateWitness ()
Public Member Functions inherited from gadgetlib2::Gadget
	Gadget (ProtoboardPtr pb)
void	addUnaryConstraint (const LinearCombination &a, const ::std::string &name)
void	addRank1Constraint (const LinearCombination &a, const LinearCombination &b, const LinearCombination &c, const ::std::string &name)
void	enforceBooleanity (const Variable &var)
FElem &	val (const Variable &var)
FElem	val (const LinearCombination &lc)
FieldType	fieldType () const
bool	flagIsSet (const FlagVariable &flag) const

Static Public Member Functions
static GadgetPtr	create (ProtoboardPtr pb, const FlagVariableArray &inputs, const FlagVariable &output)

Additional Inherited Members
Protected Attributes inherited from gadgetlib2::Gadget
ProtoboardPtr	pb_

Detailed Description

Definition at line 113 of file tutorial.cpp.

Member Function Documentation

create()

GadgetPtr gadgetExamples::NAND_Gadget::create ( ProtoboardPtr  pb, const FlagVariableArray &  inputs, const FlagVariable &  output  )

static

Definition at line 182 of file tutorial.cpp.

{
    GadgetPtr pGadget(new NAND_Gadget(pb, inputs, output));
    pGadget->init();
    return pGadget;
}

Here is the caller graph for this function:

generateConstraints()

void gadgetExamples::NAND_Gadget::generateConstraints ( )

virtual

Implements gadgetlib2::Gadget.

Definition at line 192 of file tutorial.cpp.

{
    // we will invoke the AND gate constraint generator
    andGadget_->generateConstraints();
    // and add our out negation constraint in order to make this a NAND gate
    addRank1Constraint(
        1, 1 - andResult_, output_, "1 * (1 - andResult) = output");
    // Another way to write the same constraint is:
    // addUnaryConstraint(1 - andResult_ - output_, "1 - andResult == output");
    //
    // At first look, it would seem that this is enough. However, the AND_Gadget
    // expects all of its inputs to be boolean, a dishonest prover could put
    // non-boolean inputs, so we must check this here. Notice 'FlagVariable'
    // means a variable which we intend to hold only '0' or '1', but this is
    // just a convention (it is a typedef for Variable) and we must enforce it.
    // Look into the internals of the R1P implementation of AND_Gadget and see
    // that {2, 1, 0} as inputs with {1} as output would satisfy all
    // constraints, even though this is clearly not our intent!
    for (const auto &input : inputs_) {
        enforceBooleanity(input); // This adds a constraint of the form: input *
                                  // (1 - input) == 0
    }
}

Here is the call graph for this function:

generateWitness()

void gadgetExamples::NAND_Gadget::generateWitness ( )

virtual

Reimplemented from gadgetlib2::Gadget.

Definition at line 216 of file tutorial.cpp.

{
    // First we can assert that all input values are indeed boolean. The purpose
    // of this assertion is simply to print a clear error message, it is not
    // security critical. Notice the method val() which returns a reference to
    // the current assignment for a variable
    for (const auto &input : inputs_) {
        GADGETLIB_ASSERT(
            val(input) == 0 || val(input) == 1, "NAND input is not boolean");
    }
    // we will invoke the AND gate witness generator, this will set andResult_
    // correctly
    andGadget_->generateWitness();
    // and now we set the value of output_
    val(output_) = 1 - val(andResult_);
    // notice the use of 'val()' to tell the protoboard to assign this new value
    // to the variable 'output_'. The variable itself is only a formal variable
    // and never changes.
}

Here is the call graph for this function:

---

The documentation for this class was generated from the following file:

• /home/runner/work/libsnark/libsnark/libsnark/gadgetlib2/examples/tutorial.cpp