gadgetExamples Namespace Reference

Classes
class	HashDifficultyEnforcer_Gadget
class	NAND_Gadget
class	R1P_VerifyTransactionAmounts_Gadget

Functions
	TEST (Examples, ProtoboardUsage)
	TEST (Examples, NAND_Gadget)
	TEST (Examples, HashDifficultyEnforcer_Gadget)
	CREATE_GADGET_BASE_CLASS (VerifyTransactionAmounts_GadgetBase)
	CREATE_GADGET_FACTORY_CLASS_3 (VerifyTransactionAmounts_Gadget, VariableArray, txInputAmounts, VariableArray, txOutputAmounts, Variable, minersFee)
	TEST (Examples, R1P_VerifyTransactionAmounts_Gadget)
	TEST (gadgetLib2, Integration)

Function Documentation

CREATE_GADGET_BASE_CLASS()

gadgetExamples::CREATE_GADGET_BASE_CLASS

(

VerifyTransactionAmounts_GadgetBase

)

CREATE_GADGET_FACTORY_CLASS_3()

gadgetExamples::CREATE_GADGET_FACTORY_CLASS_3	(	VerifyTransactionAmounts_Gadget	,
		VariableArray	,
		txInputAmounts	,
		VariableArray	,
		txOutputAmounts	,
		Variable	,
		minersFee
	)

TEST() [1/5]

gadgetExamples::TEST	(	Examples	,
		HashDifficultyEnforcer_Gadget
	)

Definition at line 398 of file tutorial.cpp.

{
    initPublicParamsFromDefaultPp();
    auto pb = Protoboard::create(R1P);
    const MultiPackedWord hashValue(64, R1P, "hashValue");
    const size_t difficulty = 10;
    auto difficultyEnforcer =
        HashDifficultyEnforcer_Gadget::create(pb, hashValue, difficulty);
    difficultyEnforcer->generateConstraints();
    // constraints are created but no assignment yet. Will throw error on
    // evaluation
    EXPECT_ANY_THROW(pb->isSatisfied());
    pb->val(hashValue[0]) = 42;
    difficultyEnforcer->generateWitness();
    // First 10 bits of 42 (when represented as a 64 bit number) are '0' so this
    // should work
    EXPECT_TRUE(pb->isSatisfied(PrintOptions::DBG_PRINT_IF_NOT_SATISFIED));
    pb->val(hashValue[0]) = 1000000000000000000;
    // This is a value > 2^54 so we expect constraint system not to be
    // satisfied.
    difficultyEnforcer
        ->generateWitness(); // This would have failed had we put an assertion
    EXPECT_FALSE(pb->isSatisfied());
}

Here is the call graph for this function:

TEST() [2/5]

gadgetExamples::TEST	(	Examples	,
		NAND_Gadget
	)

Definition at line 237 of file tutorial.cpp.

{
    // initialize the field
    initPublicParamsFromDefaultPp();
    // create a protoboard for a system of rank 1 constraints over a prime
    // field.
    ProtoboardPtr pb = Protoboard::create(R1P);
    // create 5 variables inputs[0]...inputs[4]. The string "inputs" is used for
    // debug messages
    FlagVariableArray inputs(5, "inputs");
    FlagVariable output("output");
    GadgetPtr nandGadget = NAND_Gadget::create(pb, inputs, output);
    // now we can generate a constraint system (or circuit)
    nandGadget->generateConstraints();
    // if we try to evaluate the circuit now, an exception will be thrown,
    // because we will be attempting to evaluate unassigned variables.
    EXPECT_ANY_THROW(pb->isSatisfied());
    // so let's assign the input variables for NAND and try again after creating
    // the witness
    for (const auto &input : inputs) {
        pb->val(input) = 1;
    }
    nandGadget->generateWitness();
    EXPECT_TRUE(pb->isSatisfied());
    EXPECT_TRUE(pb->val(output) == 0);
    // now let's try to ruin something and see what happens
    pb->val(inputs[2]) = 0;
    EXPECT_FALSE(pb->isSatisfied());
    // now let's try to cheat. If we hadn't enforced booleanity, this would have
    // worked!
    pb->val(inputs[1]) = 2;
    EXPECT_FALSE(pb->isSatisfied());
    // now let's reset inputs[1] to a valid value
    pb->val(inputs[1]) = 1;
    // before, we set both the inputs and the output. Notice the output is still
    // set to '0'
    EXPECT_TRUE(pb->val(output) == 0);
    // Now we will let the gadget compute the result using generateWitness() and
    // see what happens
    nandGadget->generateWitness();
    EXPECT_TRUE(pb->val(output) == 1);
    EXPECT_TRUE(pb->isSatisfied());
}

Here is the call graph for this function:

TEST() [3/5]

gadgetExamples::TEST	(	Examples	,
		ProtoboardUsage
	)

Definition at line 50 of file tutorial.cpp.

{
    // Initialize prime field parameters. This is always needed for R1P.
    initPublicParamsFromDefaultPp();
    // The protoboard is the 'memory manager' which holds all constraints (when
    // creating the verifying circuit) and variable assignments (when creating
    // the proof witness). We specify the type as R1P, this can be augmented in
    // the future to allow for BOOLEAN or GF2_EXTENSION fields in the future.
    ProtoboardPtr pb = Protoboard::create(R1P);
    // We now create 3 input variables and one output
    VariableArray input(3, "input");
    Variable output("output");
    // We can now add some constraints. The string is for debugging purposes and
    // can be a textual description of the constraint
    pb->addRank1Constraint(
        input[0],
        5 + input[2],
        output,
        "Constraint 1: input[0] * (5 + input[2]) == output");
    // The second form addUnaryConstraint(LinearCombination) means
    // (LinearCombination == 0).
    pb->addUnaryConstraint(
        input[1] - output, "Constraint 2: input[1] - output == 0");
    // Notice this could also have been written:
    // pb->addRank1Constraint(1, input[1] - input[2], 0, "");
    //
    // For fields with more general forms, once implemented, we could use
    // addGeneralConstraint(Polynomial1, Polynomial2, string) which translates
    // to the constraint (Polynomial1 == Polynomial2).  Example:
    // pb->addGeneralConstraint(input[0] * (3 + input[1]) * input[2], output +
    // 5,
    //                          "input[0] * (3 + input[1]) * input[2] == output
    //                          + 5");
    //
    // Now we can assign values to the variables and see if the constraints are
    // satisfied. Later, when we will run a SNARK (or any other proof system),
    // the constraints will be used by the verifier, and the assigned values
    // will be used by the prover. Notice the protoboard stores the assignment
    // values.
    pb->val(input[0]) = pb->val(input[1]) = pb->val(input[2]) =
        pb->val(output) = 42;
    EXPECT_FALSE(pb->isSatisfied());
    // The constraint system is not satisfied. Now let's try values which
    // satisfy the two equations above:
    pb->val(input[0]) = 1;
    pb->val(input[1]) = pb->val(output) = 42; // input[1] - output == 0
    pb->val(input[2]) = 37;                   // 1 * (5 + 37) == 42
    EXPECT_TRUE(pb->isSatisfied());
}

Here is the call graph for this function:

TEST() [4/5]

gadgetExamples::TEST	(	Examples	,
		R1P_VerifyTransactionAmounts_Gadget
	)

Definition at line 573 of file tutorial.cpp.

{
    initPublicParamsFromDefaultPp();
    auto pb = Protoboard::create(R1P);
    const VariableArray inputAmounts(2, "inputAmounts");
    const VariableArray outputAmounts(3, "outputAmounts");
    const Variable minersFee("minersFee");
    auto verifyTx = VerifyTransactionAmounts_Gadget::create(
        pb, inputAmounts, outputAmounts, minersFee);
    verifyTx->generateConstraints();
    pb->val(inputAmounts[0]) = pb->val(inputAmounts[1]) = 2;
    pb->val(outputAmounts[0]) = pb->val(outputAmounts[1]) =
        pb->val(outputAmounts[2]) = 1;
    verifyTx->generateWitness();
    EXPECT_TRUE(pb->isSatisfied());
    EXPECT_EQ(pb->val(minersFee), 1);
    pb->val(minersFee) = 3;
    EXPECT_FALSE(pb->isSatisfied());
}

Here is the call graph for this function:

TEST() [5/5]

gadgetExamples::TEST	(	gadgetLib2	,
		Integration
	)

Definition at line 598 of file tutorial.cpp.

{
    initPublicParamsFromDefaultPp();
    // Create an example constraint system and translate to libsnark format
    const libsnark::r1cs_example<libff::Fr<libff::default_ec_pp>> example =
        libsnark::gen_r1cs_example_from_gadgetlib2_protoboard(100);
    const bool test_serialization = false;
    // Run ppzksnark. Jump into function for breakdown
    const bool bit = libsnark::run_r1cs_ppzksnark<libff::default_ec_pp>(
        example, test_serialization);
    EXPECT_TRUE(bit);
};

Here is the call graph for this function: