iang
/
pedersen-libsnark


			
							1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889909192
							#include <stdlib.h>
#include <iostream>
#include <fstream>

#include "ecgadget.hpp"
#include "scalarmul.hpp"

using namespace libsnark;
using namespace std;

int main()
{
  // Initialize the curve parameters

  default_r1cs_gg_ppzksnark_pp::init_public_params();

  typedef libff::Fr<default_r1cs_gg_ppzksnark_pp> FieldT;
  
  // Create protoboard

  libff::start_profiling();

  cout << "Keypair" << endl;

  protoboard<FieldT> pb;
  pb_variable<FieldT> outx, outy;
  pb_variable<FieldT> s;
  pb_variable_array<FieldT> Ptable;

  // A variable base point P
  const FieldT Px = FieldT("1095194319010475832867263440470707690447963461907735667341232728633587089702");
  const FieldT Py = FieldT("9185463202887631101218413269806857706246311016297504828581985913021301344974");

  // Allocate variables

  size_t numbits = FieldT::num_bits;
  outx.allocate(pb, "outx");
  outy.allocate(pb, "outy");
  Ptable.allocate(pb, 2*numbits, "Ptable");
  s.allocate(pb, "s");

  // This sets up the protoboard variables so that the first n of them
  // represent the public input and the rest is private input

  pb.set_input_sizes(2+2*numbits);

  // Initialize the gadget
  ec_scalarmul_gadget<FieldT> sm(pb, outx, outy, s, Ptable);
  sm.generate_r1cs_constraints();

  const r1cs_constraint_system<FieldT> constraint_system = pb.get_constraint_system();

  const r1cs_gg_ppzksnark_keypair<default_r1cs_gg_ppzksnark_pp> keypair = r1cs_gg_ppzksnark_generator<default_r1cs_gg_ppzksnark_pp>(constraint_system);

  // Add witness values

  cout << "Prover" << endl;
  
  pb.val(s) = FieldT::random_element();
  cout << "Computing " << pb.val(s) << "*G" << endl;

  ec_scalarmul_gadget<FieldT>::compute_Ptable(pb, Ptable, Px, Py);
  sm.generate_r1cs_witness();

  const r1cs_gg_ppzksnark_proof<default_r1cs_gg_ppzksnark_pp> proof = r1cs_gg_ppzksnark_prover<default_r1cs_gg_ppzksnark_pp>(keypair.pk, pb.primary_input(), pb.auxiliary_input());

  cout << "Verifier" << endl;

  bool verified = r1cs_gg_ppzksnark_verifier_strong_IC<default_r1cs_gg_ppzksnark_pp>(keypair.vk, pb.primary_input(), proof);

  cout << "Number of R1CS constraints: " << constraint_system.num_constraints() << endl;
  cout << "Primary (public) input length: " << pb.primary_input().size() << endl;
//  cout << "Primary (public) input: " << pb.primary_input() << endl;
  cout << "Auxiliary (private) input length: " << pb.auxiliary_input().size() << endl;
//  cout << "Auxiliary (private) input: " << pb.auxiliary_input() << endl;
  cout << "Verification status: " << verified << endl;

  ofstream pkfile("pk_varscalarmul");
  pkfile << keypair.pk;
  pkfile.close();
  ofstream vkfile("vk_varscalarmul");
  vkfile << keypair.vk;
  vkfile.close();
  ofstream pffile("proof_varscalarmul");
  pffile << proof;
  pffile.close();

  cout << pb.val(s) << "*P" << " = (" << pb.val(outx) << ", " << pb.val(outy) << ")" << endl;


  return 0;
}