yi-sun / circom-pairing Goto Github PK
View Code? Open in Web Editor NEWLicense: GNU General Public License v3.0
License: GNU General Public License v3.0
Recently a tool for circom static analysis was released https://blog.trailofbits.com/2022/09/15/it-pays-to-be-circomspect/
https://github.com/trailofbits/circomspect
I am developing a project building on top of circom-pairing. And tried to run it and got multiple warnings about unused variables and parameters in circom-pairing. Which will be good to be fixed.
Examples:
warning: The variable `LOGK` is assigned a value, but this value is never read.
┌─ /home/dimo/code/repos/metacraft-labs/DendrETH/vendor/circom-pairing/circuits/curve_fp2.circom:283:5
│
283 │ var LOGK = log_ceil(k);
│ ^^^^^^^^^^^^^^^^^^^^^^ The value assigned to `LOGK` here is never read.
warning: The variable `XI0` is assigned a value, but this value is never read.
┌─ /home/dimo/code/repos/metacraft-labs/DendrETH/vendor/circom-pairing/circuits/pairing.circom:449:5
│
449 │ var XI0 = 1;
│ ^^^^^^^^^^^ The value assigned to `XI0` here is never read.
warning: The parameter `m_out` is never read.
┌─ /home/dimo/code/repos/metacraft-labs/DendrETH/vendor/circom-pairing/circuits/pairing.circom:630:44
│
630 │ template SignedLineFunctionEqualNoCarryFp2(n, k, m_out){
│ ^^^^^^^^^^^ The parameter `m_out` is never used in `SignedLineFunctionEqualNoCarryFp2`.
warning: The parameter `n` is never read.
┌─ /home/dimo/code/repos/metacraft-labs/DendrETH/vendor/circom-pairing/circuits/bigint.circom:842:29
│
842 │ template BigMultShortLong2D(n, k, l) {
│ ^^^^^^^ The parameter `n` is never used in `BigMultShortLong2D`.
warning: The parameter `m_out` is never read.
┌─ /home/dimo/code/repos/metacraft-labs/DendrETH/vendor/circom-pairing/circuits/bigint.circom:227:27
│
227 │ template BigMultShortLong(n, k, m_out) {
│ ^^^^^^^^^^^ The parameter `m_out` is never used in `BigMultShortLong`.
warning: The parameter `m_out` is never read.
┌─ /home/dimo/code/repos/metacraft-labs/DendrETH/vendor/circom-pairing/circuits/fp12.circom:205:43
│
205 │ template SignedFp12MultiplyNoCarryUnequal(n, ka, kb, m_out){
│ ^^^^^^^^^^^^^^^^ The parameter `m_out` is never used in `SignedFp12MultiplyNoCarryUnequal`.
As discussed on a call with @yi-sun.
I am passing in a 10 64-bit register value with overflown negative registers, which is equal to PrimeReduce
is not producing a 0 value.
The input (in javascript) is:
[
4292955422453145964822479413621913075509602355677488716324n,
14138856352885911993756608258123408875015425226836977408445n,
19152084246042552967396910108811035673348399945778457592706n,
12217327447688951856114508225080847269707233820600705128337n,
1256809376368187748897015378026120801835577723245181144683n,
21888242871839275216889261160062547566340077405186531670779808987509571599325n,
21888242871839275216545395842190395868388009954420150990748934327176249927953n,
21888242871839275220388670537073041598834597465916914078472044975985728502901n,
923200339955551664594468325804491929844512499798227728984n,
661957230541661508833462765560680486656693245077732287604n
];
I am calling the PrimeReduce circuit as PrimeReduce(64, 4, 6, [18446744073709551615,4294967295,0,18446744069414584321], 64)
.
The resulting output is
[13783463540893643320743689101979118719301386761965366862061245965287537202710,
18155870869263373804390944244084633434903336360831676640758269357219596904101,
19267890417018132475514721578670315201532369319004675039342416114270004320130,
5218195805275686498610433410021057770238210130511978159824382583898034624600]
When evaluated
When running build_finalexp.sh
in scripts/finalexp
, i got an error
Written successfully: ../../build/finalexp/finalexp.r1cs
Written successfully: ../../build/finalexp/finalexp.sym
Written successfully: ../../build/finalexp/finalexp_cpp/finalexp.cpp and ../../build/finalexp/finalexp_cpp/finalexp.dat
Written successfully: ../../build/finalexp/finalexp_cpp/main.cpp, circom.hpp, calcwit.hpp, calcwit.cpp, fr.hpp, fr.cpp, fr.asm and Makefile
Written successfully: ../../build/finalexp/finalexp_js/finalexp.wat
Written successfully: ../../build/finalexp/finalexp_js/finalexp.wasm
Everything went okay, circom safe
DONE (205s)
****GENERATING WITNESS FOR SAMPLE INPUT****
/home/ubuntu/temp/circom-pairing/build/finalexp/finalexp_js/witness_calculator.js:161
throw new Error(err);
^
Error: RuntimeError: memory access out of bounds
at /home/ubuntu/temp/circom-pairing/build/finalexp/finalexp_js/witness_calculator.js:161:27
at Array.forEach (<anonymous>)
at WitnessCalculator._doCalculateWitness (/home/ubuntu/temp/circom-pairing/build/finalexp/finalexp_js/witness_calculator.js:136:14)
at WitnessCalculator.calculateWTNSBin (/home/ubuntu/temp/circom-pairing/build/finalexp/finalexp_js/witness_calculator.js:212:20)
at /home/ubuntu/temp/circom-pairing/build/finalexp/finalexp_js/generate_witness.js:15:38
DONE (0s)
env:
circom v2.1.2
node v16.15.0
Hi,
I'm trying to build the optimalate and verify (using yarn build:optimalate
in the main folder) and I'm get a problem (the example above is for optimalate):
****COMPILING CIRCUIT****
invalid output path
previous errors were found
DONE (0s)
****COMPILING C++ WITNESS GENERATION CODE****
build_optimalate.sh: 30: cd: can't cd to ../../build/optimalate/optimalate_cpp
make: *** No targets specified and no makefile found. Stop.
DONE (0s)
****VERIFYING WITNESS****
build_optimalate.sh: 37: ./optimalate: not found
DONE (0s)
[ERROR] snarkJS: [Error: ENOENT: no such file or directory, open 'witness.wtns'] {
errno: -2,
code: 'ENOENT',
syscall: 'open',
path: 'witness.wtns'
}
I saw that there's no witness file, so I tried compiling the circuit separately. But then another problem appears when trying to run circom directly (using circom optimalate.circom --O1 --r1cs --sym --c
at circom-pairing/scripts/optimalate):
thread 'main' panicked at 'Method call in file type_analysis/src/analyzers/unknown_known_analysis.rs line 216', /home/ubuntu/circom/program_structure/src/utils/environment.rs:192:9
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace
Do you know what causes this issue? (I'm using circom 2.0.4. Downgrading it to 2.0.3 did nothing)
I am wondering how to generate the inputs.json for the optimalate circuit?
circom-pairing/circuits/curve.circom
Line 343 in 743d761
The case x_equal AND NOT y_equal
should only be considered if aIsInfinity == 0 AND bIsInfinity == 0
https://zkxzk.xyz/
There is an error on the file /data/node/out/Release/node. How can I find this directory?
Why did you decide to not implement a circuit for hash_to_field.
And do you think such a circuit could easily be implemented?
Hi:
After compiling witness generation code, the VERIFYING WITNESS step is failed on centos(works on my mac but it's tooooo slow)
`
COMPILING C++ WITNESS GENERATION CODE
g++ -c main.cpp -std=c++11 -O3 -I.
g++ -c calcwit.cpp -std=c++11 -O3 -I.
g++ -c fr.cpp -std=c++11 -O3 -I.
nasm -felf64 fr.asm -o fr_asm.o
g++ -c signature.cpp -std=c++11 -O3 -I.
g++ -o signature *.o -lgmp
DONE (43s)
VERIFYING WITNESS
./build_signature.sh: line 37: 17543 illegal hardware instruction ./"$CIRCUIT_NAME" ../../../scripts/"$CIRCUIT_NAME"/input_"$CIRCUIT_NAME".json ../witness.wtns
DONE (0s)
`
i try to run the compiled code individual got the same issue
`
circom-pairing git:(master) ✗ ./build/signature/signature_cpp/signature
[1] 17605 illegal hardware instruction ./build/signature/signature_cpp/signature
`
Hi,
Nice project! I have the feeling the components at https://github.com/yi-sun/circom-pairing/blob/master/circuits/bls_signature.circom does not check if the signature and public key are 0 but I might be wrong:
// Inputs:
// - pubkey as element of E(Fq)
// - hash represents two field elements in Fp2, in practice hash = hash_to_field(msg,2).
// - signature, as element of E2(Fq2)
// Assume signature is not point at infinity
template CoreVerifyPubkeyG1(n, k){
If that is the case, for every message m, the BLS verification of e(g1, signature) = e(pubkey, H(m)) is always true.
I tried to use EllipticCurveAdd for aggregating public keys but found that it fails when aIsInfinity == 1
and the point a is at infinity.
I tried to log a few things and I suspect the problem comes from this line
circom-pairing/circuits/curve.circom
Line 340 in 743d761
When I try to run yarn test
, I get two errors, seemingly randomly one then the other:
1:
Error: Valid private key was not found in 8 iterations. PRNG is broken
2:
1) BLS12-381 AddUnequal
"before all" hook for "Testing pub0x: 3339240539395647922132421991322702372104238240714654970446972450544700122774591608686968259989190566488330273124811 pub0y: 744432948660790862960036547477967872558191627119039349416174476633481639225724439214668100604022444699284851937061 pub1x: 2353243795496842701316041113541329138110619797319023835340736870267512258421539361031135356743499026261373368056148 pub1y: 2386284284397302244401617256103334501788482552281908316689749363078196783100373026156036019989012473381516939628441 sumx: 281010329837547155460527788170376554035001313203216696860475215599731471847996351412485786466998087344616765622663 sumy: 3248113251337188006918471056082065332680491081105036289307214240898940801141424352933588337491542859099102229201823":
LinkError: WebAssembly.instantiate(): Import #1 module="runtime" function="printErrorMessage" error: function import requires a callable
at builder (node_modules/circom_tester/wasm/witness_calculator.js:12:40)
at async wasm_tester (node_modules/circom_tester/wasm/tester.js:43:16)
at async Context.<anonymous> (test/bls12-381.test.ts:34:15)
Any help on improving testing instructions would be appreciated, thanks!
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.