Skip to content

Commit

Permalink
return encrypted values for all outputs for batching
Browse files Browse the repository at this point in the history
Signed-off-by: Chengxuan Xing <chengxuan.xing@kaleido.io>
  • Loading branch information
Chengxuan committed Sep 26, 2024
1 parent 7602dae commit 273cf81
Show file tree
Hide file tree
Showing 23 changed files with 1,358 additions and 690 deletions.
63 changes: 42 additions & 21 deletions solidity/contracts/lib/verifier_anon_enc.sol
Original file line number Diff line number Diff line change
Expand Up @@ -43,35 +43,44 @@ contract Groth16Verifier_AnonEnc {
uint256 constant deltay2 = 8495653923123431417604973247489272438418190587263600148770280649306958101930;


uint256 constant IC0x = 5696326670703652601376328914723856805804139150397636629981154943267586835846;
uint256 constant IC0y = 17913431813079674015620165360736989993822627917830194405007674349883405519566;
uint256 constant IC0x = 15520848054661511274945320545667385548601069271438999324366330478358568711164;
uint256 constant IC0y = 21157706785088596766640646951118458870358425037843657358834285142096534241567;

uint256 constant IC1x = 2102562587253616254650248571898720579563063454685611900201869023012028011038;
uint256 constant IC1y = 858837120372047227699859025595943051604219338012183710955972141361344096680;
uint256 constant IC1x = 8426080128821983408742228948574443657002575937683949448708665466581838540418;
uint256 constant IC1y = 2961289054807278996124904978204815851370317973256653070013442261730110386382;

uint256 constant IC2x = 19871902121561448541783335513612822391415363559792595451397804594141318386828;
uint256 constant IC2y = 14203964380144242038882743638980469366132880555873818345914201687170773944754;
uint256 constant IC2x = 16846214183034172122880181483898983231574288374891417794445456783443571203454;
uint256 constant IC2y = 4795943127049292018241039074381217225273912831887247849230603976368095834324;

uint256 constant IC3x = 4534338244167504974683945726615729215678954323916000129150608047181600075942;
uint256 constant IC3y = 9004530693581096650487103914238080672423858350236817229254519649589395343912;
uint256 constant IC3x = 10240231648004351535934471246939085350017538992419843720960233896502823753829;
uint256 constant IC3y = 918298420507614225062851310351147657365217324218976043633227084147487484538;

uint256 constant IC4x = 16926200767829183396766074136228821955738540059328214039731068817771880630127;
uint256 constant IC4y = 15535238050385142389806452090946716626530242126040333805866336792975972380578;
uint256 constant IC4x = 2676903711586497323483713249304841063436832787967161822350958984717228651508;
uint256 constant IC4y = 11366926733173287985429506187405640951452084685400170840758508049511684394323;

uint256 constant IC5x = 269115022971501175992618085182824077406065858697651888560831707201556157978;
uint256 constant IC5y = 19699073094724988754117299114476621695804537148277402334737306097425629024180;
uint256 constant IC5x = 7501808156091619633948887448038018539596703524171333033985091618683129395104;
uint256 constant IC5y = 15183325431102096756416380632145698394481557936329850246257270656919651359614;

uint256 constant IC6x = 1913049492538130220079715288227546492513434304091272666779551189559174650055;
uint256 constant IC6y = 8026674512639726678535471254304139996984356128094657497323442787106936741295;
uint256 constant IC6x = 16142642127854572324146698192700027612727186725464085127687467897687720973766;
uint256 constant IC6y = 4517714220502032665709414305462814581261203269046555880307186415606032799074;

uint256 constant IC7x = 19540350047697937581651886063231839834190225823779317423395632407508094676034;
uint256 constant IC7y = 11509057717377452054369845075648430924127395960184841862468027451544630252263;
uint256 constant IC7x = 1755538289631427930924987331320419179208761530645468129027087746202210024610;
uint256 constant IC7y = 12173734026028648655823071635152323182912152859934466692190630751344902966218;

uint256 constant IC8x = 20424145427206879140473289312774507494632015321325422705294860020477582644926;
uint256 constant IC8y = 7679128631893396357290525051865682086413798390080076016853338090494897502827;
uint256 constant IC8x = 7848298938728453306694415912843236021632832336242686994829367580246363462232;
uint256 constant IC8y = 14621047188318073218187719299332281645270167229458286064175382232430986150614;

uint256 constant IC9x = 1473626294810953820540987430623254549322665071695014303081451346851945206320;
uint256 constant IC9y = 11106503043437375969357683402411680940320268283974144474358260758792518561470;
uint256 constant IC9x = 5702664871943851440604579505620421848165916037464510240027885273509338564683;
uint256 constant IC9y = 4155173472639459280548275148817066405334382784770925752738906208871756122916;

uint256 constant IC10x = 11951237379444909975940139423428082852090010220501184525120096272922224325380;
uint256 constant IC10y = 7330212864492454320053389793155451329372996827534004209553742378250571973798;

uint256 constant IC11x = 17758792179933266126153564380301713721054370865026967564744749205362384449189;
uint256 constant IC11y = 20123875363051656182295676194267758869550749528323178608799833168744783048873;

uint256 constant IC12x = 16531299530766176947215740556184329586746603539886897864186093216474595540644;
uint256 constant IC12y = 8268807341917110402770543111430324212645734302589993091794921535136544275649;


// Memory data
Expand All @@ -80,7 +89,7 @@ contract Groth16Verifier_AnonEnc {

uint16 constant pLastMem = 896;

function verifyProof(uint[2] calldata _pA, uint[2][2] calldata _pB, uint[2] calldata _pC, uint[9] calldata _pubSignals) public view returns (bool) {
function verifyProof(uint[2] calldata _pA, uint[2][2] calldata _pB, uint[2] calldata _pC, uint[12] calldata _pubSignals) public view returns (bool) {
assembly {
function checkField(v) {
if iszero(lt(v, r)) {
Expand Down Expand Up @@ -142,6 +151,12 @@ contract Groth16Verifier_AnonEnc {

g1_mulAccC(_pVk, IC9x, IC9y, calldataload(add(pubSignals, 256)))

g1_mulAccC(_pVk, IC10x, IC10y, calldataload(add(pubSignals, 288)))

g1_mulAccC(_pVk, IC11x, IC11y, calldataload(add(pubSignals, 320)))

g1_mulAccC(_pVk, IC12x, IC12y, calldataload(add(pubSignals, 352)))


// -A
mstore(_pPairing, calldataload(pA))
Expand Down Expand Up @@ -215,6 +230,12 @@ contract Groth16Verifier_AnonEnc {

checkField(calldataload(add(_pubSignals, 288)))

checkField(calldataload(add(_pubSignals, 320)))

checkField(calldataload(add(_pubSignals, 352)))

checkField(calldataload(add(_pubSignals, 384)))


// Validate all evaluations
let isValid := checkPairing(_pA, _pB, _pC, _pubSignals, pMem)
Expand Down
Loading

0 comments on commit 273cf81

Please sign in to comment.