零知识证明:ZoKrates 使用和案例说明【亚博取现秒速出款】

ZoKrates 是一个针对以太坊的 zk-SNARKs 工具类项目, 利用它可以较为更容易地构建链下分解零科学知识证明, 再行递交到以太坊链上用智能合约展开检验的功能.ZoKrates 本身主要用 rust 构建, 底层 zkp 方案依赖 bellman, libsnark 构建.本文详细讲解 ZoKrates 的用于以及 V 神 zkSNARKs 涉及文章里的一个案例用 ZoKrates 构建解释.关于 zkSNARKs, ZoKrates 更加详尽的讲解和解释可以参照文末参考资料.命令行解释compile编译器源码: 将 zok 源码压平成逻辑条件语句形式, 分解两个文件(配置文件 out, out.ztf), 其中 .ztf 文件是格式化版.命令样例: zokrates compile [-o out] -i sample.zokzok 源码文件 sample.zok:def main(private field a, field b) – (field): field result = if a * a == b then 1 else 0 fi return result分解的 ztf 文件:def main(_0, _1) – (1): (1 * _0) * (1 * _0) == 1 * _4 # _2, _3 = Rust::ConditionEq((-1) * _1 + 1 * _4) ((-1) * _1 + 1 * _4) * (1 * _3) == 1 * _2 (1 * ~one + (-1) * _2) * ((-1) * _1 + 1 * _4) == 0 (1 * ~one) * (1 * ~one + (-1) * _2) == 1 * ~out_0 return ~out_0setup可靠启动: 继续执行可靠启动(trusted setup)操作者, 分解 CRS(Common Reference String).命令样例: zokrates setup [-i out] [-s G16] [-p proving.key] [-v verification.key]setup 输出为 compile 分解的 out, 在分解 CRS 前会不会先生成 R1CS 等操作者, 最后输入两个文件: proving.key 和 verification.key.可以用参数 -s 登录使用的零科学知识证明方案, 目前反对 G16、PGHR13、GM17, 配置文件为 G16.分解的 verification.key:vk.alpha = 0x0570e3c9d82099fa7387140f1c16a521c600c62109cdc023a7dafd45698f22de, 0x04ad4ecb02c73f674c264eab35f2ef763f0fc7b758fa554385cc419c72fa4b8cvk.beta = [0x0c81950e8454719fcdae412f554bac62071f0dcfbc0df5a10dbfe3530b5b980c, 0x1cd6933716f38d239eb6fd2416c22f1e7ba3bbd367b007e9d94a29c243486858], [0x1bdcbd9b7306f051de4ff26979fddac6e376a94416521f30233451ef03d59b75, 0x1165ef2b53fe7172d3bada68df3200db2931c991b4602299127f0195983575b8]vk.gamma = [0x0fa0718df95c498bc1f50ec2a5f4f7b1214bf0b5c3f28d439740588a4c42ece6, 0x013f7042472ce1b5e8c546d18761c3a27ae786b1258050cc486d0258cc401e24], [0x0cf0f1d42a320b73e579d7828712c08b663ecec595bb3d893f10acebbb5d8658, 0x296b67405655ee6d0edd69fbfcab20f400da0ad9b87cbca98a4fa96e133773e0]vk.delta = [0x063fa2f6cd8ad00b35af4348fd7e627dcf8bb3530d0e50e23046abe054900d06, 0x06f008e36d2c0c05978785e4cce3dfc169fbb078aa891dc83a14f96d56572d52], [0x1347ce64162496c450dc725aef975e2a0744712a487106739883df311af91057, 0x234e180f25487b444d0f1f8ac0c02b45ceeffc0ce171e2507e270d1aea44d67f]vk.gamma_abc.len() = 3vk.gamma_abc[0] = 0x18149018b7c0ee29906ef20c544efb732a822d4a562100c20aef1a301bb1dc20, 0x18a913b2026e7fb7fccef60c0b577dbd7a80b95c7575de8a5314ed88f0a1ae1bvk.gamma_abc[1] = 0x17b95318ccf8382281b3f6811a44f107d3df1984bb8ce3d25bda15966e4ac243, 0x05c08e28b1d45692a3bb7e51a7a784553695ee373047a095560d9702f02f46bcvk.gamma_abc[2] = 0x2c820e3b6ca96c8a98a98085fe4d29b237a23dac00abb0cc5dcb7a96d45fa042, 0x00937b10d0c409ab576d9739f895b4e8a4f0b3f0daa8bde00d83239a691e3471compute-witness计算出来 witness: 这是分解证明的一个步骤, 根据原计算出来问题的输出分解 witness.命令样例: zokrates compute-witness [-i out] [-o witness] -a 4 16命令的输出为 compile 分解的 out, 以及计算出来问题(函数)的输出参数; 输入一个文件, 配置文件文件名为 witness.generate-proof分解证明: 基于约束系统(计算出来问题)以及 witness 分解对应的零科学知识证明.命令样例:zokrates generateproof [-i out] [-p proving.key] [-w witness] [-s G16] [-j proof.json]命令的输出为 compile 和 setup 分解的(out, proving.key) 以及 compute-witness 分解的(witness); 输入证明文件, 配置文件为 proof.json.proof.json 样例:{ “proof”: {“a”: [“0x00079e628b230588e245fda5edf8866ce711c7de8d5cc37cf54b80f51aa37c37”, “0x167b3260cf4af269c4914dfbe180477097a988f6bb778705e76e489a42e0bfd0″],”b”: [[“0x1afb08d6f40254ef449b504d1f6530879ddb3effc7b729620a736701dec6d6dc”, “0x1e89599001bc3572bfefaf041c624d72be516ca3cb6be479fb4daf0442566c4d”], [“0x24f83adc32a54235ad72c7e61e93990c1d97c3ef72417892b7bb01f64a53c42e”, “0x0adc5cb25f7de45483b027f9afa12eff92a910d277ccc28bf39e6d79f7c5569f”]],”c”: [“0x2019bdafca45c38f26a5e3ab23764e2650d13f0b64c2b4dee3ad705fbacbbafd”, “0x26aa019ae205ae1b91bf8dab69d16e24395b3e17983377f25d2f3730e53ae17d”] }, “inputs”: [“0x0000000000000000000000000000000000000000000000000000000000000010”, “0x0000000000000000000000000000000000000000000000000000000000000001”]}export-verifier给定检验合约: 根据 verification.key 分解 verifier 合约.命令样例: zokrates export-verifier [-i verification.key] [-s G16] [-o verifier.sol]证明方案docs: Proving Schemes当前 ZoKrates 反对三个证明方案:1. PGHR13: pghr13, 依赖 libsnark2. G16: groth16, 配置文件方案, 不倚赖 libsnark, 依赖 bellman3. GM17: gm17, 依赖 libsnarksetup, export-verifier, generate-proof 三个命令可以通过 -s 登录证明方案, 但需保持一致.要用于 PGHR13 或者 GM17, 必须在编译器分解 zokrates 命令时减少额外的参数来重新加入 libsnark: cargo +nightly -Z package-features build –release –package zokrates_cli –features=”libsnark”解释: G16 不存在延展性(malleability)问题, 引荐用于 gm17.检验方法检验方法就是调用 export-verifier 命令分解的 verifier.sol 合约的 verifyTx 函数.function verifyTx(uint[2] memory a, uint[2][2] memory b, uint[2] memory c, uint[2] memory input) public returns (bool r)函数的参数来自 generte-proof 命令的输入结果.案例: x^3+x+3=35本案例来自 vitalik 的 QAP 文章:· Quadratic Arithmetic Programs: from Zero to Hero· 白话零科学知识证明 (二)继续执行过程:1. 用于 DSL 来对问题编码:· main.zokdef main(private field x) – (bool): x*x*x + x + 5 == 35 return true2. 编译器:· 命令: zokrates compile -i main.zok· 结果:Compiling main.zokCompiled program:def main(_0) – (1):(1 * _0) * (1 * _0) == 1 * _1(1 * _1) * (1 * _0) == 1 * _2(1 * ~one) * (35 * ~one) == 5 * ~one + 1 * _0 + 1 * _2(1 * ~one) * (1 * ~one) == 1 * ~out_0return ~out_0Compiled code written to ‘out’Human readable code to ‘out.ztf’Number of constraints: 4· 根据结果可以告诉:~one = 1~out_0=1_0 = x_1 = _0*_1 = x^33. setup命令: zokrates setup输入结果:Performing setup…def main(_0) – (1):(1 * _0) * (1 * _0) == 1 * _1(1 * _1) * (1 * _0) == 1 * _2(1 * ~one) * (35 * ~one) == 5 * ~one + 1 * _0 + 1 * _2(1 * ~one) * (1 * ~one) == 1 * ~out_0return ~out_0WARNING: You are using the G16 scheme which is subject to malleability. See zokrates.github.io/reference/proving_schemes.html#g16-malleability for implications.Has generated 5 points4. 分解检验合约命令: zokrates export-verifier5. 编译器并公布合约· 用于 remix 和 Metamask 来编译器和公布.· Rinkby 上公布并源码证书的合约: 0x53577a6d35da004d1c76397959c594d0426ecd1ahttps://rinkeby.etherscan.io/address/0x53577a6d35da004d1c76397959c594d0426ecd1a6. 分解准确的 witness 和 proof· 命令: zokrates compute-witness -a 3 -o witness.goodComputing witness…Witness:[true]· witness.good:~out_0 1~one 1_0 3_1 9_2 277. 分解准确的 proof· 命令: zokrates generate-proof -w witness.good -j proof-good.jsonGenerating proof…WARNING: You are using the G16 scheme which is subject to malleability. See zokrates.github.io/reference/proving_schemes.html#g16-malleability for implications.generate-proof successful: true· proof-good.json{“proof”: {“a”: [“0x110332d0c8e1d05ce9404fd93105c3fe4584d80ccb5ac717acadc7ebd0fc980e”, “0x030f5b5816274abb8eef5be4fd24991d0de600916d02338be72374e7b9bfdf6c”],”b”: [[“0x047db95379f2de8e6753fc26dfd0254d6f634526062ae70e3545bd50bf8be5df”, “0x187c8851eae58a5713dd46f18dc9598b67598a248edb0cee6b68f5d080f01e9b”], [“0x05ae13857c3b68ea1728fcdf4f41883c78be1fda50b4a54f0aab8c27aa63fdf2”, “0x2402254c268795bb9c1ef973e4fb4a5eacc8e230793a1d6b8208666b436da00a”]],”c”: [“0x141b43d522d0cf6912c12efbb5c5bb783a21a1392573d9073db93f284ba6b008”, “0x2aa86a426ca6b2deeeaff97cbeef7299082cc9753635bb8dee1c8d87e9ef53c2″]},”inputs”: [“0x0000000000000000000000000000000000000000000000000000000000000001”]}%8. 调用 verifier 合约展开检验交易: 0xf84aa9f7cc7b7ef7896f77b295bcce657c18c6053fe33eba0905f86131c6851fhttps://rinkeby.etherscan.io/tx/0xf84aa9f7cc7b7ef7896f77b295bcce657c18c6053fe33eba0905f86131c6851f根据 verifier.sol, 交易有抛事件就解释检验通过.9. 分解错误的 witness 和 proof命令: zokrates compute-witness -a 4 -o witness.badComputing witness…Execution failed: Expected 35 to equal 73witness.bad 无法分解.10. 假造错误的 proof, 基于上面的 proof-good.json 的数据展开给定改动.11. 调用 verifier 合约展开检验· 交易: 0x669936c392f39a10bc0ee594e1472b87a93b0370ed329ab03892e5f702fb1ea3https://rinkeby.etherscan.io/tx/0x669936c392f39a10bc0ee594e1472b87a93b0370ed329ab03892e5f702fb1ea3· 交易: 0x89689b344f88751995641f8f682768aaf99b770f70f404bd003fedc6ecb50393https://rinkeby.etherscan.io/tx/0x89689b344f88751995641f8f682768aaf99b770f70f404bd003fedc6ecb50393· 有些交易会告终, 有些交易会顺利, 但是顺利的交易也是没事件的(解释检验没有通过, 函数回到 false)参考资料· ZoKrates – githubhttps://github.com/Zokrates/ZoKrates· zokrates docshttps://zokrates.github.io/· bellmanhttps://github.com/zkcrypto/bellman· libsnarkhttps://github.com/scipr-lab/libsnark· VitalikButerin – Quadratic Arithmetic Programs: from Zero to Herohttps://medium.com/@VitalikButerin/quadratic-arithmetic-programs-from-zero-to-hero-f6d558cea649· 零科学知识证明 – 了解解读 ZoKrateshttps://learnblockchain.

Continue Reading

亚博取现秒速出款-马斯克一手造梦想一手造时势

To follow Elon Musk’s Twitter feed on Tuesday as SpaceX’s Falcon Heavy rocket blasted off from its launch pad was to enter into the zany, geeky, mettlesome, and inspirational world of the South African-born tech entrepreneur.个人太空企业SpaceX的猎鹰重型火箭(Falcon Heavy)周二从发射塔升空时,瞩目埃隆马斯克·马斯克(Elon Musk)在Twitter里发的贴子如同转到了这名出生于巴西的高新科技创业者古怪、“我们范”、战列舰而又振奋人心的全球。

Continue Reading

英国国会下院批准三人DNA体外受精技术|亚博取款速度非常快

LONDON — Despite warnings that a new ethical threshold was being crossed, British lawmakers on Tuesday voted to allow the in vitro creation of babies using the DNA of three people, a procedure that could prevent the inheritance of genetic diseases.伦敦——尽管有人警告说道,用三个人的DNA展开体外受精的作法,将不会容忍一道新的伦理界限,但本周二,英国国会议员投票通过了这项可以用来避免遗传病的技术。

Continue Reading

亚博取款速度非常快|如何应用MES系统实现SMT上料防错?

在SMT设备帖片以前,务必工作工作人员将料盘放进精确的Feeder上,再作把Feeder放进合适的SMT设备的战位上,在这个全过程中,经常再次出现用错原材料或用错Feeder的状况,因为SMT设备是髙速到数经营,假如没法事先避免 这类不正确,将造成 返修或原厂进而给公司带来重大损失,要避免 这类状况的再次出现,最烂的方法便是在上料过程中将待送料的料盘、用以的Feeder、待送料的战位的对应关系与料车站表格进行比较。

Continue Reading
网站地图xml地图