Introduction: In the previous article , I introduced the use of circom and snarkjs to implement zkSNARK zero-knowledge proof, including the steps to use snarkjs, and all my graduation thesis also use snarkjs to implement zkSNARK algorithm.
However, the difference between the concept of signal in snarkjs and high-level language variables is a bit big, and many calculation operations cannot be performed directly, and it is necessary to adjust the powersOfTau trusted setting when executing the SHA256 hash algorithm in the circom library (snarkjs ptn bn128 10 powersOfTau10_0000.ptau, modify 10 to a larger value), only the snark-friendly MiMC hash algorithm can be used. So I started exploring other zkSNARK tools.
Some reports indicate that snarkjs, libsnark and ZoKrates are known as the three most commonly used zero-knowledge development libraries for zkSNARKs. After testing, it is found that ZoKrates is closer to a high-level language in the process of writing code. The input and output of arithmetic circuits are in the form of variables, which naturally supports comparator value comparison, and it is easier to implement Zero-Knowledge Range Proof (ZKRP), and ZoKrates supports log output for debugging. In addition, ZoKrates implements the Remix plug-in, so it can run the zkSNARK arithmetic circuit online, hereby record the steps of ZoKrates+Remix to implement zkSNARK zero-knowledge proof online.
ZoKrates is a toolbox for zkSNARKs on Ethereum. It helps you use verifiable computations in DApps, from program specifications in high-level languages to generating computation proofs to verifying those proofs in Solidity. (Introduced by ZoKrates official website )
Remix official website: https://remix.ethereum.org/
1.Install the plug-in
Click the plug-in button in the lower left corner, find the ZOKRATES plug-in, and click Activate to activate the plug-in:
2. Write zkSNARK arithmetic circuit
Name the new file main.zok and enter the following code:
def main(private u8 p, private u8 q, u8 n) -> bool {
return p * q == n;
}2.1 Code explanation
Two private inputs p and q, one public input n, u8 represents an 8-bit unsigned integer, and returns the bool type.
According to "large integer prime factorization" is an NP-hard problem (Nondeterministic polynomial-time, nondeterministic polynomial time), given two prime numbers p and q, their product is n, but if only this number n is provided, find out Two prime factors of n are difficult.
According to this problem, zkSNARK is used to prove to the outside world that it " knows the two prime factors of n ", but does not reveal the true values of p and q to the outside world. Therefore, the private inputs of zkSNARK are p and q, the public input is n, and the arithmetic circuit is p*q==n.
2.2 Online testing
ZoKrates provides a testing environment for online compilation of arithmetic circuits. Go to the official website https://play.zokrat.es :
3. Compilation and testing
Enter the ZOKRATES plug-in and click compile to compile:
Enter an error sample for testing, p=3, q=7, n=22, and the output is false:
Enter the correct sample for testing, p=3, q=7, n=21, and the output is true:
4. Initialize key verification_key.json
Click Run Setup to initialize and get verification_key.json as the verification key:
5. Generate proof.json
Click Generate to generate proof.json:
Copy Verifier inputs for later use:
[["0x1dc9038012cef119c740a52bffc3280d6ed125bbd9bfc474bcca78dd982a901d","0x0fa4945211306b5d0a50bbc80e5def88fe1224b927fcace75d725384d31755f9"],[["0x15ae9c563fcfcb4cdf74780bbefd44bd54e6be9222170bd907bd962f0928c103","0x27ad25d6aa4089fd27622e8f17524b3bb05ffa67d2c099a1f880d69357a0b168"],["0x297ea2971f2296ba60e9e4fe3b9535455e9130e14a0c973f584deec0437448d2","0x05484d4637c39f5b7eadf920686d3290f4f5dfeae3ae7d486a9f753521cc12c5"]],["0x0760832bd07407205278074a131c8e67de0e90f8e45f6ac43c083ffa44873b34","0x014b52710266031a08b23d556f0ca1c64b4b579db8f6e0c4720ffe649bbd3bf9"]],["0x0000000000000000000000000000000000000000000000000000000000000015","0x0000000000000000000000000000000000000000000000000000000000000001"]
0x00000000000000000000000000000000000000000000000000000000000 15 corresponds to 21 in decimal, which is the public input n of zkSNARK.
6. Export verification contract verifier.sol
Click Export to generate the verifier.sol smart contract:
7. Compile and deploy the verification contract verifier.sol
Click Compile verifier.sol to compile:
Select verifier.sol and click Deploy:
8. Run the verification contract
Select VERIFIER in Deployed Contracts, fill in the verified Verifier inputs you just copied in the input box of the verifyTX function, and click verifyTX.
The function execution result appears in the log in the lower right corner. The input is 21 and the output is true:
Change the 21 in the input of verifyTX to 22, that is, hexadecimal 0x0000000000000000000000000000000000000000000000000000000000000 16 , and test again, the output is false:
9. Conclusion
So far, the zero-knowledge proof of prime factorization of large integers has been realized. p and q are private inputs, which are only known by the prover during the process of generating the proof. n is a public input, which can be input into a public smart contract, and the smart contract automatically verifies zero The validity of the knowledge proof, and the failure of the zero-knowledge proof can be detected after modifying n.
ZoKrates also has an offline command line version, which is more convenient for automatic deployment and operation when combined with Remix, and is suitable for pre-deployment testing.