gnark

gnark is a fast zk-SNARK library that offers a high-level API to design circuits. The library is open source and developed under the Apache 2.0 license

APACHE-2.0 License

Stars
1.3K
Committers
37

Bot releases are hidden (Show)

gnark - v0.9.1 Latest Release

Published by gbotrel about 1 year ago

What's Changed

Fixes

New Contributors

Full Changelog: https://github.com/Consensys/gnark/compare/v0.9.0...v0.9.1

gnark - v0.9.0

Published by gbotrel about 1 year ago

What's Changed

Features

Core

Circuit

Fixes

Refactor

New Contributors

Full Changelog: https://github.com/Consensys/gnark/compare/v0.8.1...v0.9.0

What's Changed

gnark - v0.9.0-alpha

Published by gbotrel about 1 year ago

What's Changed

Features

Core

Circuit

Fixes

Refactor

New Contributors

Full Changelog: https://github.com/Consensys/gnark/compare/v0.8.1...v0.9.0-alpha

gnark - v0.8.1

Published by ivokub over 1 year ago

Security

Update gnark-crypto dependency to include security fix.

What's Changed

Full Changelog: https://github.com/Consensys/gnark/compare/v0.8.0...v0.8.1

gnark - v0.8.0

Published by gbotrel over 1 year ago

What's Changed

New features

Circuit API

gnark tools

Performance

Refactor & consolidate

Fixes

New Contributors

Full Changelog: https://github.com/ConsenSys/gnark/compare/v0.7.1...v0.8.0

gnark - v0.7.0

Published by gbotrel over 2 years ago

[v0.7.0] - 2022-03-25

Build

  • go.mod: go version upgrade 1.16 --> go1.17
  • update to gnark-crpto v0.7.0

Feat

  • adds gnark logger. closes #202
  • added internal/stats package: measure number of constraints of circuit snippets for regression
  • adds std/math/bits/ToNAF ToBinary ToTernary

Fix

  • enables recursive hints solving #293 and
  • move init() behind sync.Once. remove verbose option in stats binary
  • fixes #266 by adding constant path in Lookup2 and Select
  • incorrect handling of nbBits == 1 in api.ToBinary
  • PlonK vulnerability: thanks to Trail Of Bits for finding this vulnerability and responsibly disclosing it

Perf

  • restored frontend.WithCapacity option...
  • plonk: IsConstant -> ConstantValue
  • sw: no need for Lookup2 in constScalarMul
  • remove offset shifts in plonk compile
  • remove post-compile offset id in R1CS builder

Refactor

  • frontend.Compile now takes a builder instead of backendID as parameter
  • std/signature/eddsa Verify api now takes explicit hash and curve objects
  • make nboutputs of a hint explicit at compile time
  • std/pairing have more consistent apis
  • remove StaticHint wrapper, log duplicate hints (#289)
  • backend.WithOutput -> backend.WithCircuitLogger
  • remove all internal circuits from stats, keep important snippets only
  • frontend: split compiler, api and builder interface into interfaces
  • remove IsBoolean from R1CS variables
  • moved internal/compiled to frontend/compiled

Pull Requests

  • Merge pull request #295 from ConsenSys/fix/test-println
  • Merge pull request #294 from ConsenSys/fix/recursivehhints
  • Merge pull request #291 from ConsenSys/refactor/std/pairing
  • Merge pull request #281 from ConsenSys/feat/logger
  • Merge pull request #280 from ConsenSys/simplify-r1cs-compile
  • Merge pull request #279 from ConsenSys/feat/statistics
  • Merge pull request #276 from ConsenSys/feat-math-bits
  • Merge pull request #278 from ConsenSys/perf-constant-lookup2
  • Merge pull request #272 from ConsenSys/refactor-hint
  • Merge pull request #275 from ConsenSys/refactor-compiler-builder
  • Merge pull request #271 from ConsenSys/refactor-compiled
  • Merge pull request #267 from ConsenSys/perf/tEd-add
  • Merge pull request #265 from ConsenSys/perf/SW-constScalarMul
gnark - v0.6.4

Published by gbotrel over 2 years ago

[v0.6.4] - 2022-02-15

Build

  • update to gnark-crpto v0.6.1

Feat

  • Constraint system solvers (Groth16 and PlonK) now run in parallel

Fix

  • api.DivUnchecked with PlonK between 2 constants was incorrect

Perf

  • EdDSA: std/algebra/twistededwards takes ~2K less constraints (Groth16). Bandersnatch benefits from same improvments.

Pull Requests

  • Merge pull request #259 from ConsenSys/perf-parallel-solver
  • Merge pull request #261 from ConsenSys/feat/kzg_updated
  • Merge pull request #257 from ConsenSys/perf/EdDSA
  • Merge pull request #253 from ConsenSys/feat/fft_cosets
gnark - v0.6.3

Published by gbotrel over 2 years ago

[v0.6.3] - 2022-02-13

Feat

  • MiMC changes: api doesn't take a "seed" parameter. MiMC impl matches Ethereum one.

Fix

  • fixes #255 variable visibility inheritance regression
  • counter was set with PLONK backend ID in R1CS
  • R1CS Solver was incorrectly calling a "MulByCoeff" instead of "DivByCoeff" (no impact, coeff was always 1 or -1)
  • SparseR1CS cbor unmarshal failed #247 for compiled.Term

Pull Requests

  • Merge pull request #256 from ConsenSys/fix-bug-compile-visibility
  • Merge pull request #249 from ConsenSys/perf-ccs-hint
  • Merge pull request #248 from ConsenSys/perf-ccs-solver
  • Merge pull request #247 from ConsenSys/fix/plonk_cbor
gnark - v0.6.2

Published by gbotrel over 2 years ago

[v0.6.2] - 2022-01-28

Build

  • go version dependency bumped from 1.16 to 1.17

Feat

  • added witness.MarshalJSON and witness.MarshalBinary
  • added ccs.GetSchema() - the schema of a circuit is required for witness json (de)serialization
  • added ccs.GetConstraints() - returns a list of human-readable constraints
  • added ccs.IsSolved() - moved from groth16 / plonk to the CompiledConstraintSystem interface
  • added witness.Public() to return Public part of the witness
  • addition of Cmp in the circuit API

Refactor

  • compiled.Visbility -> schema.Visibiility
  • witness.WriteSequence -> schema.WriteSequence
  • killed ReadAndProve and ReadAndVerify (plonk)
  • killed ReadAndProve and ReadAndVerify (groth16)
  • remove embbed struct tag for frontend.Variable fields

Docs

  • backend: unify documentation for options
  • frontend: unify docs for options
  • test: unify documentation for options

Pull Requests

  • Merge pull request #244 from ConsenSys/plonk-human-readable
  • Merge pull request #237 from ConsenSys/ccs-get-constraints
  • Merge pull request #233 from ConsenSys/feat/api_cmp
  • Merge pull request #235 from ConsenSys/witness-public-api
  • Merge pull request #232 from ConsenSys/cleanup-231-group-options
  • Merge pull request #230 from ConsenSys/ccs-schema
  • Merge pull request #229 from ConsenSys/ccs-issolved-api
  • Merge pull request #228 from ConsenSys/witness-json
  • Merge pull request #226 from ConsenSys/feat-circuit-schema
  • Merge pull request #227 from ConsenSys/build-update-go1.17
  • Merge pull request #222 from ConsenSys/perf/std-sw-glv
gnark - v0.6.0

Published by gbotrel almost 3 years ago

[v0.6.0] - 2022-01-03

Important: next release (v0.7.0) will be compatible with Go1.18+ only

Breaking changes

  • circuit.Define(curveID, api) -> circuit.Define(api); added api.Curve() to retrieve curve info
  • api.Constant(...) was removed. Can now directy assign values with = operator in the circuit definition and the witness assignment.
  • frontend.Variable is now an alias for interface{}
  • assert helper is now under gnark/test. Instead of taking a CompiledConstraintSystem it takes a Circuit as input, enabling easier tests accross curves and proving schemes through the use of test/TestingOption (WithBackends(backend.GROTH16), WithCurves(ecc.BN254), ...)
  • api.NewHint handles multiple outputs and custom solver Hint definition has changed

Feat

  • added explicit warning when parser encounters unadressable struct field #169
  • FromInterface supports uintXX and intXX types closes #197
  • lighter stack trace by default for circuits, more verbose when -tags=debug provided
  • added api.Tag and api.AddCounter to measure number of constraints in portion of circuit
  • api.DivUnchecked does not handle zero divisor. api.Div does.
  • added frontend.IsConstant and ConstantValue apis
  • add support for bw6-633 curve
  • added api.Lookup2 method (2-bit lookup)
  • frontend: plonk frontend directly implements the frontend.API interface instead of building on top of the R1CS builder
  • std: fields and pairing over BLS24-315 in BW6-633 circuit
  • test: add Run for running circuit test configurations as subtests
  • test: add Log method for logging in subtests
  • test: assert helper cross check constraint system solver results with big.Int test execution engine

Perf

  • std: verifying a Pairing (bls12-377, Groth16) inside a circuit went from ~40k constraints to less than <12k constraints

Fix

  • fixes #169 ensure frontend.Circuit methods are defined on pointer receiver
  • fixes #178 by adding cbor.MaxMapPairs options when reading R1CS
  • fixed AssertIsBoolean in plonk (mul by constant failed)
  • fixes #168 adds context to a non-deterministic compilation error in the Assert object
  • frontend: reduce constant by modulus
  • frontend: plonk compiler now outputs a reasonable number of constraints #186

Build

  • updated to gnark-crypto v0.6.0

Pull Requests

  • Merge pull request #192 from ConsenSys/multi-hint
  • Merge pull request #220 from ConsenSys/feat-from-interface
  • Merge pull request #217 from ConsenSys/fix-internal-compiled
  • Merge pull request #191 from ConsenSys/assert-subtests
  • Merge pull request #200 from ConsenSys/refactor/frontend
  • Merge pull request #205 from ConsenSys/fix/constant-mod-reduction
  • Merge pull request #186 from ConsenSys/fix/plonk_constraints
  • Merge pull request #185 from ConsenSys/feat/bw6-633
  • Merge pull request #189 from ConsenSys/lookup2
  • Merge pull request #183 from ivokub/hint-registry
  • Merge pull request #182 from ConsenSys/std/pairing
  • Merge pull request #176 from ConsenSys/feat-constraint-counter
  • Merge pull request #180 from ConsenSys/refactor-variable-interface
  • Merge pull request #173 from ConsenSys/feat-debug-tag
gnark - v0.5.2

Published by gbotrel almost 3 years ago

[v0.5.2] - 2021-11-03

Breaking changes

  • circuit Define(... cs *frontend.ConstraintSystem) now takes an interface Define( ... api frontend.API)
  • assert helper is now under backend/ (instead of backend/groth16 and backend/plonk)

Build

  • updated to gnark-crypto v0.5.3

Feat

  • added api.DivUnchecked and api.Div. DivUnchecked will accept 0 / 0 == 0 as valid.
  • api.Sub takes a variadic list of input (same as api.Add)
  • plonk: kzg test srs is cached up to a certain size for faster tests
  • removed hardcoded bit size in ToBinary, which now depends by default on fr.Element bit size
  • api.ToBinary: constraint unsatisfied now has debugInfo
  • unset variables: error message comes with a stack trace
  • added bandersnatch circuit component under std/
  • frontend.Compile now check that all secret and public inputs are constrained. Check can be ignore through compile option (frontend.IgnoreUnconstrainedInputs)
  • added UnsafeReadFrom for groth16 Proving and Verifying keys, which doesn't perform subgroup checks on the decoded points

Fix

  • incorrect formula in api.Select when parameters are constant
  • plonk: reduce duplicate constraint when splitting r1c in the frontend
  • plonk: build permutation index out of bounds

Tests

  • added a test/ package with a test execution engine cross checking constraint system with big.Int arithmetic
  • bases for Fuzzing witness and cross checking constraint system output with test execution engine

Perf

  • api.AssertIsLessOrEqual: reduced redundant constraints in range check
  • std/groth16: ml with short addition chain (13245cs -> 12297, marginal gain)

Refactor

  • all circuits use frontend.API in place of *frontend.ConstraintSystem
  • use ecc.Info() where possible to get modulus or field size

Pull Requests

  • Merge pull request #159 from ConsenSys/std/bandersnatch
  • Merge pull request #164 from ConsenSys/perf-scs-compile
  • Merge pull request #161 from ConsenSys/test-engine-with-hints
  • Merge pull request #162 from ConsenSys/std/pairing
  • Merge pull request #160 from ConsenSys/perf-unsafe-decoding
  • Merge pull request #156 from ConsenSys/std/twistedEdwards
  • Merge pull request #151 from ConsenSys/testable-circuits
  • Merge pull request #153 from ConsenSys/fix/plonk_constraints_blowup
  • Merge pull request #146 from ConsenSys/feat/ml-snark-pairing
  • Merge pull request #148 from ConsenSys/perf-range-check
gnark - v0.5.1

Published by gbotrel about 3 years ago

[v0.5.1] - 2021-09-20

Build

Feat

  • adds solver hints cs.NewHint #139
  • adds cs.AssertIsDifferent #131
  • consistent support of cs.Println and debugInfo #142
  • adds sanity check in frontend.Compile to ensure constraint validity
  • adds witness.WriteSequence to export expected witness sequence
  • adds sanity checks in R1CS and SparseR1CS solvers
  • adds ToHTML on SparseR1CS and R1CS
  • add witness reconstruction methods. closes #135

Perf

  • IsZero is now implemented with 3 constraints #134
  • Groth16 maximize number of infinity points in G2 part of the ProvingKey #130

Fix

  • can constraint linear expressions to be boolean fixes #136
  • eddsa: addition of isOnCurve check
  • eddsa: S not splitted (s<r) + 2,3 Double instead of [cofactor]G

Refactor

  • groth16.Prove and plonk.Prove takes backend.ProverOption as parameter
  • factorized structs between compiled.SparseR1CS and compiled.R1CS
  • assertions -> constraints in R1CS and SparseR1CS
  • removed r1c.SolvingMethod in favor of cs.NewHint
  • cs.IsZero doesn't need curveID anymore

Test

  • ensure frontend.Compile is deterministic
  • added non regression for cs.Println and debugInfo traces
  • added circuit statistic non regression tests
  • added plonk path to integration_test.go
  • added test from #136