arkworks-rs/r1cs-tutorial arkworks-rs/r1cs-tutorial

  • Stars
    star
    198
  • Rank 196,898 (Top 4 %)
  • Language
    Rust
  • License
    Apache License 2.0
  • Created over 3 years ago
  • Updated 5 months ago
Twitter logo Share LinkedIn logo Share Facebook logo Share
arkworks-rs/r1cs-tutorial
github

arkworks-rs

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Tutorial for writing constraints in the `arkworks` framework

Introduction to SNARK Development with `arkworks`

In this tutorial, we will learn how to write applications for use with state-of-the-art zkSNARKs using the arkworks ecosystem of SNARK libraries.

Prerequisites

Because the arkworks ecosystem uses the Rust programming language, this tutorial assumes some familiarity with the basics of Rust. We also assume basic familiarity with zkSNARK concepts, and in particular with the following terminology:

  • Public input/instance: a publicly known object that the verifier can check a zkSNARK proof against. For example, in a proof of membership in a Merkle tree, the Merkle tree root would be a public input.
  • Private input/witness: an object that is known only to the prover, for either efficiency or privacy reasons. In the Merkle tree example, the Merkle tree authentication path would be a private input.
  • Circuit: an encoding of a computation in a way that can be proven using a zkSNARK.
  • Gadget: subcircuits corresponding to useful computations that can be used to build up the full circuit. In the Merkle tree example, a hash function gadget would be used repeatedly.

Instructions

  1. Ensure that you have the latest version of Rust installed (1.51 at the time of writing). If you do not already have Rust installed, you can do so via rustup. Linux users, please note that arkworks relies on Rust 1.51, which might be more recent than the Rust version provided by your distribution's package repositories; hence, even if you have installed Rust via your package manager, please install the latest Rust via rustup.

  2. Clone this repository via git clone https://github.com/arkworks-rs/r1cs-tutorial.git

  3. (Optional) While Rust works out of the box with your text editor of choice, using Visual Studio Code along with the rust-analyzer plugin makes Rust development easier.

  4. (Optional) Join the Telegram channel for this tutorial and for the arkworks ecosystem to ask questions interactively.

  5. Proceed to the exercises below.

Exercises

In this tutorial, we will construct a SNARK-based rollup for a simple payments system. In the course of doing so, you will learn how to use arkworks libraries for writing constraint systems, how to debug these circuits for both correctness and performance, and finally how to plug these circuits into zkSNARKs.

First, checkout the main branch in the repository.

Exercise 1: Merkle Tree Example

We'll design a simple circuit for checking a Merkle tree membership path for a given leaf. Open merkle-tree-example/README.md.

Exercise 2: Validating a single transaction

We'll design a circuit for validating a single transaction in a simple account-based payment system. Open simple-payments/README.md to first learn more about the payment system, and then open rollup/README.md for the instructions for this exercise.

Exercise 3: Writing a rollup circuit

We'll design a circuit for a rollup for batch verification of transactions in the foregoing payment system. Open rollup/README.md for the instructions for this exercise.

Solutions

If you get stuck on one of the above exercises, or if you wish to compare your solution with ours, check out the solutions branch on this repository.

More Repositories

1

snark

Interfaces for Relations and SNARKs for these relations
Rust
786
star
2

algebra

Libraries for finite field, elliptic curve, and polynomial arithmetic
Rust
601
star
3

poly-commit

A Rust library for polynomial commitments
Rust
319
star
4

marlin

A Rust library for the Marlin preprocessing zkSNARK
Rust
306
star
5

curves

Implementations of popular elliptic curves
Rust
300
star
6

groth16

A Rust implementation of the Groth16 zkSNARK
Rust
236
star
7

circom-compat

Arkworks bindings to Circom's R1CS, for Groth16 Proof and Witness generation in Rust.
Rust
234
star
8

crypto-primitives

Interfaces and implementations of cryptographic primitives, along with R1CS constraints for them
Rust
160
star
9

r1cs-std

R1CS constraints for bits, fields, and elliptic curves
Rust
131
star
10

gemini

An elastic proof system based on arkworks
Rust
72
star
11

sumcheck

linear-time sumcheck protocol for multilinear polynomials and related addends
Rust
50
star
12

ripp

Argument systems for inner pairing products
Rust
41
star
13

nimue

Rust
37
star
14

std

A standard library wrapper for use in the `arkworks` ecosystem
Rust
37
star
15

pcd

Implementations of proof-carrying data
Rust
29
star
16

sponge

This library is archived; see crypto-primities for the latest version of this code
Rust
22
star
17

accumulation

Rust library for accumulation schemes
Rust
20
star
18

nonnative

R1CS constraints for non-native field arithmetic
Rust
19
star
19

ldt

An `arkworks` library for low-degree testing
Rust
18
star
20

dpc

A library for decentralized private computation
Rust
18
star
21

ivls

Implementation of incrementally verifiable ledger system
Rust
15
star
22

gm17

A Rust library for the preprocessing zkSNARK of Groth and Maller
Rust
8
star
23

bcs

Rust
8
star
24

template

github workflow templates
Python
5
star
25

arkworks-rs.github.io

SCSS
1
star