• Stars
    star
    494
  • Rank 89,066 (Top 2 %)
  • Language
    OCaml
  • License
    MIT License
  • Created over 6 years ago
  • Updated 6 months ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

OCaml DSL for verifiable computation

snarky

snarky is an OCaml front-end for writing R1CS SNARKs. It is modular over the backend SNARK library, and comes with backends from libsnark.

Disclaimer: This code has not been thoroughly audited and should not be used in production systems.

CAVEAT This repository contains a substantial amount of obsolete code. Earlier versions of the Mina project (the primary user of this code) used the C/C++ backend implemented in src/; most of that code is no longer used. The exceptions are src/intf and src/base.

Getting started

  • First install libsnark's dependencies by running scripts/depends.sh, or following the instructions here.
  • Then, make sure you have opam installed.
  • Finally, install snarky and its dependencies by running
opam pin add [email protected]:o1-labs/snarky.git

and answering yes to the prompts.

The best place to get started learning how to use the library are the annotated examples.

  • Election: shows how to use Snarky to verify an election was run honestly.
  • Merkle update: a simple example updating a Merkle tree.

Design

The intention of this library is to allow writing snarks by writing what look like normal programs (whose executions the snarks verify). If you're an experienced functional programmer, the basic idea (simplifying somewhat) is that there is a monad Checked.t so that a value of type 'a Checked.t is an 'a whose computation is certified by the snark. For example, we have a function

mul : var -> var -> (var, _) Checked.t.

Given v1, v2 : var, mul v1 v2 is a variable containg the product of v1 and v2, and the snark will ensure that this is so.

Example: Merkle trees

One computation useful in snarks is verifying membership in a list. This is typically accomplished using authentication paths in Merkle trees. Given a hash entry_hash, an address (i.e., a list of booleans) addr0 and an authentication path (i.e., a list of hashes) path0, we can write a checked computation for computing the implied Merkle root:

  let implied_root entry_hash addr0 path0 =
    let rec go acc addr path =
      let open Let_syntax in
      match addr, path with
      | [], [] -> return acc
      | b :: bs, h :: hs ->
        let%bind l = Hash.if_ b ~then_:h ~else_:acc
        and r = Hash.if_ b ~then_:acc ~else_:h
        in
        let%bind acc' = Hash.hash l r in
        go acc' bs hs
      | _, _ -> failwith "Merkle_tree.Checked.implied_root: address, path length mismatch"
    in
    go entry_hash addr0 path0

The type of this function is

val implied_root : Hash.var -> Boolean.var list -> Hash.var list -> (Hash.var, 'prover_state) Checked.t

The return type (Hash.var, 'prover_state) Checked.t indicates that the function returns a "checked computation" producing a variable containing a hash, and can be run by a prover with an arbitrary state type 'prover_state.

Compare this definition to the following "unchecked" OCaml function (assuming a function hash):

let implied_root_unchecked entry_hash addr0 path0 =
  let rec go acc addr path =
    match addr, path with
    | [], [] -> acc
    | b :: bs, h :: hs ->
      let l = if b then h else acc
      and r = if b then acc else h
      in
      let acc' = hash l r in
      go acc' bs hs
    | _, _ ->
      failwith "Merkle_tree.implied_root_unchecked: address, path length mismatch"
  in
  go entry_hash addr0 path0
;;

The two obviously look very similar, but the first one can be run to generate an R1CS (and also an "auxiliary input") to verify that computation.

Implementation

Currently, the library uses a free-monad style AST to represent the snark computation. This may change in future versions if the overhead of creating the AST is significant. Most likely it will stick around since the overhead doesn't seem to be too bad and it enables optimizations like eliminating equality constraints.

Building

$ dune build

More Repositories

1

o1js

TypeScript framework for zk-SNARKs and zkApps
TypeScript
509
star
2

proof-systems

The proof systems used by Mina
Rust
404
star
3

zkapp-cli

CLI to create a zkApp (zero-knowledge app) for Mina Protocol
JavaScript
114
star
4

docs2

Docs website for the Mina Protocol.
JavaScript
79
star
5

ocamlbyexample

Learn Ocaml by reading code examples
OCaml
68
star
6

zkapp-resource-kit

This repository is a resource kit contains links to all code, tools, documentation, and learning materials necessary to successfully become a zkApp developer and contributor. Add your projects or findings here!
57
star
7

snarkette

Pure OCaml implementation of the Groth-Maller SNARK verifier (and associated crypto)
OCaml
53
star
8

verkle-tree

Rust
26
star
9

Archive-Node-API

This is a GraphQL server that is built with the intention of exposing information from Mina's Archive Node
TypeScript
17
star
10

snarkyjs-workshop

TypeScript
13
star
11

o1js-bindings

Bindings for o1js to lower layers of the proof system and the Mina transaction logic
JavaScript
10
star
12

ocaml-gen

This crate provides automatic generation of OCaml bindings. Refer to the rustdoc for more information.
Rust
9
star
13

ppx_version

Versioning of types with bin_prot serialization
OCaml
8
star
14

integers_stubs_js

Javascript stubs for the integers library in js_of_ocaml
JavaScript
6
star
15

snarkyjs-examples

TypeScript
5
star
16

anonvote

JavaScript
5
star
17

mina-book

Specifications and documentation for the Mina protocol
5
star
18

snarkyjs-crypto

JavaScript crypto library accompanying snarky
OCaml
5
star
19

mina-lightweight-explorer

Lightweight Mina Explorer
HTML
4
star
20

rfcs

RFCs for everything O(1) Labs
4
star
21

wait-for-mina-network-action

GitHub Action to wait for the Mina network readiness.
TypeScript
4
star
22

sfbw-workshop

Tutorial code for the SFBW zk-SNARK workshop
OCaml
3
star
23

stationary

Static site generator
OCaml
2
star
24

code-review-question

Code review interview question repo
JavaScript
2
star
25

dune-nix

Nix wrapping suitable for multi-package dune repositories
Nix
2
star
26

libsnark-ocaml

C++
1
star
27

mina-web3

TypeScript
1
star
28

eslint-plugin-o1js

ESLint rules for o1js
TypeScript
1
star