Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket

github.com/ConsenSys/gnark

Package Overview
Dependencies
Alerts
File Explorer
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

github.com/ConsenSys/gnark

  • v0.11.0
  • Source
  • Go
  • Socket score

Version published
Created
Source

gnark zk-SNARK library

Twitter URL License Go Report Card PkgGoDev Documentation Status DOI

gnark is a fast zk-SNARK library that offers a high-level API to design circuits. The library is open source and developed under the Apache 2.0 license.

gnark uses gnark-crypto for the finite-field arithmetic and out-circuit implementation of cryptographic algorithms.

gnark powers Linea zk-rollup. Include your project in the known users section by opening a PR.

gnark Users

To get started with gnark and write your first circuit, follow these instructions.

Checkout the online playground to compile circuits and visualize constraint systems.

Security

gnark and gnark-crypto have been extensively audited, but are provided as-is, we make no guarantees or warranties to its safety and reliability. In particular, gnark makes no security guarantees such as constant time implementation or side-channel attack resistance.

To report a security bug, please refer to gnark Security Policy.

Refer to known security advisories for a list of known security issues.

Testing

gnark employs the following testing procedures:

  • unit testing - we test the primitives in unit tests
  • circuit testing - we test the circuit implementation against several targets:
    • test engine - instead of running the full prover and verifier stack, we run the computations only to ensure the completeness of the circuits
    • proof engines - we compile the circuits, run the setup, prove and verify using native implementation
    • Solidity verifier - in addition to the previous, we verify the proofs in Solidity verifier. See gnark-solidity-checker
  • regression testing - we have implemented tests for reported issues to avoid regressions
  • constraint count testing - we have implemented circuit size tests to avoid regressions
  • serialization testing - we check that serialization round-trip is complete
  • side-effect testing - we check that circuit compilation is deterministic
  • fuzz testing:
    • circuit input fuzzing - we provide random inputs to the circuit to cause solver error
    • native input fuzzing - we provide random inputs to various native methods to cause errors. We have also stored initial fuzzing corpus for regression tests.
    • circuit definition fuzzing - we cooperate with Consensys Diligence to fuzz the circuit definitions to find bugs in the gnark circuit compiler.

The tests are automatically run during every PR and merge commit. We run full test suite only for the Linux on amd64 target, but run short tests both for Windows target (amd64) and macOS target (arm64).

Performance

gnark and gnark-crypto packages are optimized for 64bits architectures (x86 amd64) using assembly operations. We have generic implementation of the same arithmetic algorithms for ARM backends (arm64). We do not implement vector operations.

Backwards compatibility

gnark tries to be backwards compatible when possible, however we do not guarantee that serialized object formats are static over different versions of gnark. Particularly - we do not have versioning implemented in the serialized formats, so using files between different versions of gnark may lead to undefined behaviour or even crash the program.

Issues

gnark issues are tracked in the GitHub issues tab.

To report a security bug, please refer to gnark Security Policy.

If you have any questions, queries or comments, GitHub discussions is the place to find us.

You can also get in touch directly: gnark@consensys.net

Release Notes

Release Notes

Audits

Proving schemes and curves

Refer to Proving schemes and curves for more details.

gnark support the following zk-SNARKs:

which can be instantiated with the following curves

  • BN254
  • BLS12-381
  • BLS12-377
  • BW6-761
  • BLS24-315
  • BW6-633
  • BLS24-317

Example

Refer to the gnark User Documentation

Here is what x**3 + x + 5 = y looks like

package main

import (
	"github.com/consensys/gnark-crypto/ecc"
	"github.com/consensys/gnark/backend/groth16"
	"github.com/consensys/gnark/frontend"
	"github.com/consensys/gnark/frontend/cs/r1cs"
)

// CubicCircuit defines a simple circuit
// x**3 + x + 5 == y
type CubicCircuit struct {
	// struct tags on a variable is optional
	// default uses variable name and secret visibility.
	X frontend.Variable `gnark:"x"`
	Y frontend.Variable `gnark:",public"`
}

// Define declares the circuit constraints
// x**3 + x + 5 == y
func (circuit *CubicCircuit) Define(api frontend.API) error {
	x3 := api.Mul(circuit.X, circuit.X, circuit.X)
	api.AssertIsEqual(circuit.Y, api.Add(x3, circuit.X, 5))
	return nil
}

func main() {
	// compiles our circuit into a R1CS
	var circuit CubicCircuit
	ccs, _ := frontend.Compile(ecc.BN254.ScalarField(), r1cs.NewBuilder, &circuit)

	// groth16 zkSNARK: Setup
	pk, vk, _ := groth16.Setup(ccs)

	// witness definition
	assignment := CubicCircuit{X: 3, Y: 35}
	witness, _ := frontend.NewWitness(&assignment, ecc.BN254.ScalarField())
	publicWitness, _ := witness.Public()

	// groth16: Prove & Verify
	proof, _ := groth16.Prove(ccs, pk, witness)
	groth16.Verify(proof, vk, publicWitness)
}

GPU Support

Icicle Library

The following schemes and curves support experimental use of Ingonyama's Icicle GPU library for low level zk-SNARK primitives such as MSM, NTT, and polynomial operations:

instantiated with the following curve(s)

  • BN254

To use GPUs, add the icicle buildtag to your build/run commands, e.g. go run -tags=icicle main.go.

You can then toggle on or off icicle acceleration by providing the WithIcicleAcceleration backend ProverOption:

    // toggle on
    proofIci, err := groth16.Prove(ccs, pk, secretWitness, backend.WithIcicleAcceleration())
    
    // toggle off
    proof, err := groth16.Prove(ccs, pk, secretWitness)

For more information about prerequisites see the Icicle repo.

Citing

If you use gnark in your research a citation would be appreciated. Please use the following BibTeX to cite the most recent release.

@software{gnark-v0.11.0,
  author       = {Gautam Botrel and
                  Thomas Piellard and
                  Youssef El Housni and
                  Ivo Kubjas and
                  Arya Tabaie},
  title        = {ConsenSys/gnark: v0.11.0},
  month        = sep,
  year         = 2024,
  publisher    = {Zenodo},
  version      = {v0.11.0},
  doi          = {10.5281/zenodo.5819104},
  url          = {https://doi.org/10.5281/zenodo.5819104}
}

Contributing

Please read CONTRIBUTING.md for details on our code of conduct, and the process for submitting pull requests to us.

Versioning

We use SemVer for versioning. For the versions available, see the tags on this repository.

License

This project is licensed under the Apache 2 License - see the LICENSE file for details

FAQs

Package last updated on 06 Sep 2024

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

Packages

npm

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc