Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket

circomkit-numtel

Package Overview
Dependencies
Maintainers
1
Versions
1
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

circomkit-numtel

A Circom development environment

  • 0.0.25
  • latest
  • Source
  • npm
  • Socket score

Version published
Maintainers
1
Created
Source

Circomkit

A simple-to-use & opinionated circuit development & testing toolkit.

NPM Workflow: Tests

  • Simple CLI, abstracting away all paths with a simple config.
  • Provides type-safe testing utilities to check for circuit computations & soundness errors, with minimal boilerplate code!
  • Supports all protocols: groth16, plonk, and fflonk.
  • Automatically downloads phase-1 PTAU when using bn128.
  • Supports multiple exports such as a Solidity verifier contract and its calldata for some input, or JSON exports for R1CS and the witness file.

Installation

Circomkit can be installed via:

npm  install circomkit
pnpm install circomkit
yarn add     circomkit

You will also need Circom, which can be installed following the instructions here.

Usage

You can setup a new project with the following:

npx circomkit init

You can check out examples at the circomkit-examples repository.

Command Line Interface

Actions that require a circuit name can be called as follows:

# Compile the circuit
npx circomkit compile <circuit>

# Create the main component
npx circomkit instantiate <circuit>

# Create a Solidity verifier contract
npx circomkit contract <circuit>

# Clean circuit artifacts
npx circomkit clean <circuit>

# Circuit-specific setup
npx circomkit setup <circuit> [ptau-path]

# Create verification key
npx circomkit vkey <circuit> [pkey-path]

# Automatically download PTAU (for BN128)
npx circomkit ptau <circuit>

[!NOTE]

Circuit-specific setup optionally takes the path to a PTAU file as argument. If not provided, it will automatically decide the PTAU to use with respect to constraint count, and download that for you! This feature only works for bn128 prime, and has an upper-limit of at most $2^{28}$ constraints.

Some actions such as generating a witness, generating a proof and verifying a proof require JSON inputs to provide the signal values. For that, we specifically create our input files under the inputs folder, and under the target circuit name there. For example, an input named foo for some circuit named bar would be at inputs/bar/foo.json.

# Generate a witness
npx circomkit witness <circuit> <input>

# Generate a proof
npx circomkit prove <circuit> <input>

# Verify a proof with public signals
npx circomkit verify <circuit> <input>

# Export Solidity calldata to console
npx circomkit calldata <circuit> <input>

Circomkit Configurations

Everything used by Circomkit can be optionally overridden by providing the selected fields in its constructor. Circomkit CLI does this automatically by checking out circomkit.json and overriding the defaults with that. You can print the active configuration via the following command:

npx circomkit config

You can edit any of the fields there to fit your needs. Most importantly, you can change the protocol to be groth16, plonk or fflonk; and you can change the underlying prime field to bn128, bls12381 and goldilocks.

[!NOTE]

Using a prime other than bn128 makes things a bit harder in circuit-specific setup, as you will have to find the PTAU files yourself, whereas in bn128 we can use Perpetual Powers of Tau.

Circuit Configurations

A circuit config within circuits.json looks like below, where the key is the circuit name to be used in commands, and the value is an object that describes the filename, template name, public signals and template parameters:

sudoku_9x9: {
  file:     'sudoku',
  template: 'Sudoku',
  pubs:     ['puzzle'],
  params:   [3], // sqrt(9)
}

[!TIP]

The pubs and params options can be omitted, in which case they will default to [].

Using Circomkit in Code

All CLI commands other than init can be used with the same name and arguments within Circomkit. Furthermore, you can provide configuration & inputs directly, instead of letting Circomkit read from circuits.json or from within the inputs folder.

import {Circomkit} from 'circomkit';

const circomkit = new Circomkit({
  // custom configurations
  protocol: 'plonk',
});

// artifacts output at `build/multiplier_3` directory
await circomkit.compile('multiplier_3', {
  file: 'multiplier',
  template: 'Multiplier',
  params: [3],
});

// proof & public signals at `build/multiplier_3/my_input` directory
await circomkit.prove('multiplier_3', 'my_input', {in: [3, 5, 7]});

// verify with proof & public signals at `build/multiplier_3/my_input`
await circomkit.verify('multiplier_3', 'my_input');

Writing Tests

Circomkit provides two tester utilities that use Chai assertions within, which may be used in a test suite such as Mocha. The key point of these utilities is to help reduce boilerplate code and let you simply worry about the inputs and outputs of a circuit.

Witness Tester

The Witness tester extends require('circom_tester').wasm tool with type-safety and few assertion functions. It provides a very simple interface:

  • expectPass(input) checks if constraints & assertions are passing for an input
  • expectPass(input, output) additionally checks if the outputs are matching
  • expectFail(input) checks if any constraints / assertions are failing

See an example below:

describe('witness tester', () => {
  // input signals and output signals can be given as type parameters
  // this makes all functions type-safe!
  let circuit: WitnessTester<['in'], ['out']>;

  before(async () => {
    const circomkit = new Circomkit();
    circuit = await circomkit.WitnessTester(CIRCUIT_NAME, CIRCUIT_CONFIG);
  });

  it('should pass on correct input & output', async () => {
    await circuit.expectPass(INPUT, OUTPUT);
  });

  it('should fail on wrong output', async () => {
    await circuit.expectFail(INPUT, WRONG_OUTPUT);
  });

  it('should fail on bad input', async () => {
    await circuit.expectFail(BAD_INPUT);
  });
});

You can check if the number of constraints are correct using expectConstraintCount, as shown below:

it('should have correct number of constraints', async () => {
  // expects at least N constraints
  await circuit.expectConstraintCount(N);
  // expects exactly N constraints
  await circuit.expectConstraintCount(N, true);
});

If you want more control over the output signals, you can use the compute function. It takes in an input, and an array of output signal names used in the main component so that they can be extracted from the witness.

it('should compute correctly', async () => {
  const output = await circuit.compute(INPUT, ['out']);
  expect(output).to.haveOwnProperty('out');
  expect(output.out).to.eq(BigInt(OUTPUT.out));
});

Finally, you can run tests on the witnesses too. This is most useful when you would like to check for soundness errors.

  • expectConstraintPass(witness) checks if constraints are passing for a witness
  • expectConstraintFail(witness) checks if constraints are failing

You can compute the witness via the calculateWitness(input) function. To test for soundness errors, you may edit the witness and see if constraints are failing.

Warning

Circomkit provides a nice utility for this purpose, called editWitness(witness, symbols). You simply provide a dictionary of symbols to their new values, and it will edit the witness accordingly. See the example below:

it('should pass on correct witness', async () => {
  const witness = await circuit.calculateWitness(INPUT);
  await circuit.expectConstraintPass(witness);
});

it('should fail on fake witness', async () => {
  const witness = await circuit.calculateWitness(INPUT);
  const badWitness = await circuit.editWitness(witness, {
    'main.signal': BigInt(1234),
    'main.component.signal': BigInt('0xCAFE'),
    'main.foo.bar[0]': BigInt('0b0101'),
  });
  await circuit.expectConstraintFail(badWitness);
});

Proof Tester

As an alternative to simulate generating a proof and verifying it, you can use Proof Tester. The proof tester makes use of WASM file, prover key and verifier key in the background. It will use the underlying Circomkit configuration to look for those files, and it can generate them automatically if they do not exist. An example using Plonk protocol is given below. Notice how we create the necessary files before creating the tester, as they are required for proof generation and verification.

describe('proof tester', () => {
  // input signals and output signals can be given as type parameters
  // this makes all functions type-safe!
  let circuit: ProofTester<['in']>;

  before(async () => {
    const circomkit = new Circomkit({
      protocol: 'plonk',
    });
    circomkit.instantiate(CIRCUIT_NAME, CIRCUIT_CONFIG);
    await circomkit.setup(CIRCUIT_NAME, PTAU_PATH);
    circuit = await circomkit.ProofTester(CIRCUIT_NAME);
  });

  it('should verify a proof correctly', async () => {
    const {proof, publicSignals} = await circuit.prove(INPUT);
    await circuit.expectPass(proof, publicSignals);
  });

  it('should NOT verify a proof with invalid public signals', async () => {
    const {proof} = await circuit.prove(INPUT);
    await circuit.expectFail(proof, BAD_PUBLIC_SIGNALS);
  });
});

Type-Safety

You may notice that there are optional template parameters in both testers: WitnessTester<InputSignals, OutputSignals> and ProofTester<InputSignals>. These template parameters take in an array of strings corresponding to signal names. For example, if your circuit has two input signals in1, in2 and an output out, you may instantiate the tester as WitnessTester<['in1', 'in2'], ['out']>. In doing so, you will get type-checking on all inputs and outputs required by the tester.

File Structure

Circomkit with its default configuration follows an opinionated file structure, abstracting away the pathing and orientation behind the scenes. All of these can be customized by overriding the respective settings in circomkit.json.

An example structure is shown below. Suppose there is a generic circuit for a Sudoku solution knowledge proof written under circuits folder. When instantiated, a main component for a 9x9 board is created under circuits/main. The solution along with it's puzzle is stored as a JSON object under inputs/sudoku_9x9. You can see the respective artifacts under build directory. In particular, we see groth16 prefix on some files, indicating that Groth16 protocol was used to create them.

circomkit
├── circuits.json
├── circomkit.json
│
├── circuits
│   ├── main
│   │   └── sudoku_9x9.circom
│   └── sudoku.circom
│
├── inputs
│   └── sudoku_9x9
│       └── my_solution.json
│
├── ptau
│   └── powersOfTau28_hez_final_08.ptau
│
└── build
    └── sudoku_9x9
        ├── sudoku_9x9_js
        │   │── generate_witness.js
        │   │── witness_calculator.js
        │   └── sudoku_9x9.wasm
        │
        ├── my_solution
        │   │── proof.json
        │   │── public.json
        │   └── witness.wtns
        │
        ├── sudoku_9x9.r1cs
        ├── sudoku_9x9.sym
        │
        ├── groth16_pkey.zkey
        ├── groth16_vkey.json
        └── groth16_verifier.sol

Testing

Run all tests via:

yarn test

[!TIP]

You can also use the CLI while developing Circomkit locally via yarn cli as if you are using npx circomkit. This is useful for hands-on testing stuff.

Styling

Circomkit uses Google TypeScript Style Guide.

# check the formatting
yarn format

# lint everything
yarn lint

# do both at once
yarn style

Keywords

FAQs

Package last updated on 18 Apr 2024

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

Packages

npm

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc