Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Verification fails when using generated zkey #35

Open
shekohex opened this issue Jan 6, 2023 · 4 comments
Open

Verification fails when using generated zkey #35

shekohex opened this issue Jan 6, 2023 · 4 comments

Comments

@shekohex
Copy link

shekohex commented Jan 6, 2023

Hello, we are facing an issue when we use our generated zkey, the verification process fails, but using a randomly generated proving key from the circom circuit the verification process works without any issues.

I made a simple repo to reproduce that issue here: https://github.com/shekohex/webb-ark-circom-issue

Please follow the instructions in the README file.
@ItsFunny
Copy link

ItsFunny commented Feb 7, 2023

Any updates on this?

@akileshtangella
Copy link

Use Circom version <= 2.0.6 and it will work.

@whyamiroot
Copy link

I think you can actually do it with circom > 2.0.6, you just need to use create_random_proof_with_reduction with CircomReduction instead of create_random_proof, which uses LibsnarkReduction.

I used circom 2.1.5 to compile this multiplier circuit, then used snarkjs 0.6.10 to create a zkey.

Then, I tested it with this snippet using ark-circom ab7f9ec

use ark_circom::{CircomBuilder, CircomConfig, CircomReduction, read_zkey};
use ark_std::rand::thread_rng;
use color_eyre::Result;

use ark_bn254::Bn254;
use ark_groth16::{
  create_random_proof_with_reduction, prepare_verifying_key, verify_proof,
};

#[test]
#[cfg(feature = "circom-2")]
fn circom2_1_5_test() -> Result<()> {
  use ark_relations::r1cs::{ConstraintSynthesizer, ConstraintSystem};

  let cfg = CircomConfig::<Bn254>::new(
      "./test-vectors/multiplier_circom_2.1.5.wasm",
      "./test-vectors/multiplier_circom_2.1.5.r1cs",
  )?;
  let mut builder = CircomBuilder::new(cfg);
  builder.push_input("in1", 2);
  builder.push_input("in2", 2);

  let mut rng = thread_rng();
  let mut key_file = std::fs::File::open("./test-vectors/multiplier.zkey")?;
  let (params, _) = read_zkey(&mut key_file)?;

  let circom = builder.build()?;

  let cs = ConstraintSystem::<ark_bn254::Fr>::new_ref();
  circom.clone().generate_constraints(cs.clone()).unwrap();
  let is_satisfied = cs.is_satisfied().unwrap();
  assert!(is_satisfied);

  let inputs = circom.get_public_inputs().unwrap();

  let proof = create_random_proof_with_reduction::<Bn254, _, _, CircomReduction>(circom, &params, &mut rng)?;

  let pvk = prepare_verifying_key(&params.vk);

  let verified = verify_proof(&pvk, &proof, &inputs)?;

  assert!(verified);

  Ok(())
}

@erhant
Copy link

erhant commented Jul 21, 2023
edited
Loading

Just a heads-up, the solution above works although the code is a bit different. Do what is told above, you can easily fill in the code changes (some functions now belong to Groth16, rather than being imported as a function) but the main trick is:

// using CircomReduction is important
type GrothBn254 = Groth16<Bn254, CircomReduction>;

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
6 participants
@whyamiroot @akileshtangella @shekohex @erhant @ItsFunny and others