zkSnark circuit compiler

Related tags

Embedded circom
Overview

Chat on Telegram Website GitHub top language

Quickstart

==> Get started here

Important deprecation note

The old circom compiler written in Javascript will be frozen, but it can still be downloaded from the old circom repository.

About circom

Current circom is a compiler written in Rust for compiling circuits written in the circom language. The compiler outputs the representation of the circuit as constraints and produces everything needed to compute different ZK proofs. The documentation for installing and using circom and its associated tools can be found at doc.

Comments
  • feat: Add `getMinorVersion` and `getPatchVersion` exports to wasm output

    feat: Add `getMinorVersion` and `getPatchVersion` exports to wasm output

    Since SnarkJS needs to support all versions of circom, and this project doesn't follow semantic versioning, it would be helpful to include all digits in the version number returned by the getVersion export.

    This would allow us to do feature switching based on the version of the compiler.

    opened by phated 9
  • Circom should not forcibly exit on success

    Circom should not forcibly exit on success

    In https://github.com/iden3/circom/commit/b953bf92df54004373a4049e29f0e160a5a57486, @miguelis made circom forcibly exit on success, which makes many workflows (such as using the circom tool inside a script or when using it in WASM) break. It would probably be fine to forcibly exit with a code if there is an error but never should you forcibly exit with 0 on a success.

    I tried removing the exit and circom hits an unreachable in the code, so more fixes will need to be applied to make the code work correctly.

    opened by phated 6
  • feat: Allow `log(label, value)` & print labels in C witness generator

    feat: Allow `log(label, value)` & print labels in C witness generator

    Fixes https://github.com/iden3/circom/issues/82

    This PR adds log("foo", 1) syntax to the circom language. The label is then printed when generating a witness with the C++ witness generator. It is very hard to add these labels to the wasm generator, so the label is discarded and only the value is printed when generating with the witness in wasm.

    This feature is a huge quality-of-life improvement for large circuit authors, like @yi-sun and other @0xPARC members.

    opened by phated 6
  • Exit with message when circuit too large for wasm

    Exit with message when circuit too large for wasm

    For circuits larger than ~1M constraints, it would be helpful if the witness generation exited with error when it detects a proof that is too large for wasm, and suggests compiling in C++ instead.

    opened by jonathanpwang 6
  • [Question] Pass the array into and retrieve the array from a function

    [Question] Pass the array into and retrieve the array from a function

    Hello everyone~ 😀

    Recently, I'm writing circom version of my python functions. (To make the zk proof of python functions' output)

    If I have a python function, I can easily pass the array into and retrieve the array from that function.

    def myFunc(in_array):
        # Some calculations
        return out_array
    
    if __name__ == "__main__":
        in_array = [1, 2, 3];
        out_array = myFunc(in_array);
    

    However, according to docs, I cannot find examples or somewhere else that talking about passing array into a function. Currently, I guess that it might be something like this:

    function myFunc(in_array) {
        // Some calculations
        return out_array;
    }
    
    template mainFunc() {
    	signal private input in_array; // A fixed length array
    	signal private input b;
    	signal output out;
    	
    	var out_array = myFunc(in_array);
    }
    
    component main = mainFunc();
    

    Thanks for anyone willing to give me the answer or some clues about how I could develop in this situation. 🙏❤

    opened by a2468834 6
  • Hexadecimal numbers as json string input

    Hexadecimal numbers as json string input

    Hello, I have the following minimal circuit that uses a hexadecimal number as an input from a json file:

    pragma circom 2.0.0;
    
    template POC() {
        signal input a;
        signal input b;
        signal input c;
    
        log(a);
        log(b);
        log(c);
    }
    
    component main = POC();
    

    Using the following json as an input file:

    {"a": "0x42", "b": 100, "c": "110"}
    

    The circuit logs the following:

    0
    100
    110
    

    I am fairly certain hexadecimal numbers worked as an input in previous versions of circom. Is this functionality still supported, or is this now the intended behavior?

    opened by nasko25 4
  • Does --wasm switch work?

    Does --wasm switch work?

    circom2 circuits/c.circom --r1cs --wasm --sym --c does not spit out a wasm file. The best error message I could find is previous errors were found. Is this part working at all?

    According to https://twitter.com/railgun_project/status/1500966895733850117 they've also had problems that they had to put out a bounty for it.

    Also I don't have the best experience working with circom2, a lot of documentation's outdated, makes me sad:(

    opened by ddengster 4
  • Illegal hardware instruction on Mac OS if using C++ witness calculator

    Illegal hardware instruction on Mac OS if using C++ witness calculator

    I was trying to follow the example from the official documentation https://docs.circom.io/getting-started/computing-the-witness/#computing-the-witness-with-c. I was able to compile the C++ witness calculator on Mac OS thanks to https://github.com/iden3/circom/pull/12. However, when I tried to generate the witness I got an error:

    zsh: illegal hardware instruction  ./circuit input.json witness.wtns
    

    The code to reproduce the issue is in the repo: https://github.com/alxkzmn/factor/commit/5690ffc08a52c27f304966cb529bdbeab90c0daf

    Steps to reproduce:

    cd circuit_cpp
    make
    ./circuit input.json witness.wtns
    
    opened by alxkzmn 4
  • modified inputs

    modified inputs

    Hello !

    I'm trying to verify a commitment of a rescue function. The problem is when I write the commit in the inputs, it's directly modified by the circuit without reasons (the value is less than bn128's elliptic curve group order). Here is my simple circuit :

    pragma circom 2.0.0;

    include "./rescue.circom";

    template test(){ signal input in; signal input commit; signal output out;

    component hash = rescue(1);
    
    hash.entree[0] <== in;
    
    out <== hash.sortie;
    

    }

    component main {public [commit]} = test();

    This is what the public file and the input files looks like : input : 15522569492626651840248353495983403506074603540762064124302882378518279710261 (commit) public : 15522569492626651840248353495983403506074603540762064124302882378518279710261 (hash result) and 15522569492626650996385962682425768945933593965259583670031600469260676104192 (wrong copy of my input)

    Can someone tell me if it's an error from me or not?

    Thomas

    opened by thomaslavaur 4
  • Fails to compile in M1

    Fails to compile in M1

    It can be temporally fixed by compling, keeping the arm64 code from the libwabt.a fat binary and compile again

    # for commit a9a4a24e4e95debb0230a233c259fac7d3e1e186
    cargo build --release
    lipo target/release/build/wabt-sys-ccf4f394b6bb7490/out/build/libwabt.a -thin arm64 -output target/release/build/wabt-sys-ccf4f394b6bb7490/out/build/libwabt.a
    cargo build --release
    
    opened by adria0 4
  • Public Signals

    Public Signals

    Hey!

    I have written a zk-circuit that works perfectly fine when all input signals are set to default/private. However, if I want to change the visibility of 1-2 signals to public the zkey generation takes around 10 min (instead of the previous 30s). component main {public [a,b]}= SomeCircuit();

    Further, I can no longer generate ZK proofs with help of the snarkjs implementation. Currently I use the following command: const { proof, publicSignals } = await snarkjs.plonk.fullProve(inputs, "circuit.wasm", "circuit_final.zkey");

    As said, with all signals set to private it works perfectly fine, if I set some to public I get the following error: "Uncaught (in promise) TypeError: Failed to fetch"

    Since I use circom and snarkjs as part of my master thesis I would appreciate any fast answer :)

    Edit: My circuit has around 75k constraints and I use powersOfTau28_hez_final_18.ptau for the zkey generation.

    Edit2: An update from circom 2.0.7 to 2.1.2 and from snarkjs 0.4.24 to 0.5.0 did NOT fix the issue.

    Best Regards, Crashpilot

    opened by crashpilot 3
  • fix c++ witness code producer on macos with clang 14.0.0

    fix c++ witness code producer on macos with clang 14.0.0

    There was error while doing make command in generated cpp directory. Error example:

    g++ -c fr.cpp -std=c++11 -O3 -I.
    In file included from fr.cpp:1:
    ./fr.hpp:71:50: error: unknown type name 'uint'; did you mean 'int'?
    void Fr_str2element(PFrElement pE, char const*s, uint base);
                                                     ^~~~
                                                     int
    fr.cpp:56:51: error: unknown type name 'uint'; did you mean 'int'?
    void Fr_str2element(PFrElement pE, char const *s, uint base) {
                                                      ^~~~
                                                      int
    
    opened by gr8den 0
  • Illegal instruction in cpp

    Illegal instruction in cpp

    matElemMul.circom:

    pragma circom 2.0.0;
    
    // matrix multiplication by element
    template matElemMul (m,n) {
        signal input a[m][n];
        signal input b[m][n];
        signal output out[m][n];
        
        for (var i=0; i < m; i++) {
            for (var j=0; j < n; j++) {
                out[i][j] <== a[i][j] * b[i][j];
            }
        }
    }
    component main = matElemMul(4,4);
    

    I use the --c option to compile, but when I compute the witness in cpp, I prompt "illegal instruction". So how to use it correctly?

    env:

    ubuntu 18.04
    gcc 6.5.0 
    
    opened by zkh2016 1
  • Generate input/output interface for circom.

    Generate input/output interface for circom.

    Motivation

    We are using snarkjs as backend for circom.

         const { proof, publicSignals } = await snarkjs.groth16.fullProve(
                inputs,
                circuitWasmPath,
                zkeyPath
         )
    

    Variable inputs have type any. Every time we changed circom file we need to update inputs structs. However any make us hard to remember and easy to create error/bugs. I think we should create function for auto gen inputs/outputs interface of circom. It's help developer easy to test and use circom.

    Proposal

    Create new interface command line to generate inputs/outputs interface.

    Example

    circom merkle_tree.circom --types types.ts
    

    Circom file

    include "../../../node_modules/circomlib/circuits/comparators.circom";
    
    template Example() {
        signal input first_input;
        signal input second_input[100];
        signal output first_output;
    }
    

    We will generate inputs interface like bellow:

    interface ExampleInput {
        first_input: bigint;
        second_input: bigint[];
    }
    

    Samething for outputs interface.

    Thank Iden3 for awesome work!

    opened by vuvoth 0
  • Feature request: Trace mode

    Feature request: Trace mode

    A lot of logging in circuits is primarily used for generating "stack traces" of the execution when generating a witness. Ideally, circom should have a "trace" mode that injects log statements for:

    1. entering template
    2. all template inputs
    3. all template outputs
    4. exiting templates

    These would then be logged (or traced some other way?) recursively as the witness is generated.

    opened by phated 1
  • Compilation mode that removes all log statements

    Compilation mode that removes all log statements

    When developing a circuit, an author will likely include many log statements. It would be ideal to have a compilation mode that removes all of these log statements from the output when compiling for production.

    opened by phated 1
Releases(v2.1.2)
  • v2.1.2(Nov 7, 2022)

  • v2.1.1(Nov 5, 2022)

    November 4, 2022 circom 2.1.1

    Extensions

    • New feature of anonymous components: programmers can pass the parameters indicate the input names receiving the values.See here.
    • circom now exits with 0 when it finishes successfully (last version exists with Exist(0) which broke some projects).
    • Improving tags assignment: case multiple assignments in an array giving the same value to a tag.
    • Allowing in cpp the use of binary, octal and hexadecimal numbers as inputs from a json file
    • Adding support for non-64bit architectures.
    • Witness_calculator adapted to work with negative numbers in the json input.

    Fixed bugs

    • Fixing bug in C++ witness generation: function Fr_toInt in fr.asm
    • Improving error handling division by zero (instead of throwing a panic)
    Source code(tar.gz)
    Source code(zip)
    circom-linux-amd64(13.16 MB)
    circom-macos-amd64(8.79 MB)
    circom-windows-amd64.exe(8.34 MB)
  • v2.1.0(Oct 11, 2022)

  • v2.0.9(Sep 21, 2022)

    Release notes

    September 21, 2022 circom 2.0.9

    Extension

    • Adding a warning if the programmer is using the operator <-- when it is possible to use <== instead (if the right side is a quadratic expression and the instruction is not contained in a custom template).
    • Signal ids in custom templates changed to 64 bits.
    • Array sizes are expected to be usize. Now, we throw an error in other case.
    • Separating optimization option -O2 in two different options: --O2 and --O2rounds. Explanation can be found here. The default option is currently --O2.
    • Writing Sections 4 and 5 of the r1cs file, only if "pragma custom_templates" is used (which is needed if custom templates are present).
    • Improving --O1 optimization.
    • Adding a new documentation section about the different compilation options and flags.

    Fixed bugs

    • Fixing -l option to disallow several values for one option: each value must have its own -l option.
    Source code(tar.gz)
    Source code(zip)
    circom-linux-amd64(12.49 MB)
    circom-macos-amd64(8.23 MB)
    circom-windows-amd64.exe(7.63 MB)
  • v2.0.8(Aug 26, 2022)

    Release notes

    August 26, 2022 circom 2.0.8

    Extensions

    • Adding a link option -l that works as usual in other programming languages, to include a directory to look for the circuits indicated by the directive include.
    • Adding a warning if the programmer is using the operator <-- when it is possible to use <== instead (if the right side is a quadratic expression).
    • circom returns 0 if everything was correct and a number greater than 0 if something was wrong.
    • Changing the log operator to work as usual in other programming languages.
    • Allowing the creation of parallel components. The keyword parallel can be used per instance besides of per template. Now, parallel can be indicated before the instantiation call to make parallel that particular instance.
    • Wasm Functions getMinorVersion and getPatchVersion to obtain the minor and the patch version.

    Fixed Bugs

    • Fixing main.cpp to allow handling a main component without inputs.
    • New log version has to be applied in every version of wasm files. (By a mistake, it was not updated for every wasm files.)
    Source code(tar.gz)
    Source code(zip)
    circom-linux-amd64(12.49 MB)
    circom-macos-amd64(8.23 MB)
    circom-windows-amd64.exe(7.62 MB)
  • v2.0.7(Aug 19, 2022)

    Release notes

    August 19, 2022 circom 2.0.7

    Extensions

    • Log operation receives as parameters a list of expressions and string. (Documentation is here.
    • New heuristics that improves the constraint simplification process is added by default. The old version of the simplification process can be still used using the option "--use_old_simplification_heuristics".
    • Initialization of every array position to 0 in both C and WASM witness generator.
    • New check of size vector when vector assignment: + If a vector is assigned in a smaller vector, then an error is produced. + If a vector is assigned in a larger vector, then a warning is produced. (The remaining positions will have their previous values, or 0
      otherwise.
    • Improvement of the trace error message.
    Source code(tar.gz)
    Source code(zip)
    circom-linux-amd64(12.41 MB)
    circom-macos-amd64(8.16 MB)
    circom-windows-amd64.exe(7.58 MB)
  • v2.0.6(Jul 22, 2022)

  • v2.0.5(Jun 24, 2022)

  • v2.0.4(Jun 24, 2022)

    April 24, 2022 circom 2.0.4

    Extensions

    • Improvement of unused signals removal in constraint optimization.
    • macos (x86_64) support for cpp backend added: use template to generate makefile (Not available for M1).
    • wabt dependency swapped to wast dependency instead.
    • Improvement of the known/unknown analysis.
    • Single signal declaration with initialization added for both <== and <--.
    • Input signal size check added in wasm/JS and C++ generated code.
    • Recommendation of using C++ when the memory needed is beyond WebAssembly limit added.
    • Making deterministic the R1CS file: constraints will be always written in the R1CS file in the same order.

    Fixed Bugs

    • Bug in C++ error trace management for asserts in functions.
    • Bug in multiple line(s) comments.
    • Bug in unassigned inputs of arrays of size 0.
    • Bug in the use of constant division operation on constraints.
    • Bug in evaluation of expressions involving subcomponents signals.
    Source code(tar.gz)
    Source code(zip)
  • v2.0.3(Jun 24, 2022)

    Dec 23, 2021 circom 2.0.3

    Extensions

    • Improvement in the check all array dimensions in its definition have known size.
    • A new verbose flag is added: If –verbose is set the compiler shows log messages during constraint generation.

    Fixed Bugs

    • Bug in functions that return calls to other functions.
    Source code(tar.gz)
    Source code(zip)
  • v2.0.2(Jun 24, 2022)

    Dec 10, 2021 circom 2.0.2

    Extensions

    • A check that all inputs are set is added in the wasm/JS and C++ generated code.
    • Improvement of the “merge_code” implementation in code generators.
    Source code(tar.gz)
    Source code(zip)
  • v2.0.1(Jun 24, 2022)

    Nov 9, 2021 circom 2.0.1

    Extensions

    • Error trace printed in the C++ code when an assert fails.
    • Compiler versions in circom programs handling added (improving the pragma instruction).
    • Arrays of components with uninstantiated positions are handled.
    • Comments in the wat code only generated when –wat flag is used.

    Fixed bug

    • Bug in the line number generation for wasm error message.
    • Bug: R1CS map is an array of 64bit elements (instead of 32bit).
    • Bug on the initial memory size (too large) defined in the generated wasm code and error message handling in wasm generation added.
    • Bug with use of circuit file names with dots.
    Source code(tar.gz)
    Source code(zip)
Owner
iden3
Blockchain-based identity management solution including privacy by design with zkSNARKs
iden3
Very overengineered Brainfuck compiler tools

BFVM - The overengineered brainfuck compiler tool Why? just learning about some codegen stuff Why so pathetic? The whole concept is pathetic. This is

MD Gaziur Rahman Noor 11 Jun 5, 2022
A Brainheck compiler written in Rust.

Brainhecc A compiler for Brain[hecc] programs, written in Rust with Cranelift. It compiles any valid Brainhecc program into an executable binary. Inst

Zack 1 Oct 28, 2021
The Lune Compiler

Lune A small C like programming language with the goal of compiling to C. Progress: Lexing Parsing AST generation Type checking Codegen Syntax # A com

null 2 Dec 1, 2021
R1CS circuit for Falcon signature verification.

Falcon R1CS This crate generates the R1CS circuit for Falcon signature verifications. Performance The total #constraints for a single Falcon-512 signa

zhenfei 2 May 17, 2022
Logimu: Circuit & logic gate simulator

Logimu: Circuit & logic gate simulator The main goal of Logimu is to simulate large circuits at a high speed. Features Live simulation Embed other cir

David Hoppenbrouwers 4 Nov 20, 2022
Damavand is a quantum circuit simulator. It can run on laptops or High Performance Computing architectures, such CPU distributed architectures or multi GPU distributed architectures.

Damavand is a quantum circuit simulator. It can run on laptops or High Performance Computing architectures, such CPU distributed architectures or multi GPU distributed architectures.

MichelNowak 0 Mar 29, 2022
Damavand is a quantum circuit simulator. It can run on laptops or High Performance Computing architectures, such CPU distributed architectures or multi GPU distributed architectures.

Damavand is a code that simulates quantum circuits. In order to learn more about damavand, refer to the documentation. Development status Core feature

prevision.io 6 Mar 29, 2022
A Rust library for the Marlin preprocessing zkSNARK

Marlin marlin is a Rust library that implements a preprocessing zkSNARK for R1CS with universal and updatable SRS This library was initially developed

arkworks 215 Dec 6, 2022
Bellman zkSNARK library for community with Ethereum's BN256 support

bellman "Community edition" Originally developed for ZCash, with extensions from us to make it a little more pleasant. Uses our "community edition" pa

Matter Labs 113 Dec 29, 2022
The Light Protocol program verifies zkSNARK proofs to enable anonymous transactions on Solana.

Light Protocol DISCLAIMER: THIS SOFTWARE IS NOT AUDITED. Do not use in production! Tests cd ./program && cargo test-bpf deposit_should_succeed cd ./pr

null 36 Dec 17, 2022
L2 validity rollup combined with blind signatures over elliptic curves inside zkSNARK, to provide offchain anonymous voting with onchain binding execution on Ethereum

blind-ovote Blind-OVOTE is a L2 voting solution which combines the validity rollup ideas with blind signatures over elliptic curves inside zkSNARK, to

Aragon ZK Research 3 Nov 18, 2022
Reef: A zkSNARK system for proving that a committed document matches a regex

Reef This is an implementation of Reef, a system for generating zero-knowledge proofs that a committed document matches or does not match a regular ex

University of Pennsylvania | Distributed Systems Lab 3 Dec 15, 2023
C-like language compiler, the final project of ZJU Compiler Principle course

cc99 cc99 (not cc98.org) is a C-like language compiler, which is the final project of ZJU Compiler Principle course. It supports many of the C99 langu

Ralph 37 Oct 18, 2022
FlatBuffers compiler (flatc) as API (with focus on transparent `.fbs` to `.rs` code-generation via Cargo build scripts integration)

FlatBuffers flatc API for Rust This crate provides a programmatical way to invoke flatc command (e.g. from build.rs) to generate Rust (or, in fact, an

Vlad Frolov 87 Dec 22, 2022
Compiler for Jade-like template language to cito.js-based virtual dom

Marafet A very experimental DSL for creating (mostly) single page applications in HTML. It's mostly a Jade-like (or Haml-like) templating language wit

Paul Colomiets 11 Jun 25, 2020
Open deep learning compiler stack for cpu, gpu and specialized accelerators

Open Deep Learning Compiler Stack Documentation | Contributors | Community | Release Notes Apache TVM is a compiler stack for deep learning systems. I

The Apache Software Foundation 8.9k Jan 4, 2023
OpenStreetMap flatdata format and compiler

osmflat Flat OpenStreetMap (OSM) data format providing an efficient random data access through memory mapped files. The data format is described and i

null 31 Dec 7, 2022
The hash programming language compiler

The Hash Programming language Run Using the command cargo run hash. This will compile, build and run the program in the current terminal/shell. Submit

Hash 13 Nov 3, 2022
Take your first step in writing a compiler. Implemented in Rust.

first-step-rust Take your first step in writing a compiler, using Rust. Building from Source Make sure the Rust toolchain is installed on your compute

PKU Compiler Course 13 Aug 28, 2022