From f051cd0744433b7088344fe60678444aca1dfc51 Mon Sep 17 00:00:00 2001
From: AgustinBadi <absalinas@uc.cl>
Date: Thu, 29 Feb 2024 18:13:00 -0300
Subject: [PATCH] Update README

---
 README.md  |  68 ++++++++++++++++++++++------
 groth16.sh | 130 ++++++++++++++++++++++++++---------------------------
 2 files changed, 119 insertions(+), 79 deletions(-)

diff --git a/README.md b/README.md
index 3b6791e..0118c82 100644
--- a/README.md
+++ b/README.md
@@ -1,11 +1,29 @@
 # AK-381: A SNARK verification library using bls12-381
 
 This Aiken library implements utilities to verificate Zero-Knowledge proof
-following the Groth16 protocol. The main feature is a Zero-Knowledge
-verification function. The library is tailored to use with the Circom language
-and the SnarkJs module.
+following the Groth16 protocol. The main feature is a zk-SNARK verification
+function, along with utilities to create proofs and interoperate with the Plutus
+VM. The library is tailored to use with the Circom language and the SnarkJs
+module.
 
-### The 3 prime factorization example
+The statement...
+
+I can prove to you "x" without to reveal "x".
+
+Is now possible in its endless variations in this next PlutusV3 hardfork.
+
+## About zk-SNARKs
+
+In short, a zk-SNARK follows a three step process:
+
+1. Setup: A preprocessing of the circuit (representation of the statement or
+   algorith that you want to prove) that results in the proverk-ey and
+   verification-key
+2. Proof: The creation of a proof of the statement.
+3. Verification: The verification of the statement given the proof (and not the
+   data itself).
+
+## The 3 prime factorization example
 
 In order to make this library ilustrative, we use a circuit that proofs that we
 know the multiplication of three big prime numbers to a verifier. Although in
@@ -14,36 +32,49 @@ result is usually an hard and challenging computation problem. In this case for
 a given number we show just one factor and we proof that we know the other two
 without revealing them.
 
-### Requisites
+## Requisites
 
 In order to use this library you must have circom and Snarkjs. You can get both
 installed following this part of the
 [circom documentation](https://docs.circom.io/getting-started/installation/)
 
-### Structure folder
+## Structure folder
 
 - Circuits: The folder where you put your circom circuits.
 - 3_fac: The output of the circuit that we use as example.
 - conversion: The javascript module where you can convert the proof and
   verification-key given by circom into the serialization that Plutus need.
 
-### Start Grot16 process
+## The Groth16 process.
+
+Groth16 is a zk-SNARK protocol that is characterized by its lighter proof and
+efficient verification. This library includes a bash script `.groth16` that
+conduct you to the full process of setup, proving and verification. Regarding
+the setup that in the case of Groth16 requires a multi-party computation so it
+will ask you various randoms contributions to securely create the prover-key and
+verificatio-key. Make sure to take a look in the script to know more.
 
-Once you circom file is set in your circuits folder, you can start the Groth16
-protocol from setup, to proof and verification using:
+Before executing the script you have to set some things:
+
+- Set your circuit in the `/circuits`folder.
+- Set the `input.json` file (see below creating the witness).
+- Set the `public.json`file (see below creating the witness).
+
+Once you circuits and other files are ready, you can start the Groth16 protocol
+from setup, to proof and verification using:
 
 ```bash
 ./groth16
 ```
 
-This script it's going to ask you about the circuit that you want to use. It is
+The script it's going to ask you about the circuit that you want to use. It is
 going to create you a folder with the name of the circuit which will storage all
 the outputs of the process.
 
-### Use it with SnarkJs
+### Use with SnarkJs
 
 Once you have completed the setup and created the `<circuit>_final.zkey`you can
-create new proof and verify them.
+create new proofs and verify them.
 
 **Creating the witness**
 
@@ -54,8 +85,17 @@ define the 3 factors (x1,x2 and x3) with these:
 { "x1": 3, "x2": 11, "x3": 17 }
 ```
 
-Then we take the wasm compilation of the circuit and the input and output the
-result in `witness.wtns`
+And then change the `public.json` with the product of the factors and x1:
+
+```JSON
+[
+  "561",
+  "3"
+]
+```
+
+Then we take the wasm compilation of the circuit and the`input.json` file and
+output the result in `witness.wtns`
 
 ```bash
 snarkjs wc 3_fac_js/3_fac.wasm input.json witness.wtns
diff --git a/groth16.sh b/groth16.sh
index 0244704..b26575e 100755
--- a/groth16.sh
+++ b/groth16.sh
@@ -9,68 +9,68 @@ if [ ! -d "$OUTPUT_PATH" ]; then
     mkdir -p "$OUTPUT_PATH"
 fi
 
-#echo "[Setup](1/22): Start a new powers of tau ceremony"
-#snarkjs powersoftau new bls12-381 15 ${OUTPUT_PATH}pot15_0000.ptau -v
-#
-#echo "[Setup](2/22): Contribute to the ceremony"
-#snarkjs powersoftau contribute ${OUTPUT_PATH}pot15_0000.ptau ${OUTPUT_PATH}pot15_0001.ptau --name="First contribution" -v
-#
-#echo "[Setup](3/22): Provide a second contribution"
-#snarkjs powersoftau contribute ${OUTPUT_PATH}pot15_0001.ptau ${OUTPUT_PATH}pot15_0002.ptau --name="Second contribution" -v 
-#
-#echo "[Setup](4/22): Verify the protocol so far"
-#snarkjs powersoftau verify ${OUTPUT_PATH}pot15_0002.ptau
-#
-#echo "[Setup](5/22): Apply a random beacon"
-#snarkjs powersoftau beacon ${OUTPUT_PATH}pot15_0002.ptau ${OUTPUT_PATH}pot15_beacon.ptau 0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f 10 -n="Final Beacon"
-#
-#echo "[Setup](6/22): Prepare phase 2"
-#snarkjs powersoftau prepare phase2 ${OUTPUT_PATH}pot15_beacon.ptau ${OUTPUT_PATH}pot15_final.ptau -v
-#
-#echo "[Setup](7/22): Verify the final ptau"
-#snarkjs powersoftau verify ${OUTPUT_PATH}pot15_final.ptau
-#
-#echo "[Setup](8/22): Compile the circuit"
-#circom $CIRCUIT_PATH --r1cs --wasm --sym -p bls12381 -o ${OUTPUT_PATH}
-#
-#echo "[Setup](9/22): View information about the circuit"
-#snarkjs r1cs info ${OUTPUT_PATH}${CIRCUIT_NAME}.r1cs
-#
-#echo "[Setup](10/22): Print the constraints"
-#snarkjs r1cs print ${OUTPUT_PATH}${CIRCUIT_NAME}.r1cs ${OUTPUT_PATH}${CIRCUIT_NAME}.sym
-#
-#echo "[Setup](11/22): Export r1cs to json"
-#snarkjs r1cs export json ${OUTPUT_PATH}${CIRCUIT_NAME}.r1cs ${OUTPUT_PATH}${CIRCUIT_NAME}.r1cs.json
-#
-#echo "[Setup](12/22): Generate witness"
-#node ${OUTPUT_PATH}${CIRCUIT_NAME}_js/generate_witness.js ${OUTPUT_PATH}${CIRCUIT_NAME}_js/mastermind.wasm mastermind.input.json  ${OUTPUT_PATH}witness.wtns
-#
-#echo "[Setup](13/22): Check witness"
-#snarkjs wtns check ${OUTPUT_PATH}$CIRCUIT_NAME.r1cs  ${OUTPUT_PATH}witness.wtns
-#
-#echo "[Setup](14/22): Setup"
-#snarkjs groth16 setup ${OUTPUT_PATH}${CIRCUIT_NAME}.r1cs ${OUTPUT_PATH}pot15_final.ptau ${OUTPUT_PATH}${CIRCUIT_NAME}_0000.zkey
-#
-#echo "[Setup](15/22): Contribute to the phase 2 ceremony"
-#snarkjs zkey contribute ${OUTPUT_PATH}${CIRCUIT_NAME}_0000.zkey ${OUTPUT_PATH}${CIRCUIT_NAME}_0001.zkey --name="1st Contributor Name" -v
-#
-#echo "[Setup](16/22): Provide a second contribution"
-#snarkjs zkey contribute ${OUTPUT_PATH}${CIRCUIT_NAME}_0001.zkey ${OUTPUT_PATH}${CIRCUIT_NAME}_0002.zkey --name="Second contribution Name" -v 
-#
-#echo "[Setup](17/22): Verify the latest zkey"
-#snarkjs zkey verify ${OUTPUT_PATH}${CIRCUIT_NAME}.r1cs ${OUTPUT_PATH}pot15_final.ptau ${OUTPUT_PATH}${CIRCUIT_NAME}_0002.zkey
-#
-#echo "[Setup](18/22): Apply a random beacon"
-#snarkjs zkey beacon ${OUTPUT_PATH}${CIRCUIT_NAME}_0002.zkey ${OUTPUT_PATH}${CIRCUIT_NAME}_final.zkey 0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f 10 -n="Final Beacon phase2"
-#
-#echo "[Setup](19/22): Verify the final zkey"
-#snarkjs zkey verify ${OUTPUT_PATH}${CIRCUIT_NAME}.r1cs ${OUTPUT_PATH}pot15_final.ptau ${OUTPUT_PATH}${CIRCUIT_NAME}_final.zkey
-#
-#echo "[Setup](20/22): Export the verification key"
-#snarkjs zkey export verificationkey ${OUTPUT_PATH}${CIRCUIT_NAME}_final.zkey ${OUTPUT_PATH}verification_key.json
-#
-#echo "[Proof](21/22): Create the proof"
-#snarkjs groth16 prove ${OUTPUT_PATH}${CIRCUIT_NAME}_final.zkey ${OUTPUT_PATH}witness.wtns ${OUTPUT_PATH}proof.json ${OUTPUT_PATH}public.json
-#
-#echo "[Verification](21/22): Verify the proof"
-#snarkjs groth16 verify ${OUTPUT_PATH}verification_key.json ${OUTPUT_PATH}public.json ${OUTPUT_PATH}proof.json
\ No newline at end of file
+echo "[Setup](1/22): Start a new powers of tau ceremony"
+snarkjs powersoftau new bls12-381 15 ${OUTPUT_PATH}pot15_0000.ptau -v
+
+echo "[Setup](2/22): Contribute to the ceremony"
+snarkjs powersoftau contribute ${OUTPUT_PATH}pot15_0000.ptau ${OUTPUT_PATH}pot15_0001.ptau --name="First contribution" -v
+
+echo "[Setup](3/22): Provide a second contribution"
+snarkjs powersoftau contribute ${OUTPUT_PATH}pot15_0001.ptau ${OUTPUT_PATH}pot15_0002.ptau --name="Second contribution" -v 
+
+echo "[Setup](4/22): Verify the protocol so far"
+snarkjs powersoftau verify ${OUTPUT_PATH}pot15_0002.ptau
+
+echo "[Setup](5/22): Apply a random beacon"
+snarkjs powersoftau beacon ${OUTPUT_PATH}pot15_0002.ptau ${OUTPUT_PATH}pot15_beacon.ptau 0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f 10 -n="Final Beacon"
+
+echo "[Setup](6/22): Prepare phase 2"
+snarkjs powersoftau prepare phase2 ${OUTPUT_PATH}pot15_beacon.ptau ${OUTPUT_PATH}pot15_final.ptau -v
+
+echo "[Setup](7/22): Verify the final ptau"
+snarkjs powersoftau verify ${OUTPUT_PATH}pot15_final.ptau
+
+echo "[Setup](8/22): Compile the circuit"
+circom $CIRCUIT_PATH --r1cs --wasm --sym -p bls12381 -o ${OUTPUT_PATH}
+
+echo "[Setup](9/22): View information about the circuit"
+snarkjs r1cs info ${OUTPUT_PATH}${CIRCUIT_NAME}.r1cs
+
+echo "[Setup](10/22): Print the constraints"
+snarkjs r1cs print ${OUTPUT_PATH}${CIRCUIT_NAME}.r1cs ${OUTPUT_PATH}${CIRCUIT_NAME}.sym
+
+echo "[Setup](11/22): Export r1cs to json"
+snarkjs r1cs export json ${OUTPUT_PATH}${CIRCUIT_NAME}.r1cs ${OUTPUT_PATH}${CIRCUIT_NAME}.r1cs.json
+
+echo "[Setup](12/22): Generate witness"
+node ${OUTPUT_PATH}${CIRCUIT_NAME}_js/generate_witness.js ${OUTPUT_PATH}${CIRCUIT_NAME}_js/mastermind.wasm mastermind.input.json  ${OUTPUT_PATH}witness.wtns
+
+echo "[Setup](13/22): Check witness"
+snarkjs wtns check ${OUTPUT_PATH}$CIRCUIT_NAME.r1cs  ${OUTPUT_PATH}witness.wtns
+
+echo "[Setup](14/22): Setup"
+snarkjs groth16 setup ${OUTPUT_PATH}${CIRCUIT_NAME}.r1cs ${OUTPUT_PATH}pot15_final.ptau ${OUTPUT_PATH}${CIRCUIT_NAME}_0000.zkey
+
+echo "[Setup](15/22): Contribute to the phase 2 ceremony"
+snarkjs zkey contribute ${OUTPUT_PATH}${CIRCUIT_NAME}_0000.zkey ${OUTPUT_PATH}${CIRCUIT_NAME}_0001.zkey --name="1st Contributor Name" -v
+
+echo "[Setup](16/22): Provide a second contribution"
+snarkjs zkey contribute ${OUTPUT_PATH}${CIRCUIT_NAME}_0001.zkey ${OUTPUT_PATH}${CIRCUIT_NAME}_0002.zkey --name="Second contribution Name" -v 
+
+echo "[Setup](17/22): Verify the latest zkey"
+snarkjs zkey verify ${OUTPUT_PATH}${CIRCUIT_NAME}.r1cs ${OUTPUT_PATH}pot15_final.ptau ${OUTPUT_PATH}${CIRCUIT_NAME}_0002.zkey
+
+echo "[Setup](18/22): Apply a random beacon"
+snarkjs zkey beacon ${OUTPUT_PATH}${CIRCUIT_NAME}_0002.zkey ${OUTPUT_PATH}${CIRCUIT_NAME}_final.zkey 0102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f 10 -n="Final Beacon phase2"
+
+echo "[Setup](19/22): Verify the final zkey"
+snarkjs zkey verify ${OUTPUT_PATH}${CIRCUIT_NAME}.r1cs ${OUTPUT_PATH}pot15_final.ptau ${OUTPUT_PATH}${CIRCUIT_NAME}_final.zkey
+
+echo "[Setup](20/22): Export the verification key"
+snarkjs zkey export verificationkey ${OUTPUT_PATH}${CIRCUIT_NAME}_final.zkey ${OUTPUT_PATH}verification_key.json
+
+echo "[Proof](21/22): Create the proof"
+snarkjs groth16 prove ${OUTPUT_PATH}${CIRCUIT_NAME}_final.zkey ${OUTPUT_PATH}witness.wtns ${OUTPUT_PATH}proof.json ${OUTPUT_PATH}public.json
+
+echo "[Verification](21/22): Verify the proof"
+snarkjs groth16 verify ${OUTPUT_PATH}verification_key.json ${OUTPUT_PATH}public.json ${OUTPUT_PATH}proof.json
\ No newline at end of file