Skip to main content

Module sui::groth16

Struct Curve

Represents an elliptic curve construction to be used in the verifier. Currently we support BLS12-381 and BN254. This should be given as the first parameter to 

prepare_verifying_key
or 
verify_groth16_proof
.

public struct Curve has copy, drop, store
Click to open
Fields
id: u8

Struct PreparedVerifyingKey

A 

PreparedVerifyingKey
consisting of four components in serialized form.

public struct PreparedVerifyingKey has copy, drop, store
Click to open
Fields
vk_gamma_abc_g1_bytes: vector<u8>
alpha_g1_beta_g2_bytes: vector<u8>
gamma_g2_neg_pc_bytes: vector<u8>
delta_g2_neg_pc_bytes: vector<u8>

Struct PublicProofInputs

A 

PublicProofInputs
wrapper around its serialized bytes.

public struct PublicProofInputs has copy, drop, store
Click to open
Fields
bytes: vector<u8>

Struct ProofPoints

A 

ProofPoints
wrapper around the serialized form of three proof points.

public struct ProofPoints has copy, drop, store
Click to open
Fields
bytes: vector<u8>

Constants

const EInvalidVerifyingKey: u64 = 0;

const EInvalidCurve: u64 = 1;

const ETooManyPublicInputs: u64 = 2;

const EInvalidScalar: u64 = 3;

const MaxPublicInputs: u64 = 8;

Function bls12381

Return the 

Curve
value indicating that the BLS12-381 construction should be used in a given function.

public fun bls12381(): sui::groth16::Curve
Click to open
Implementation
public fun bls12381(): Curve { Curve { id: 0 } }

Function bn254

Return the 

Curve
value indicating that the BN254 construction should be used in a given function.

public fun bn254(): sui::groth16::Curve
Click to open
Implementation
public fun bn254(): Curve { Curve { id: 1 } }

Function pvk_from_bytes

Creates a 

PreparedVerifyingKey
from bytes.

public fun pvk_from_bytes(vk_gamma_abc_g1_bytes: vector<u8>, alpha_g1_beta_g2_bytes: vector<u8>, gamma_g2_neg_pc_bytes: vector<u8>, delta_g2_neg_pc_bytes: vector<u8>): sui::groth16::PreparedVerifyingKey
Click to open
Implementation
public fun pvk_from_bytes(
    vk_gamma_abc_g1_bytes: vector<u8>,
    alpha_g1_beta_g2_bytes: vector<u8>,
    gamma_g2_neg_pc_bytes: vector<u8>,
    delta_g2_neg_pc_bytes: vector<u8>,
): PreparedVerifyingKey {
    PreparedVerifyingKey {
        vk_gamma_abc_g1_bytes,
        alpha_g1_beta_g2_bytes,
        gamma_g2_neg_pc_bytes,
        delta_g2_neg_pc_bytes,
    }
}

Function pvk_to_bytes

Returns bytes of the four components of the 

PreparedVerifyingKey
.

public fun pvk_to_bytes(pvk: sui::groth16::PreparedVerifyingKey): vector<vector<u8>>
Click to open
Implementation
public fun pvk_to_bytes(pvk: PreparedVerifyingKey): vector<vector<u8>> {
    vector[
        pvk.vk_gamma_abc_g1_bytes,
        pvk.alpha_g1_beta_g2_bytes,
        pvk.gamma_g2_neg_pc_bytes,
        pvk.delta_g2_neg_pc_bytes,
    ]
}

Function public_proof_inputs_from_bytes

Creates a 

PublicProofInputs
wrapper from bytes. The bytes parameter should be a concatenation of a number of 32 bytes scalar field elements to be used as public inputs in little-endian format to a circuit.

public fun public_proof_inputs_from_bytes(bytes: vector<u8>): sui::groth16::PublicProofInputs
Click to open
Implementation
public fun public_proof_inputs_from_bytes(bytes: vector<u8>): PublicProofInputs {
    assert!(bytes.length() % 32 == 0, EInvalidScalar);
    assert!(bytes.length() / 32 <= MaxPublicInputs, ETooManyPublicInputs);
    PublicProofInputs { bytes }
}

Function proof_points_from_bytes

Creates a Groth16 

ProofPoints
from bytes.

public fun proof_points_from_bytes(bytes: vector<u8>): sui::groth16::ProofPoints
Click to open
Implementation
public fun proof_points_from_bytes(bytes: vector<u8>): ProofPoints {
    ProofPoints { bytes }
}

Function prepare_verifying_key

@param curve: What elliptic curve construction to use. See 

bls12381
and 
bn254
. @param verifying_key: An Arkworks canonical compressed serialization of a verifying key.

Returns four vectors of bytes representing the four components of a prepared verifying key. This step computes one pairing e(P, Q), and binds the verification to one particular proof statement. This can be used as inputs for the 

verify_groth16_proof
function.

public fun prepare_verifying_key(curve: &sui::groth16::Curve, verifying_key: &vector<u8>): sui::groth16::PreparedVerifyingKey
Click to open
Implementation
public fun prepare_verifying_key(curve: &Curve, verifying_key: &vector<u8>): PreparedVerifyingKey {
    prepare_verifying_key_internal(curve.id, verifying_key)
}

Function prepare_verifying_key_internal

Native functions that flattens the inputs into an array and passes to the Rust native function. May abort with 

EInvalidVerifyingKey
or 
EInvalidCurve
.

fun prepare_verifying_key_internal(curve: u8, verifying_key: &vector<u8>): sui::groth16::PreparedVerifyingKey
Click to open
Implementation
native fun prepare_verifying_key_internal(
    curve: u8,
    verifying_key: &vector<u8>,
): PreparedVerifyingKey;

Function verify_groth16_proof

@param curve: What elliptic curve construction to use. See the 

bls12381
and 
bn254
functions. @param prepared_verifying_key: Consists of four vectors of bytes representing the four components of a prepared verifying key. @param public_proof_inputs: Represent inputs that are public. @param proof_points: Represent three proof points.

Returns a boolean indicating whether the proof is valid.

public fun verify_groth16_proof(curve: &sui::groth16::Curve, prepared_verifying_key: &sui::groth16::PreparedVerifyingKey, public_proof_inputs: &sui::groth16::PublicProofInputs, proof_points: &sui::groth16::ProofPoints): bool
Click to open
Implementation
public fun verify_groth16_proof(
    curve: &Curve,
    prepared_verifying_key: &PreparedVerifyingKey,
    public_proof_inputs: &PublicProofInputs,
    proof_points: &ProofPoints,
): bool {
    verify_groth16_proof_internal(
        curve.id,
        &prepared_verifying_key.vk_gamma_abc_g1_bytes,
        &prepared_verifying_key.alpha_g1_beta_g2_bytes,
        &prepared_verifying_key.gamma_g2_neg_pc_bytes,
        &prepared_verifying_key.delta_g2_neg_pc_bytes,
        &public_proof_inputs.bytes,
        &proof_points.bytes,
    )
}

Function verify_groth16_proof_internal

Native functions that flattens the inputs into arrays of vectors and passed to the Rust native function. May abort with 

EInvalidCurve
or 
ETooManyPublicInputs
.

fun verify_groth16_proof_internal(curve: u8, vk_gamma_abc_g1_bytes: &vector<u8>, alpha_g1_beta_g2_bytes: &vector<u8>, gamma_g2_neg_pc_bytes: &vector<u8>, delta_g2_neg_pc_bytes: &vector<u8>, public_proof_inputs: &vector<u8>, proof_points: &vector<u8>): bool
Click to open
Implementation
native fun verify_groth16_proof_internal(
    curve: u8,
    vk_gamma_abc_g1_bytes: &vector<u8>,
    alpha_g1_beta_g2_bytes: &vector<u8>,
    gamma_g2_neg_pc_bytes: &vector<u8>,
    delta_g2_neg_pc_bytes: &vector<u8>,
    public_proof_inputs: &vector<u8>,
    proof_points: &vector<u8>,
): bool;