VitalJeevanjot/bls12_381_latest_verifier.aes Secret

## bls12_381_latest_verifier.aes

@compiler >= 6

include "BLS12_381.aes"
include "List.aes"

contract VerifyZKP =

    record verify_key = { a : BLS12_381.g1, b : BLS12_381.g2, c : BLS12_381.g2, d : BLS12_381.g2, ic : list(BLS12_381.g1) }
    record proof = { a : BLS12_381.g1, b : BLS12_381.g2, c : BLS12_381.g1 }

    public entrypoint verifyingKey() : verify_key =
        let _a = BLS12_381.mk_g1(
            3336208025895282801467121042590356419234644692143882069381168599475053878258325423048715471169591881823262687764052,
            559462757960681444861070892720571769668019673771270909841461215521690484765628725098501809785026707774774204751666,
            1
         )

        let _b = BLS12_381.mk_g2(
            2119291570234606498384334051513931407210202389274923638337944912450794451746425682761978970860698678556710510002713,
            806982672008971502626309025796479715081872681662651810170059851406899751793031842082681311866646208997546299279371,
            1785447865252432987436877277429715207951811223926834171747650968932717175131805070457375379690484811123398058131735,
            1944068038521107958168138187179608309936860915205780198029566418417761590487766618446599680154973215305031210486706,
            1,
            0
         )

        let _c = BLS12_381.mk_g2(
            352701069587466618187139116011060144890029952792775240219908644239793785735715026873347600343865175952761926303160,
            3059144344244213709971259814753781636986470325476647558659373206291635324768958432433509563104347017837885763365758,
            1985150602287291935568054521177171638300868978215655730859378665066344726373823718423869104263333984641494340347905,
            927553665492332455747201965776037880757740193453592970025027978793976877002675564980949289727957565575433344219582,
            1,
            0
         )

        let _d = BLS12_381.mk_g2(
            2913739590084627755131339300561999371000506714085489558339547253303116193241547700371087468743776507671710037780219,
            3166007670295657186996234287774291964058440553347105075256755665096932394581654865864858953252679354166091178242161,
            2828119831044010224336267357451158329968943530280737224026284239365927535129580507908560092160720002407333159464920,
            3664509666651056436048154713737181992158089028292866911941749368083266470615928842791964652208431388055577290387442,
            1,
            0
         )

        let _ic: list(BLS12_381.g1) = [
            BLS12_381.mk_g1(
                10908266623105103471043053557140238559549911563840287642587226599346638920570217250093269106158326846564040503193,
                1708555277410983766793152468308165481725258454205830972125313190053768307586237552521681835224364060235241009141668,
                1
            ),
            BLS12_381.mk_g1(
                2212323838631151907176555983595955156102606843918079011532507456037322189756549110620000083632618169350896786165513,
                3179634292388678330249732367738538409032224907530670633585147586136971508035766493899048235253914749244597661291369,
                1
            )
         ]

        {a =_a, b = _b, c = _c, d = _d, ic = _ic}

    function return_proof(): proof =
        {
            a = BLS12_381.mk_g1(3147976723149489859761530872984028462034538679944384837539791309920356665754164302613908745640547280918695328173580,
                930151850943288771744482840546852954611155336919204941204021862254754152518302874102606047734354137440573711399220,
                1),

            b = BLS12_381.mk_g2(2904572736743504490815711870221035402191552027212666353577288182480850298300419248232935947470474838494798493916507,
                2065240763541717981078787854968598823208382364114476659485192937340836599945305275680958916731432307027797336139009,
                80398571805065897487660301796264674247777121558657687069183589411378965424205829537530242080722236143422638716816,
                2001894898589695903485343754133403796168357290049128430070740884856148456511639050413934345423589140110795014927333,
                1,
                0),
            c = BLS12_381.mk_g1(3919826893926508557750098617639871699928504637318988284475674255169924457111925861214158159129822181411321007387613,
                3558205460341417241254987523891719000244488429387579696970032523124201417880094438520681105453836336618530498368346,
                1)
            }

    function return_input(): list(BLS12_381.fr) =
        [BLS12_381.int_to_fr(33)]

    public entrypoint static_verification() : bool =
        verify(return_proof(), return_input())

    public entrypoint verify(p : proof, inp: list(BLS12_381.fr)) : bool =
        let vk = verifyingKey()
        let vk_x = verify_proof(inp, p, vk)

        BLS12_381.pairing_check([BLS12_381.g1_neg(p.a), vk.a, vk_x, p.c],
                            [p.b, vk.b, vk.c, vk.d])


    function verify_proof(inputs: list(BLS12_381.fr), pr: proof, vk: verify_key) : BLS12_381.g1 =

        require(List.length(inputs) + 1 == List.length(vk.ic), "verifier-bad-input")

        let vk_x = calc_vk_x(vk.ic, inputs)

        vk_x


    function calc_vk_x(ics : list(BLS12_381.g1), xs : list(BLS12_381.fr)) : BLS12_381.g1 =
        switch(ics)
            (ic :: ics) => calc_vk_x_(ic, ics, xs)

    function calc_vk_x_(vk_x : BLS12_381.g1, ics : list(BLS12_381.g1), xs : list(BLS12_381.fr)) : BLS12_381.g1 =
        switch((ics, xs))
            ([], []) => vk_x
            (ic :: ics, x :: xs) => calc_vk_x_(BLS12_381.g1_add(vk_x, BLS12_381.g1_mul(x, ic)), ics, xs)

	@compiler >= 6

	include "BLS12_381.aes"
	include "List.aes"

	contract VerifyZKP =

	record verify_key = { a : BLS12_381.g1, b : BLS12_381.g2, c : BLS12_381.g2, d : BLS12_381.g2, ic : list(BLS12_381.g1) }
	record proof = { a : BLS12_381.g1, b : BLS12_381.g2, c : BLS12_381.g1 }

	public entrypoint verifyingKey() : verify_key =
	let _a = BLS12_381.mk_g1(
	3336208025895282801467121042590356419234644692143882069381168599475053878258325423048715471169591881823262687764052,
	559462757960681444861070892720571769668019673771270909841461215521690484765628725098501809785026707774774204751666,
	1
	)

	let _b = BLS12_381.mk_g2(
	2119291570234606498384334051513931407210202389274923638337944912450794451746425682761978970860698678556710510002713,
	806982672008971502626309025796479715081872681662651810170059851406899751793031842082681311866646208997546299279371,
	1785447865252432987436877277429715207951811223926834171747650968932717175131805070457375379690484811123398058131735,
	1944068038521107958168138187179608309936860915205780198029566418417761590487766618446599680154973215305031210486706,
	1,
	0
	)

	let _c = BLS12_381.mk_g2(
	352701069587466618187139116011060144890029952792775240219908644239793785735715026873347600343865175952761926303160,
	3059144344244213709971259814753781636986470325476647558659373206291635324768958432433509563104347017837885763365758,
	1985150602287291935568054521177171638300868978215655730859378665066344726373823718423869104263333984641494340347905,
	927553665492332455747201965776037880757740193453592970025027978793976877002675564980949289727957565575433344219582,
	1,
	0
	)

	let _d = BLS12_381.mk_g2(
	2913739590084627755131339300561999371000506714085489558339547253303116193241547700371087468743776507671710037780219,
	3166007670295657186996234287774291964058440553347105075256755665096932394581654865864858953252679354166091178242161,
	2828119831044010224336267357451158329968943530280737224026284239365927535129580507908560092160720002407333159464920,
	3664509666651056436048154713737181992158089028292866911941749368083266470615928842791964652208431388055577290387442,
	1,
	0
	)

	let _ic: list(BLS12_381.g1) = [
	BLS12_381.mk_g1(
	10908266623105103471043053557140238559549911563840287642587226599346638920570217250093269106158326846564040503193,
	1708555277410983766793152468308165481725258454205830972125313190053768307586237552521681835224364060235241009141668,
	1
	),
	BLS12_381.mk_g1(
	2212323838631151907176555983595955156102606843918079011532507456037322189756549110620000083632618169350896786165513,
	3179634292388678330249732367738538409032224907530670633585147586136971508035766493899048235253914749244597661291369,
	1
	)
	]

	{a =_a, b = _b, c = _c, d = _d, ic = _ic}

	function return_proof(): proof =
	{
	a = BLS12_381.mk_g1(3147976723149489859761530872984028462034538679944384837539791309920356665754164302613908745640547280918695328173580,
	930151850943288771744482840546852954611155336919204941204021862254754152518302874102606047734354137440573711399220,
	1),

	b = BLS12_381.mk_g2(2904572736743504490815711870221035402191552027212666353577288182480850298300419248232935947470474838494798493916507,
	2065240763541717981078787854968598823208382364114476659485192937340836599945305275680958916731432307027797336139009,
	80398571805065897487660301796264674247777121558657687069183589411378965424205829537530242080722236143422638716816,
	2001894898589695903485343754133403796168357290049128430070740884856148456511639050413934345423589140110795014927333,
	1,
	0),
	c = BLS12_381.mk_g1(3919826893926508557750098617639871699928504637318988284475674255169924457111925861214158159129822181411321007387613,
	3558205460341417241254987523891719000244488429387579696970032523124201417880094438520681105453836336618530498368346,
	1)
	}

	function return_input(): list(BLS12_381.fr) =
	[BLS12_381.int_to_fr(33)]

	public entrypoint static_verification() : bool =
	verify(return_proof(), return_input())

	public entrypoint verify(p : proof, inp: list(BLS12_381.fr)) : bool =
	let vk = verifyingKey()
	let vk_x = verify_proof(inp, p, vk)

	BLS12_381.pairing_check([BLS12_381.g1_neg(p.a), vk.a, vk_x, p.c],
	[p.b, vk.b, vk.c, vk.d])



	function verify_proof(inputs: list(BLS12_381.fr), pr: proof, vk: verify_key) : BLS12_381.g1 =

	require(List.length(inputs) + 1 == List.length(vk.ic), "verifier-bad-input")

	let vk_x = calc_vk_x(vk.ic, inputs)

	vk_x


	function calc_vk_x(ics : list(BLS12_381.g1), xs : list(BLS12_381.fr)) : BLS12_381.g1 =
	switch(ics)
	(ic :: ics) => calc_vk_x_(ic, ics, xs)

	function calc_vk_x_(vk_x : BLS12_381.g1, ics : list(BLS12_381.g1), xs : list(BLS12_381.fr)) : BLS12_381.g1 =
	switch((ics, xs))
	([], []) => vk_x
	(ic :: ics, x :: xs) => calc_vk_x_(BLS12_381.g1_add(vk_x, BLS12_381.g1_mul(x, ic)), ics, xs)