[][src]Crate r1cs

This is a rust library for building R1CS gadgets over prime fields, which are useful in SNARKs and other argument systems.

See the readme for more information and examples.

Re-exports

pub use num;

Macros

binary_unsigned_values

Creates an instance of WireValues from the given binary wires and BigUint values.

boolean_values

Creates an instance of WireValues from the given boolean wires and boolean values.

values

Creates an instance of WireValues from the given wires and field element values.

Structs

BinaryExpression

A BinaryExpression is comprised of several bits, each one being a BooleanExpression.

BinaryWire

A "binary wire" which is comprised of several bits, each one being a boolean wire.

Bls12_381

The BLS12-381 curve.

Bn128

The BN128 curve.

BooleanExpression

An Expression whose value is known to be binary.

BooleanWire

A Wire whose value is constrained to be binary.

Constraint

An rank-1 constraint of the form a * b = c, where a, b, and c are linear combinations of wires.

DaviesMeyer

The additive variant of Davies-Meyer, which creates a one-way compression function from a block cipher.

Element

An element of a prime field.

ElementMatrix

A matrix of prime field elements.

Expression

A linear combination of wires.

Gadget

An R1CS gadget.

GadgetBuilder
InversePermutation

The permutation 1 / x, with zero being mapped to itself.

LCG

A simple linear congruential generator, with parameters taken from Numerical Recipes.

MdsMatrix

A Maximum Distance Separable matrix.

MerkleDamgard

A hash function based on the Merkle–Damgård construction.

MerklePath

The path from a leaf to the root of a binary Merkle tree.

MiMCBlockCipher

The MiMC block cipher.

MiMCPermutation

The MiMC permutation, which is equivalent to MiMC encryption with a key of zero.

MiyaguchiPreneel

The additive variant of Miyaguchi-Preneel, which creates a one-way compression function from a block cipher.

MonomialPermutation

The permutation x^n.

NumberOfRounds

The number of full and partial rounds to use in an instance of Poseidon.

Poseidon

The Poseidon permutation.

PoseidonBuilder

Builds a Poseidon instance.

Rescue

The Rescue permutation.

RescueBuilder

Builds a Rescue instance.

Sponge

A sponge function.

Wire

A wire represents a witness element.

WireValues

An assignment of wire values, where each value is an element of the field F.

WitnessGenerator

Generates some elements of the witness.

Enums

PoseidonSbox

An S-Box that can be used with Poseidon.

Traits

BlockCipher

A symmetric-key block cipher.

CompressionFunction

A function which compresses two field elements into one, and is intended to be one-way.

Field

A prime order field.

HashFunction

A function which hashes a sequence of field elements, outputting a single field element.

MultiPermutation

A permutation whose inputs and outputs consist of multiple field elements.

Permutation

A permutation of single field elements.