Crate r1cs

Expand description

This is a rust library for building R1CS gadgets over prime fields, which are useful in SNARKs and other argument systems.

See the readme for more information and examples.

Re-exports§

pub use num;

Macros§

binary_unsigned_values
Creates an instance of WireValues from the given binary wires and BigUint values.
boolean_values
Creates an instance of WireValues from the given boolean wires and boolean values.
values
Creates an instance of WireValues from the given wires and field element values.

Structs§

BinaryExpression
A BinaryExpression is comprised of several bits, each one being a BooleanExpression.
BinaryWire
A “binary wire” which is comprised of several bits, each one being a boolean wire.
Bls12_381
The BLS12-381 curve.
Bn128
The BN128 curve.
BooleanExpression
An Expression whose value is known to be binary.
BooleanWire
A Wire whose value is constrained to be binary.
Constraint
An rank-1 constraint of the form a * b = c, where a, b, and c are linear combinations of wires.
DaviesMeyer
The additive variant of Davies-Meyer, which creates a one-way compression function from a block cipher.
EdwardsPoint
An embedded Edwards curve point defined over the same base field as the constraint system, with affine coordinates as elements.
EdwardsPointExpression
An embedded Edwards curve point defined over the same base field as the field used in the constraint system, with affine coordinates as expressions.
Element
An element of a prime field.
ElementMatrix
A matrix of prime field elements.
Expression
A linear combination of wires.
Gadget
An R1CS gadget.
GadgetBuilder
InversePermutation
The permutation 1 / x, with zero being mapped to itself.
JubJub
LCG
A simple linear congruential generator, with parameters taken from Numerical Recipes.
MdsMatrix
A Maximum Distance Separable matrix.
MerkleDamgard
A hash function based on the Merkle–Damgård construction.
MerklePath
The path from a leaf to the root of a binary Merkle tree.
MiMCBlockCipher
The MiMC block cipher.
MiMCPermutation
The MiMC permutation, which is equivalent to MiMC encryption with a key of zero.
MiyaguchiPreneel
The additive variant of Miyaguchi-Preneel, which creates a one-way compression function from a block cipher.
MonomialPermutation
The permutation x^n.
MontgomeryPointExpression
An embedded Montgomery curve point defined over the same base field as the field used in the constraint system, with affine coordinates as expressions.
NumberOfRounds
The number of full and partial rounds to use in an instance of Poseidon.
Poseidon
The Poseidon permutation.
PoseidonBuilder
Builds a Poseidon instance.
ProjWeierstrassPointExpression
An embedded Weierstrass curve point defined over the same base field as the field used in the constraint system, with projective coordinates as expressions.
Rescue
The Rescue permutation.
RescueBuilder
Builds a Rescue instance.
Sponge
A sponge function.
WeierstrassPointExpression
An embedded Weierstrass curve point defined over the same base field as the field used in the constraint system, with affine coordinates as expressions.
Wire
A wire represents a witness element.
WireValues
An assignment of wire values, where each value is an element of the field F.
WitnessGenerator
Generates some elements of the witness.

Enums§

PoseidonSbox
An S-Box that can be used with Poseidon.

Traits§

BlockCipher
A symmetric-key block cipher.
CompressionFunction
A function which compresses two field elements into one, and is intended to be one-way.
Curve
CurvePoint
EdwardsCurve
An embedded twisted Edwards curve defined over the same base field as the field used in the constraint system
Field
A prime order field.
HashFunction
A function which hashes a sequence of field elements, outputting a single field element.
MultiPermutation
A permutation whose inputs and outputs consist of multiple field elements.
Permutation
A permutation of single field elements.

Crate r1csCopy item path

Re-exports§

Macros§

Structs§

Enums§

Traits§

Crate r1cs