liamzebedee · July 23, 2022 07:15 · liamzebedee · Jul 23, 2022
diff --git a/minicoin.ts b/minicoin.ts
 import { SelfProof, Field, ZkProgram, verify, Poseidon, SmartContract, Scalar, arrayProp } from 'snarkyjs';
 import {
    Circuit,
    CircuitValue,
    prop,
    public_,
    circuitMain,
    Signature,
    PrivateKey,
    PublicKey,
 } from 'snarkyjs';


 class Wallet {
    constructor(
        public pubKey: PublicKey,
        public privKey: PrivateKey
    ) {
    }

    static createRandom() {
        let privKey = PrivateKey.random();
        let pubKey = PublicKey.fromPrivateKey(privKey);

        return new Wallet(pubKey, privKey)
    }

    // send(to: PublicKey, amount: Field) {
    //     let tx = new Transaction(
    //         this.pubKey,
    //         to,
    //         amount
    //     )
    //     let hash = Poseidon.hash(tx.toFields());
    //     let msg = [hash];
    //     let sig = Signature.create(this.privKey, msg);
    //     return [msg, sig]
    // }
 }

 let account1 = Wallet.createRandom()
 let account2 = Wallet.createRandom()

 // Create a tx that sends 100 COIN from account1 to account2.
 // account1.send(account2.pubKey, Field.fromNumber(100))

 /*
 A coin looks like this:

 Coin (owner, amount)

 You spend a coin as input, and create two coins as outputs

 input: Coin()
 outputs: Coin()
 sig
 */

 class Coin extends CircuitValue {
    @prop amount: Field
    @prop owner: PublicKey

    constructor(amount: Field, owner: PublicKey) {
        super();
        this.amount = amount;
        this.owner = owner;
    }

    static from(obj: any): Coin {
        return new Coin(obj.amount, obj.owner)
    }
 }


 class RawTransaction extends CircuitValue {
    @prop inputIdx: Field;
    @arrayProp(Coin, 5) outputs: Coin[];

    constructor(input: Field, outputs: Coin[]) {
        super();
        this.inputIdx = input;
        this.outputs = outputs;
    }

    sighash() {
        return Poseidon.hash(this.toFields())
    }
 }

 class Transaction extends CircuitValue {
    @prop inputIdx: Field;
    @prop sig: Signature;
    @arrayProp(Coin, 5) outputs: Coin[];

    constructor(input: Field, outputs: Coin[]) {
        super();
        this.inputIdx = input;
        this.sig = SIGNATURE_NULL;
        this.outputs = outputs;
    }

    sighash() {
        return (new RawTransaction(this.inputIdx, this.outputs)).sighash()
    }

    sign(privKey: PrivateKey) {
        let msg = [this.sighash()]
        let sig = Signature.create(privKey, msg);
        this.sig = sig
    }

    // sigHash() {
    //     let data = [
    //         this.inputIdx,
    //         ...this.outputs.flatMap(output => ([ output.amount, ...output.owner.toFields() ]))
    //     ]
    //     return Poseidon.hash(data)
    // }
 }

 function fieldToNumber(field: Field): number {
    return parseInt(field.toString())
 }

 let Minicoin = ZkProgram({
    publicInput: Transaction,

    methods: {
        genesis: {
            privateInputs: [],

            method(t1: Transaction) {
                // Genesis.
                // (new Field(t1.outputs.length)).assertEquals(1)
                t1.outputs[0].amount.assertEquals(new Field(1000))
                // t1.outputs[0]..assertEquals(Field(1000))
            }
        },

        transfer: {
            privateInputs: [SelfProof],

            method(t1: Transaction, t0: SelfProof<Transaction>) {
                // Verify the sequence is correct.


                // Verify the state at t=0 was computed correctly.
                t0.verify();

                // Verify the state at t=1.
                // This is the core of the state machine.
                // Perform transfer of the coin.

                // Verify input coin.
                // A1: select an output coin of the previous tx.
                const prevNumOutputs = t0.publicInput.outputs.length
                t1.inputIdx.assertLt(prevNumOutputs)
                const uxto = t0.publicInput.outputs[fieldToNumber(t1.inputIdx)]
                
                // A2: the transfer is from the owner of this uxto.
                const hash = t1.sighash()
                const msg = [hash];
                t1.sig.verify(uxto.owner, msg)

                // Verify output coins.
                // A3: input == sum(outputs)
                let sumOutputs = Field.zero
                for (const output of t1.outputs) {
                    sumOutputs.add(output.amount)
                }
                uxto.amount.assertEquals(sumOutputs)
            },
        },
    },
 });





 let Proof = ZkProgram.Proof(Minicoin);

 console.log('compiling Minicoin...');
 const { verificationKey } = await Minicoin.compile();

 const SIGNATURE_NULL = new Signature(Field.zero, new Scalar())
 let genesisTx = new Transaction(
    Field.zero,
    [
        Coin.from({ amount: new Field(1000), owner: account1.pubKey })
    ]
 )
 // console.log(genesisTx)

 console.log('Genesis...');
 let genesis = await Minicoin.genesis(genesisTx)



 console.log('transfer #1...');
 let input = genesis
 let inputIdx = Field.zero
 let outputs = [
    {
        amount: new Field(500),
        owner: account1.pubKey,
    },
    {
        amount: new Field(500),
        owner: account2.pubKey,
    }
 ].map(Coin.from)

 let tx = new Transaction(inputIdx, outputs)
 tx.sign(account1.privKey)

 let proof = await Minicoin.transfer(tx, genesis);
 proof.verify()
	import { SelfProof, Field, ZkProgram, verify, Poseidon, SmartContract, Scalar, arrayProp } from 'snarkyjs';
	import {
	Circuit,
	CircuitValue,
	prop,
	public_,
	circuitMain,
	Signature,
	PrivateKey,
	PublicKey,
	} from 'snarkyjs';


	class Wallet {
	constructor(
	public pubKey: PublicKey,
	public privKey: PrivateKey
	) {
	}

	static createRandom() {
	let privKey = PrivateKey.random();
	let pubKey = PublicKey.fromPrivateKey(privKey);

	return new Wallet(pubKey, privKey)
	}

	// send(to: PublicKey, amount: Field) {
	// let tx = new Transaction(
	// this.pubKey,
	// to,
	// amount
	// )
	// let hash = Poseidon.hash(tx.toFields());
	// let msg = [hash];
	// let sig = Signature.create(this.privKey, msg);
	// return [msg, sig]
	// }
	}

	let account1 = Wallet.createRandom()
	let account2 = Wallet.createRandom()

	// Create a tx that sends 100 COIN from account1 to account2.
	// account1.send(account2.pubKey, Field.fromNumber(100))

	/*
	A coin looks like this:

	Coin (owner, amount)

	You spend a coin as input, and create two coins as outputs

	input: Coin()
	outputs: Coin()
	sig
	*/

	class Coin extends CircuitValue {
	@prop amount: Field
	@prop owner: PublicKey

	constructor(amount: Field, owner: PublicKey) {
	super();
	this.amount = amount;
	this.owner = owner;
	}

	static from(obj: any): Coin {
	return new Coin(obj.amount, obj.owner)
	}
	}


	class RawTransaction extends CircuitValue {
	@prop inputIdx: Field;
	@arrayProp(Coin, 5) outputs: Coin[];

	constructor(input: Field, outputs: Coin[]) {
	super();
	this.inputIdx = input;
	this.outputs = outputs;
	}

	sighash() {
	return Poseidon.hash(this.toFields())
	}
	}

	class Transaction extends CircuitValue {
	@prop inputIdx: Field;
	@prop sig: Signature;
	@arrayProp(Coin, 5) outputs: Coin[];

	constructor(input: Field, outputs: Coin[]) {
	super();
	this.inputIdx = input;
	this.sig = SIGNATURE_NULL;
	this.outputs = outputs;
	}

	sighash() {
	return (new RawTransaction(this.inputIdx, this.outputs)).sighash()
	}

	sign(privKey: PrivateKey) {
	let msg = [this.sighash()]
	let sig = Signature.create(privKey, msg);
	this.sig = sig
	}

	// sigHash() {
	// let data = [
	// this.inputIdx,
	// ...this.outputs.flatMap(output => ([ output.amount, ...output.owner.toFields() ]))
	// ]
	// return Poseidon.hash(data)
	// }
	}

	function fieldToNumber(field: Field): number {
	return parseInt(field.toString())
	}

	let Minicoin = ZkProgram({
	publicInput: Transaction,

	methods: {
	genesis: {
	privateInputs: [],

	method(t1: Transaction) {
	// Genesis.
	// (new Field(t1.outputs.length)).assertEquals(1)
	t1.outputs[0].amount.assertEquals(new Field(1000))
	// t1.outputs[0]..assertEquals(Field(1000))
	}
	},

	transfer: {
	privateInputs: [SelfProof],

	method(t1: Transaction, t0: SelfProof<Transaction>) {
	// Verify the sequence is correct.


	// Verify the state at t=0 was computed correctly.
	t0.verify();

	// Verify the state at t=1.
	// This is the core of the state machine.
	// Perform transfer of the coin.

	// Verify input coin.
	// A1: select an output coin of the previous tx.
	const prevNumOutputs = t0.publicInput.outputs.length
	t1.inputIdx.assertLt(prevNumOutputs)
	const uxto = t0.publicInput.outputs[fieldToNumber(t1.inputIdx)]

	// A2: the transfer is from the owner of this uxto.
	const hash = t1.sighash()
	const msg = [hash];
	t1.sig.verify(uxto.owner, msg)

	// Verify output coins.
	// A3: input == sum(outputs)
	let sumOutputs = Field.zero
	for (const output of t1.outputs) {
	sumOutputs.add(output.amount)
	}
	uxto.amount.assertEquals(sumOutputs)
	},
	},
	},
	});





	let Proof = ZkProgram.Proof(Minicoin);

	console.log('compiling Minicoin...');
	const { verificationKey } = await Minicoin.compile();

	const SIGNATURE_NULL = new Signature(Field.zero, new Scalar())
	let genesisTx = new Transaction(
	Field.zero,
	[
	Coin.from({ amount: new Field(1000), owner: account1.pubKey })
	]
	)
	// console.log(genesisTx)

	console.log('Genesis...');
	let genesis = await Minicoin.genesis(genesisTx)



	console.log('transfer #1...');
	let input = genesis
	let inputIdx = Field.zero
	let outputs = [
	{
	amount: new Field(500),
	owner: account1.pubKey,
	},
	{
	amount: new Field(500),
	owner: account2.pubKey,
	}
	].map(Coin.from)

	let tx = new Transaction(inputIdx, outputs)
	tx.sign(account1.privKey)

	let proof = await Minicoin.transfer(tx, genesis);
	proof.verify()
No results found