Skip to main content

sol generatecall

Site

https://docs.circom.io/getting-started/proving-circuits/#verifying-from-a-smart-contract

生成合约

snarkjs zkey export solidityverifier multiplier2_0001.zkey verifier.sol

合约调用参数

snarkjs 工具集确实包括了生成零知识证明相关调用参数的功能。具体来说,snarkjs generatecall 命令可以生成用于调用智能合约的参数,这些参数通常用于验证 zk-SNARK 证明。

以下是如何使用 snarkjs generatecall 命令的详细说明:

示例命令

假设你已经生成了证明和公共输入文件,并且你想生成调用智能合约所需的参数:

snarkjs generatecall proof.json public.json

在这个命令中:

  • proof.json 是包含证明数据的文件。
  • public.json 是包含公共输入的文件。

输出

snarkjs generatecall 命令会输出一个 JSON 对象,包含调用智能合约所需的参数。这个 JSON 对象通常包括以下字段:

  • proof: 包含证明数据的数组。
  • publicSignals: 包含公共输入的数组。

示例输出

假设你有以下 proof.jsonpublic.json 文件:

proof.json:

{
  "pi_a": ["0x...", "0x..."],
  "pi_b": [
    ["0x...", "0x..."],
    ["0x...", "0x..."]
  ],
  "pi_c": ["0x...", "0x..."]
}

public.json:

["0x...", "0x..."]

运行 snarkjs generatecall proof.json public.json 后,输出可能如下:

{
  "proof": {
    "a": ["0x...", "0x..."],
    "b": [
      ["0x...", "0x..."],
      ["0x...", "0x..."]
    ],
    "c": ["0x...", "0x..."]
  },
  "publicSignals": ["0x...", "0x..."]
}

使用生成的参数调用智能合约

生成的参数可以直接用于调用智能合约的验证函数。例如,如果你使用的是 Solidity 合约,验证函数可能如下:

function verifyProof(
    uint[2] memory a,
    uint[2][2] memory b,
    uint[2] memory c,
    uint[] memory input
) public view returns (bool) {
    // 验证逻辑
}

你可以使用生成的参数来调用这个函数:

const proof = {
  a: ["0x...", "0x..."],
  b: [
    ["0x...", "0x..."],
    ["0x...", "0x..."],
  ],
  c: ["0x...", "0x..."],
};
const publicSignals = ["0x...", "0x..."];

const result = await contract.verifyProof(proof.a, proof.b, proof.c, publicSignals);
console.log(result); // true or false

完整示例

假设你有以下文件:

proof.json:

{
  "pi_a": ["0x1", "0x2"],
  "pi_b": [
    ["0x3", "0x4"],
    ["0x5", "0x6"]
  ],
  "pi_c": ["0x7", "0x8"]
}

public.json:

["0x9", "0xa"]

运行 snarkjs generatecall proof.json public.json 后,输出可能如下:

{
  "proof": {
    "a": ["0x1", "0x2"],
    "b": [
      ["0x3", "0x4"],
      ["0x5", "0x6"]
    ],
    "c": ["0x7", "0x8"]
  },
  "publicSignals": ["0x9", "0xa"]
}

你可以使用这个输出来调用智能合约的验证函数:

const proof = {
  a: ["0x1", "0x2"],
  b: [
    ["0x3", "0x4"],
    ["0x5", "0x6"],
  ],
  c: ["0x7", "0x8"],
};
const publicSignals = ["0x9", "0xa"];

const result = await contract.verifyProof(proof.a, proof.b, proof.c, publicSignals);
console.log(result); // true or false

通过这种方式,你可以使用 snarkjs generatecall 生成的参数来调用智能合约进行零知识证明验证。

alt text