github.com/consensys/gnark@v0.11.0/backend/plonk/bn254/unmarshal.go

github.com/consensys/gnark@v0.11.0/backend/plonk/bn254/unmarshal.go (about)

     1  package plonk
     2  
     3  import (
     4  	"github.com/consensys/gnark-crypto/ecc/bn254"
     5  	"github.com/consensys/gnark-crypto/ecc/bn254/fr"
     6  )
     7  
     8  func UnmarshalSolidity(s []byte, nbCommits int) Proof {
     9  
    10  	var proof Proof
    11  	offset := 0
    12  	point_size := 64
    13  	fr_size := 32
    14  	proof.BatchedProof.ClaimedValues = make([]fr.Element, 7+nbCommits)
    15  	proof.Bsb22Commitments = make([]bn254.G1Affine, nbCommits)
    16  
    17  	// uint256 l_com_x;
    18  	// uint256 l_com_y;
    19  	// uint256 r_com_x;
    20  	// uint256 r_com_y;
    21  	// uint256 o_com_x;
    22  	// uint256 o_com_y;
    23  	for i := 0; i < 3; i++ {
    24  		proof.LRO[i].Unmarshal(s[offset : offset+point_size])
    25  		offset += point_size
    26  	}
    27  
    28  	// uint256 h_0_x;
    29  	// uint256 h_0_y;
    30  	// uint256 h_1_x;
    31  	// uint256 h_1_y;
    32  	// uint256 h_2_x;
    33  	// uint256 h_2_y;
    34  	for i := 0; i < 3; i++ {
    35  		proof.H[i].Unmarshal(s[offset : offset+point_size])
    36  		offset += point_size
    37  	}
    38  
    39  	// uint256 l_at_zeta;
    40  	// uint256 r_at_zeta;
    41  	// uint256 o_at_zeta;
    42  	// uint256 s1_at_zeta;
    43  	// uint256 s2_at_zeta;
    44  	for i := 1; i < 6; i++ {
    45  		proof.BatchedProof.ClaimedValues[i].SetBytes(s[offset : offset+fr_size])
    46  		offset += fr_size
    47  	}
    48  
    49  	// uint256 grand_product_commitment_x;
    50  	// uint256 grand_product_commitment_y;
    51  	proof.Z.Unmarshal(s[offset : offset+point_size])
    52  	offset += point_size
    53  
    54  	// uint256 grand_product_at_zeta_omega;
    55  	proof.ZShiftedOpening.ClaimedValue.SetBytes(s[offset : offset+fr_size])
    56  	offset += fr_size
    57  
    58  	// we skip the claimed value of the linearised polynomial at zeta as
    59  	// it is not in the marshal solidity proof
    60  
    61  	// uint256 opening_at_zeta_proof_x;
    62  	// uint256 opening_at_zeta_proof_y;
    63  	proof.BatchedProof.H.Unmarshal(s[offset : offset+point_size])
    64  	offset += point_size
    65  
    66  	// uint256 opening_at_zeta_omega_proof_x;
    67  	// uint256 opening_at_zeta_omega_proof_y;
    68  	proof.ZShiftedOpening.H.Unmarshal(s[offset : offset+point_size])
    69  	offset += point_size
    70  
    71  	// uint256[] selector_commit_api_at_zeta;
    72  	// uint256[] wire_committed_commitments;
    73  	for i := 0; i < nbCommits; i++ {
    74  		proof.BatchedProof.ClaimedValues[6+i].SetBytes(s[offset : offset+fr_size])
    75  		offset += fr_size
    76  	}
    77  
    78  	for i := 0; i < nbCommits; i++ {
    79  		proof.Bsb22Commitments[i].Unmarshal(s[offset : offset+point_size])
    80  		offset += point_size
    81  	}
    82  
    83  	return proof
    84  }