7 unstable releases
0.5.0 | Oct 28, 2024 |
---|---|
0.5.0-alpha.0 | Jun 20, 2024 |
0.4.0 | Jan 17, 2023 |
0.4.0-alpha.2 | Dec 28, 2022 |
0.2.0 | Mar 25, 2021 |
#996 in Cryptography
124,958 downloads per month
Used in 447 crates
(28 directly)
685KB
14K
SLoC
arkworks::algebra
The arkworks ecosystem consist of Rust libraries for designing and working with zero knowledge succinct non-interactive arguments (zkSNARKs). This repository contains efficient implementations of the key algebraic components underlying zkSNARKs: finite fields, elliptic curves, and polynomials.
This library is released under the MIT License and the Apache v2 License (see License).
WARNING: This is an academic proof-of-concept prototype, and in particular has not received careful code review. This implementation is NOT ready for production use.
Directory structure
This repository contains several Rust crates:
ark-ff
: Generic abstractions for, and implementations of various kinds of finite fieldsark-ec
: Generic abstractions for prime-order groups, and implementations of various kinds of (pairing-friendly and standard) elliptic curvesark-poly
: Interfaces for univariate, multivariate, and multilinear polynomials, and FFTs over finite fieldsark-serialize
: Efficient interfaces for serialization and point compression for finite fields and elliptic curves
In addition, the curves
repository contains concrete implementations of popular elliptic curves; see here for details.
Build guide
The library compiles on the stable
toolchain of the Rust compiler (v 1.51 ). To install the latest version of Rust, first install rustup
by following the instructions here, or via your platform's package manager. Once rustup
is installed, install the Rust toolchain by invoking:
rustup install stable
After that, use cargo
, the standard Rust build tool, to build the libraries:
git clone https://github.com/arkworks-rs/algebra.git
cd algebra
cargo build --release
Tests
This library comes with comprehensive unit and integration tests for each of the provided crates. Run the tests with:
cargo test --all
Benchmarks
To run the benchmarks, install the nightly Rust toolchain, via rustup install nightly
, and then run the following command:
cargo nightly bench
Assembly backend for field arithmetic
The ark-ff
crate contains (off-by-default) optimized assembly implementations of field arithmetic that rely on the adcxq
, adoxq
and mulxq
instructions. These are available on most x86_64
platforms (Broadwell onwards for Intel and Ryzen onwards for AMD). Using this backend can lead to a 30-70% speedup in finite field and elliptic curve arithmetic. To build with this backend enabled, run the following command:
RUSTFLAGS="-C target-feature= bmi2, adx" cargo [test/build/bench] --features asm
To enable this in the Cargo.toml
of your own projects, enable the asm
feature flag:
ark-ff = { version = "0.4", features = [ "asm" ] }
Note that because inline assembly support in Rust is currently unstable, using this backend requires using the Nightly compiler at the moment.
License
The crates in this repository are licensed under either of the following licenses, at your discretion.
- Apache License Version 2.0 (LICENSE-APACHE or apache.org license link)
- MIT license (LICENSE-MIT or opensource.org license link)
Unless you explicitly state otherwise, any contribution submitted for inclusion in this library by you shall be dual licensed as above (as defined in the Apache v2 License), without any additional terms or conditions.
Acknowledgements
This work was supported by: a Google Faculty Award; the National Science Foundation; the UC Berkeley Center for Long-Term Cybersecurity; and donations from the Ethereum Foundation, the Interchain Foundation, and Qtum.
An earlier version of this library was developed as part of the paper "ZEXE: Enabling Decentralized Private Computation".
lib.rs
:
This library implements the BLS12_377 curve generated in [BCGMMW20, “Zexe”]. The name denotes that it is a Barreto--Lynn--Scott curve of embedding degree 12, defined over a 377-bit (prime) field. The main feature of this curve is that both the scalar field and the base field are highly 2-adic. (This is in contrast to the BLS12_381 curve for which only the scalar field is highly 2-adic.)
Curve information:
- Base field: q = 258664426012969094010652733694893533536393512754914660539884262666720468348340822774968888139573360124440321458177
- Scalar field: r = 8444461749428370424248824938781546531375899335154063827935233455917409239041
- valuation(q - 1, 2) = 46
- valuation(r - 1, 2) = 47
- G1 curve equation: y^2 = x^3 1
- G2 curve equation: y^2 = x^3 B, where
- B = Fq2(0, 155198655607781456406391640216936120121836107652948796323930557600032281009004493664981332883744016074664192874906)
Dependencies
~3.5–5MB
~88K SLoC