Add proof input preprocessing (#30)

rozbb · weikengchen · web-flow · commit d0d725c3f02b · 2021-05-09T16:50:49.000-07:00
* Implemented groth16 public input preprocessing

* Added entry in CHANGELOG

* Update CHANGELOG.md

Co-authored-by: Weikeng Chen &lt;w.k@berkeley.edu&gt;
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,4 +1,5 @@
 ## Pending
+- [\#30](https://github.com/arkworks-rs/groth16/pull/30) Add proof input preprocessing.
 
 ### Breaking changes
 - [\#21](https://github.com/arkworks-rs/groth16/pull/21) Change the `generate_parameters` interface to take generators as input.
diff --git a/src/verifier.rs b/src/verifier.rs
@@ -17,13 +17,12 @@ pub fn prepare_verifying_key<E: PairingEngine>(vk: &VerifyingKey<E>) -> Prepared
     }
 }
 
-/// Verify a Groth16 proof `proof` against the prepared verification key `pvk`,
-/// with respect to the instance `public_inputs`.
-pub fn verify_proof<E: PairingEngine>(
+/// Prepare proof inputs for use with [`verify_proof_with_prepared_inputs`], wrt the prepared
+/// verification key `pvk` and instance public inputs.
+pub fn prepare_inputs<E: PairingEngine>(
     pvk: &PreparedVerifyingKey<E>,
-    proof: &Proof<E>,
     public_inputs: &[E::Fr],
-) -> R1CSResult<bool> {
+) -> R1CSResult<E::G1Projective> {
     if (public_inputs.len() + 1) != pvk.vk.gamma_abc_g1.len() {
         return Err(SynthesisError::MalformedVerifyingKey);
     }
@@ -33,10 +32,24 @@ pub fn verify_proof<E: PairingEngine>(
         g_ic.add_assign(&b.mul(i.into_repr()));
     }
 
+    Ok(g_ic)
+}
+
+/// Verify a Groth16 proof `proof` against the prepared verification key `pvk` and prepared public
+/// inputs. This should be preferred over [`verify_proof`] if the instance's public inputs are
+/// known in advance.
+pub fn verify_proof_with_prepared_inputs<E: PairingEngine>(
+    pvk: &PreparedVerifyingKey<E>,
+    proof: &Proof<E>,
+    prepared_inputs: &E::G1Projective,
+) -> R1CSResult<bool> {
     let qap = E::miller_loop(
         [
             (proof.a.into(), proof.b.into()),
-            (g_ic.into_affine().into(), pvk.gamma_g2_neg_pc.clone()),
+            (
+                prepared_inputs.into_affine().into(),
+                pvk.gamma_g2_neg_pc.clone(),
+            ),
             (proof.c.into(), pvk.delta_g2_neg_pc.clone()),
         ]
         .iter(),
@@ -46,3 +59,14 @@ pub fn verify_proof<E: PairingEngine>(
 
     Ok(test == pvk.alpha_g1_beta_g2)
 }
+
+/// Verify a Groth16 proof `proof` against the prepared verification key `pvk`,
+/// with respect to the instance `public_inputs`.
+pub fn verify_proof<E: PairingEngine>(
+    pvk: &PreparedVerifyingKey<E>,
+    proof: &Proof<E>,
+    public_inputs: &[E::Fr],
+) -> R1CSResult<bool> {
+    let prepared_inputs = prepare_inputs(pvk, public_inputs)?;
+    verify_proof_with_prepared_inputs(pvk, proof, &prepared_inputs)
+}

Original file line number	Diff line number	Diff line change
`@@ -1,4 +1,5 @@`
`1`	`1`	`## Pending`
	`2`	`+- [\#30](https://github.com/arkworks-rs/groth16/pull/30) Add proof input preprocessing.`
`2`	`3`
`3`	`4`	`### Breaking changes`
`4`	`5`	- [\#21](https://github.com/arkworks-rs/groth16/pull/21) Change the `generate_parameters` interface to take generators as input.