microsoft
diff --git a/‎.github/workflows/rust.yml
+21 b/‎.github/workflows/rust.yml
+21
diff --git a/‎.gitignore
+12 b/‎.gitignore
+12
diff --git a/‎CONTRIBUTING.md
+12 b/‎CONTRIBUTING.md
+12
diff --git a/‎Cargo.toml
+64 b/‎Cargo.toml
+64
diff --git a/‎NOTICE.md
+121 b/‎NOTICE.md
+121
diff --git a/‎README.md
+35-14 b/‎README.md
+35-14
diff --git a/‎benches/commitments.rs
+48 b/‎benches/commitments.rs
+48
@@ -0,0 +1,21 @@
+name: Rust
+
+on:
+  push:
+    branches: [ master ]
+  pull_request:
+    branches: [ master ]
+
+jobs:
+  build:
+
+    runs-on: ubuntu-latest
+
+    steps:
+    - uses: actions/checkout@v2
+    - name: Install
+      run: rustup default nightly
+    - name: Build
+      run: cargo build --verbose
+    - name: Run tests
+      run: cargo test --verbose
@@ -0,0 +1,12 @@
+# Generated by Cargo
+# will have compiled files and executables
+/target/
+
+# Remove Cargo.lock from gitignore if creating an executable, leave it for libraries
+# More information here https://doc.rust-lang.org/cargo/guide/cargo-toml-vs-cargo-lock.html
+Cargo.lock
+
+# These are backup files generated by rustfmt
+**/*.rs.bk
+
+*.txt
@@ -0,0 +1,12 @@
+This project welcomes contributions and suggestions. Most contributions require you to
+agree to a Contributor License Agreement (CLA) declaring that you have the right to,
+and actually do, grant us the rights to use your contribution. For details, visit
+https://cla.microsoft.com.
+
+When you submit a pull request, a CLA-bot will automatically determine whether you need
+to provide a CLA and decorate the PR appropriately (e.g., label, comment). Simply follow the
+instructions provided by the bot. You will only need to do this once across all repositories using our CLA.
+
+This project has adopted the [Microsoft Open Source Code of Conduct](https://opensource.microsoft.com/codeofconduct/).
+For more information see the [Code of Conduct FAQ](https://opensource.microsoft.com/codeofconduct/faq/)
+or contact [opencode@microsoft.com](mailto:opencode@microsoft.com) with any additional questions or comments.
@@ -0,0 +1,64 @@
+[package]
+name = "spartan"
+version = "0.1.0"
+authors = ["Srinath Setty <srinath@microsoft.com>"]
+edition = "2018"
+
+[dependencies]
+curve25519-dalek = { version = "2", features = ["serde"]}
+merlin = "2.0.0"
+rand = "0.7.3"
+digest = "0.8.1"
+sha3 = "0.8.2"
+byteorder = "1.3.4"
+rayon = "1.3.0"
+serde = { version = "1.0.106", features = ["derive"] }
+bincode = "1.2.1"
+subtle = { version = "^2.2.2", default-features = false }
+rand_core = { version = "0.5", default-features = false }
+zeroize = { version = "1", default-features = false }
+itertools = "0.9.0"
+colored = "1.9.3"
+flate2 = "1.0.14"
+
+[dev-dependencies]
+criterion = "0.3.1"
+
+[lib]
+name = "libspartan"
+path = "src/lib.rs"
+
+[[bin]]
+name = "profiler"
+path = "src/profiler.rs"
+
+[[bench]]
+name = "commitments"
+harness = false
+
+[[bench]]
+name = "dotproduct"
+harness = false
+
+[[bench]]
+name = "polycommit"
+harness = false
+
+[[bench]]
+name = "r1csproof"
+harness = false
+
+[[bench]]
+name = "spartan"
+harness = false
+
+[[bench]]
+name = "sumcheck"
+harness = false
+
+[features]
+simd_backend = ["curve25519-dalek/simd_backend"]
+rayon_par = []
+profile = []
+
+default = ["simd_backend"]
@@ -0,0 +1,121 @@
+This repository includes the following third-party open-source code.
+
+* The code in scalar_25519.rs is derived from [bls12-381](https://github.com/zkcrypto/bls12_381). 
+Specifically, from [src/bls12_381/scalar.rs](https://github.com/zkcrypto/bls12_381/blob/master/src/scalar.rs) and [src/bls12_381/util.rs](https://github.com/zkcrypto/bls12_381/blob/master/src/util.rs), which has the following copyright and license.
+
+Permission is hereby granted, free of charge, to any
+person obtaining a copy of this software and associated
+documentation files (the "Software"), to deal in the
+Software without restriction, including without
+limitation the rights to use, copy, modify, merge,
+publish, distribute, sublicense, and/or sell copies of
+the Software, and to permit persons to whom the Software
+is furnished to do so, subject to the following
+conditions:
+
+The above copyright notice and this permission notice
+shall be included in all copies or substantial portions
+of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF
+ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED
+TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A
+PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT
+SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
+CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR
+IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
+DEALINGS IN THE SOFTWARE.
+
+
+* The invert and batch_invert methods in src/scalar_25519.rs is from [curve25519-dalek](https://github.com/dalek-cryptography/curve25519-dalek), which has the following copyright and license.
+
+Copyright (c) 2016-2019 Isis Agora Lovecruft, Henry de Valence. All rights reserved.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions are
+met:
+
+1. Redistributions of source code must retain the above copyright
+notice, this list of conditions and the following disclaimer.
+
+2. Redistributions in binary form must reproduce the above copyright
+notice, this list of conditions and the following disclaimer in the
+documentation and/or other materials provided with the distribution.
+
+3. Neither the name of the copyright holder nor the names of its
+contributors may be used to endorse or promote products derived from
+this software without specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS
+IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
+TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
+TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 
+
+========================================================================
+
+Portions of curve25519-dalek were originally derived from Adam Langley's
+Go ed25519 implementation, found at <https://github.com/agl/ed25519/>,
+under the following licence:
+
+========================================================================
+
+Copyright (c) 2012 The Go Authors. All rights reserved.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions are
+met:
+
+   * Redistributions of source code must retain the above copyright
+notice, this list of conditions and the following disclaimer.
+   * Redistributions in binary form must reproduce the above
+copyright notice, this list of conditions and the following disclaimer
+in the documentation and/or other materials provided with the
+distribution.
+   * Neither the name of Google Inc. nor the names of its
+contributors may be used to endorse or promote products derived from
+this software without specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS
+IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
+TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER
+OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
+EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+
+* The bullet.rs is derived from [bulletproofs](https://github.com/dalek-cryptography/bulletproofs/), which has the following license:
+
+MIT License
+
+Copyright (c) 2018 Chain, Inc.
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.
@@ -1,14 +1,35 @@
-
-# Contributing
-
-This project welcomes contributions and suggestions.  Most contributions require you to agree to a
-Contributor License Agreement (CLA) declaring that you have the right to, and actually do, grant us
-the rights to use your contribution. For details, visit https://cla.opensource.microsoft.com.
-
-When you submit a pull request, a CLA bot will automatically determine whether you need to provide
-a CLA and decorate the PR appropriately (e.g., status check, comment). Simply follow the instructions
-provided by the bot. You will only need to do this once across all repos using our CLA.
-
-This project has adopted the [Microsoft Open Source Code of Conduct](https://opensource.microsoft.com/codeofconduct/).
-For more information see the [Code of Conduct FAQ](https://opensource.microsoft.com/codeofconduct/faq/) or
-contact [opencode@microsoft.com](mailto:opencode@microsoft.com) with any additional questions or comments.
+# Spartan: High-speed zkSNARKs without trusted setup
+
+![Rust](https://github.com/microsoft/Spartan/workflows/Rust/badge.svg)
+
+Spartan is a research project to design high-speed zero-knowledge proof systems, a cryptographic protocol that enables a prover to prove a mathematical statement (e.g., that a given program was executed correctly) without revealing anything besides the validity of the statement. 
+
+The current repository includes a library that implements 
+a zero-knowledge succinct non-interactive arguments of knowledge (zkSNARKs), a type of zero-knowledge proof system with short proofs and verification times. Unlike many other zkSNARKs, Spartan does not require a trusted setup and its security relies on the hardness of computing discrete logarithms (a well-studied assumption). The scheme is described in our [paper](https://eprint.iacr.org/2019/550).
+
+## Building libspartan
+    cargo build
+    # On a machine that supports avx2 or ifma instructions:
+    export RUSTFLAGS="-C target_cpu=native" 
+    cargo build --features "simd_backend" --release
+
+## Performance
+    cargo build
+    # On a machine that supports avx2 or ifma instructions:
+    export RUSTFLAGS="-C target_cpu=native" 
+    cargo build --features "simd_backend,profile" --release
+    ./target/release/profiler
+
+    cargo bench
+    # On a machine that supports avx2 or ifma instructions:
+    export RUSTFLAGS="-C target_cpu=native" 
+    cargo bench --features "simd_backend"
+
+
+## LICENSE
+
+See [LICENSE](./LICENSE)
+
+## Contributing
+
+See [CONTRIBUTING](./CONTRIBUTING.md)
@@ -0,0 +1,48 @@
+extern crate byteorder;
+extern crate core;
+extern crate criterion;
+extern crate curve25519_dalek;
+extern crate digest;
+extern crate libspartan;
+extern crate merlin;
+extern crate rand;
+extern crate sha3;
+
+use libspartan::commitments::{Commitments, MultiCommitGens};
+use libspartan::math::Math;
+use libspartan::scalar::Scalar;
+use rand::rngs::OsRng;
+
+use criterion::*;
+
+fn commitment_benchmark(c: &mut Criterion) {
+  let mut rng = OsRng;
+  for &s in [20].iter() {
+    let plot_config = PlotConfiguration::default().summary_scale(AxisScale::Logarithmic);
+    let mut group = c.benchmark_group("commitment_bools");
+    group.plot_config(plot_config);
+
+    let n = (s as usize).pow2();
+    let gens = MultiCommitGens::new(n, b"test-m");
+    let blind = Scalar::random(&mut rng);
+    let vec: Vec<bool> = vec![true; n];
+    let name = format!("commitment_bools_{}", n);
+    group.bench_function(&name, move |b| {
+      b.iter(|| vec.commit(black_box(&blind), black_box(&gens)));
+    });
+    group.finish();
+  }
+}
+
+fn set_duration() -> Criterion {
+  Criterion::default().sample_size(10)
+  // .measurement_time(Duration::new(0, 50000000))
+}
+
+criterion_group! {
+name = benches_commitment;
+config = set_duration();
+targets = commitment_benchmark
+}
+
+criterion_main!(benches_commitment);