-
Notifications
You must be signed in to change notification settings - Fork 361
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
* docs: add reference to gnark-crypto * docs: update readme * docs: add audit reports * docs: LA audit scope * docs: add Diligence audit * docs: fix audit links * docs: use all-version Zenodo link * docs: fix links * docs: fix solidity checker ref * docs: fix section link * docs: add changelog * docs: move audit PDFs and add new reports * docs: add known users
- Loading branch information
Showing
8 changed files
with
1,378 additions
and
15 deletions.
There are no files selected for viewing
Large diffs are not rendered by default.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -5,8 +5,11 @@ | |
[![PkgGoDev](https://pkg.go.dev/badge/mod/github.com/consensys/gnark)](https://pkg.go.dev/mod/github.com/consensys/gnark) | ||
[![Documentation Status](https://readthedocs.com/projects/pegasys-gnark/badge/)][`gnark` User Documentation] [![DOI](https://zenodo.org/badge/DOI/10.5281/zenodo.5819104.svg)](https://doi.org/10.5281/zenodo.5819104) | ||
|
||
`gnark` is a fast zk-SNARK library that offers a high-level API to design circuits. The library is open source and developed under the Apache 2.0 license | ||
`gnark` is a fast zk-SNARK library that offers a high-level API to design circuits. The library is open source and developed under the Apache 2.0 license. | ||
|
||
`gnark` uses [`gnark-crypto`] for the finite-field arithmetic and out-circuit implementation of cryptographic algorithms. | ||
|
||
`gnark` powers [`Linea zk-rollup`](https://linea.build). Include your project in the [known users](docs/KNOWN_USERS.md) section by opening a PR. | ||
|
||
## Useful Links | ||
|
||
|
@@ -24,11 +27,40 @@ To get started with `gnark` and write your first circuit, follow [these instruct | |
Checkout the [online playground][`gnark` Playground] to compile circuits and visualize constraint systems. | ||
|
||
|
||
## Warning | ||
## Security | ||
|
||
**`gnark` and [`gnark-crypto`] have been [extensively audited](#audits), but are provided as-is, we make no guarantees or warranties to its safety and reliability. In particular, `gnark` makes no security guarantees such as constant time implementation or side-channel attack resistance.** | ||
|
||
**To report a security bug, please refer to [`gnark` Security Policy](SECURITY.md).** | ||
|
||
Refer to [known security advisories](https://github.com/Consensys/gnark/security/advisories?state=published) for a list of known security issues. | ||
|
||
## Testing | ||
|
||
**`gnark` has been [partially audited](https://github.com/ConsenSys/gnark-crypto/blob/master/audit_oct2022.pdf) and is provided as-is, we make no guarantees or warranties to its safety and reliability. In particular, `gnark` makes no security guarantees such as constant time implementation or side-channel attack resistance.** | ||
`gnark` employs the following testing procedures: | ||
* unit testing - we test the primitives in unit tests | ||
* circuit testing - we test the circuit implementation against several targets: | ||
- test engine - instead of running the full prover and verifier stack, we run the computations only to ensure the completeness of the circuits | ||
- proof engines - we compile the circuits, run the setup, prove and verify using native implementation | ||
- Solidity verifier - in addition to the previous, we verify the proofs in Solidity verifier. See [`gnark-solidity-checker`] | ||
* regression testing - we have implemented [tests for reported issues](internal/regression_tests) to avoid regressions | ||
* constraint count testing - we have implemented [circuit size tests](internal/stats) to avoid regressions | ||
* serialization testing - we check that [serialization round-trip is complete](io/roundtrip.go) | ||
* side-effect testing - we check that circuit [compilation is deterministic](test/assert.go) | ||
* fuzz testing: | ||
- circuit input fuzzing - we provide random inputs to the circuit to cause solver error | ||
- native input fuzzing - we provide random inputs to various native methods to cause errors. We have also stored initial fuzzing corpus for regression tests. | ||
- circuit definition fuzzing - we cooperate with Consensys Diligence to fuzz the circuit definitions to find bugs in the `gnark` circuit compiler. | ||
|
||
`gnark` and `gnark-crypto` packages are optimized for 64bits architectures (x86 `amd64`) and tested on Unix (Linux / macOS). | ||
The tests are automatically run during every PR and merge commit. We run full test suite only for the Linux on `amd64` target, but run short tests both for Windows target (`amd64`) and macOS target (`arm64`). | ||
|
||
## Performance | ||
|
||
`gnark` and `gnark-crypto` packages are optimized for 64bits architectures (x86 `amd64`) using assembly operations. We have generic implementation of the same arithmetic algorithms for ARM backends (`arm64`). We do not implement vector operations. | ||
|
||
## Backwards compatibility | ||
|
||
`gnark` tries to be backwards compatible when possible, however we do not guarantee that serialized object formats are static over different versions of `gnark`. Particularly - we do not have versioning implemented in the serialized formats, so using files between different versions of gnark may lead to undefined behaviour or even crash the program. | ||
|
||
## Issues | ||
|
||
|
@@ -44,6 +76,17 @@ You can also get in touch directly: [email protected] | |
|
||
[Release Notes](CHANGELOG.md) | ||
|
||
## Audits | ||
|
||
* [Kudelski Security - October 2022 - gnark-crypto (contracted by Algorand Foundation)](audits/2022-10%20-%20Kudelski%20-%20gnark-crypto.pdf) | ||
* [Sigma Prime - May 2023 - gnark-crypto KZG (contracted by Ethereum Foundation)](audits/2024-05%20-%20Sigma%20Prime%20-%20kzg.pdf) | ||
* [Consensys Diligence - June 2023 - gnark PLONK Solidity verifier](https://consensys.io/diligence/audits/2023/06/linea-plonk-verifier/) | ||
* [LeastAuthority - August 2023 - gnark Groth16 Solidity verifier template (contracted by Worldcoin)](https://leastauthority.com/wp-content/uploads/2023/08/Worldcoin_Groth16_Verifier_in_EVM_Smart_Contract_Final_Audit_Report.pdf) | ||
* [OpenZeppelin - November 2023 - gnark PLONK Solidity verifier template](https://blog.openzeppelin.com/linea-verifier-audit-1) | ||
* [ZKSecurity.xyz - May 2024 - gnark standard library](audits/2024-05%20-%20zksecurity%20-%20gnark%20std.pdf) | ||
* [OpenZeppelin - June 2024 - gnark PLONK prover and verifier](https://blog.openzeppelin.com/linea-prover-audit) | ||
* [LeastAuthority - July 2024 - gnark general and GKR (initial report)](audits/2024-07%20-%20Least%20Authority%20-%20arithm%20and%20GKR.pdf) | ||
|
||
## Proving schemes and curves | ||
|
||
Refer to [Proving schemes and curves] for more details. | ||
|
@@ -148,17 +191,17 @@ If you use `gnark` in your research a citation would be appreciated. | |
Please use the following BibTeX to cite the most recent release. | ||
|
||
```bib | ||
@software{gnark-v0.9.0, | ||
@software{gnark-v0.10.0, | ||
author = {Gautam Botrel and | ||
Thomas Piellard and | ||
Youssef El Housni and | ||
Ivo Kubjas and | ||
Arya Tabaie}, | ||
title = {ConsenSys/gnark: v0.9.0}, | ||
month = feb, | ||
year = 2023, | ||
title = {ConsenSys/gnark: v0.10.0}, | ||
month = apr, | ||
year = 2024, | ||
publisher = {Zenodo}, | ||
version = {v0.9.0}, | ||
version = {v0.10.0}, | ||
doi = {10.5281/zenodo.5819104}, | ||
url = {https://doi.org/10.5281/zenodo.5819104} | ||
} | ||
|
@@ -183,3 +226,5 @@ This project is licensed under the Apache 2 License - see the [LICENSE](LICENSE) | |
[Proving schemes and curves]: https://docs.gnark.consensys.net/Concepts/schemes_curves | ||
[`gnark-announce`]: https://groups.google.com/g/gnark-announce | ||
[@gnark_team]: https://twitter.com/gnark_team | ||
[`gnark-crypto`]: https://github.com/Consensys/gnark-crypto | ||
[`gnark-solidity-checker`]: https://github.com/Consensys/gnark-solidity-checker |
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,14 +1,14 @@ | ||
@software{gnark-v0.7, | ||
@software{gnark-v0.10.0, | ||
author = {Gautam Botrel and | ||
Thomas Piellard and | ||
Youssef El Housni and | ||
Ivo Kubjas and | ||
Arya Tabaie}, | ||
title = {ConsenSys/gnark: v0.7.0}, | ||
month = march, | ||
year = 2022, | ||
title = {ConsenSys/gnark: v0.10.0}, | ||
month = apr, | ||
year = 2024, | ||
publisher = {Zenodo}, | ||
version = {v0.7.0}, | ||
version = {v0.10.0}, | ||
doi = {10.5281/zenodo.5819104}, | ||
url = {https://doi.org/10.5281/zenodo.5819104} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,3 @@ | ||
# Known `gnark` users | ||
|
||
* [Linea](https://linea.build) - Ethereum L2 rollup based on ZKPs. gnark is used for precompile proving, Vortex proof recursive verification, 2-chain proof aggregation, proof compression to BN254 and PLONK Solidity verification. gnark-crypto is used for finite field arithmetic. |