{"id":28569922,"url":"https://github.com/dalek-cryptography/zkp","last_synced_at":"2025-06-10T17:39:41.163Z","repository":{"id":50543882,"uuid":"92797433","full_name":"dalek-cryptography/zkp","owner":"dalek-cryptography","description":"Experimental zero-knowledge proof compiler in Rust macros","archived":false,"fork":false,"pushed_at":"2023-10-23T16:45:45.000Z","size":124,"stargazers_count":150,"open_issues_count":4,"forks_count":33,"subscribers_count":9,"default_branch":"master","last_synced_at":"2024-03-25T20:09:26.638Z","etag":null,"topics":["cryptography","elliptic-curves","rust-macro","zero-knowledge"],"latest_commit_sha":null,"homepage":"","language":"Rust","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/dalek-cryptography.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2017-05-30T04:18:02.000Z","updated_at":"2024-01-17T16:18:22.000Z","dependencies_parsed_at":"2022-08-29T22:12:19.393Z","dependency_job_id":null,"html_url":"https://github.com/dalek-cryptography/zkp","commit_stats":null,"previous_names":[],"tags_count":8,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dalek-cryptography%2Fzkp","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dalek-cryptography%2Fzkp/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dalek-cryptography%2Fzkp/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dalek-cryptography%2Fzkp/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/dalek-cryptography","download_url":"https://codeload.github.com/dalek-cryptography/zkp/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dalek-cryptography%2Fzkp/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":259118834,"owners_count":22808064,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cryptography","elliptic-curves","rust-macro","zero-knowledge"],"created_at":"2025-06-10T17:39:39.625Z","updated_at":"2025-06-10T17:39:41.133Z","avatar_url":"https://github.com/dalek-cryptography.png","language":"Rust","funding_links":[],"categories":[],"sub_categories":[],"readme":"# zkp: a toolkit for Schnorr proofs\n\nThis crate has a toolkit for Schnorr-style zero-knowledge proofs,\ninstantiated using the ristretto255 group.\n\nIt provides two levels of API:\n\n* a higher-level, declarative API based around the `define_proof` macro,\n  which provides an embedded DSL for specifying proof statements in\n  Camenisch-Stadler-like notation:\n  ```\n  define_proof! {\n    vrf_proof,   // Name of the module for generated implementation\n    \"VRF\",       // Label for the proof statement\n    (x),         // Secret variables\n    (A, G, H),   // Public variables unique to each proof\n    (B) :        // Public variables common between proofs\n    A = (x * B), // Statements to prove\n    G = (x * H) \n    }\n  ```\n  This expands into a module containing an implementation of proving,\n  verification, and batch verification.  Proving uses constant-time\n  implementations, and the proofs have a derived implementation of\n  (memory-safe) serialization and deserialization via Serde.\n\n* a lower-level, imperative API inspired by [Bellman][bellman], which\n  provides a constraint system for Schnorr-style statements.  This\n  allows programmable construction of proof statements at runtime.  The\n  higher-level `define_proof` macro expands into an invocation of the\n  lower-level API.\n  The lower-level API is contained in the `toolbox` module.\n\n# Examples\n\nExamples of how to use the API can be found in the library's `tests`\ndirectory.\n\nCurrently, the examples include:\n\n* Specification of an \"anonymous credential presentation with 10 hidden\n  attributes\" proof from CMZ'13.  Depending on the backend selection, the\n  generated implementation is between 20 to 40 times faster than the benchmark\n  numbers reported in that paper.\n\n* A transcript-based signature and VRF construction with an auto-generated\n  implementation.  This includes an example of using the online interactive\n  composition [described in the Merlin blog post][merlin_blog] to provide chained\n  signatures with a counterparty.\n\n* An example of using the lower-level constraint system API.\n\n\n# Use and features\n\nTo enable the `define_proof` macro, import the crate like so:\n```\n#[macro_use]\nextern crate zkp;\n```\n\n#### Nightly features\n\nThe `nightly` feature enables nightly-specific features.  It is required\nto build the documentation.\n\n#### Backend selection\n\n`zkp` provides the following pass-through features to select a\n`curve25519-dalek` backend:\n\n* `u32_backend`\n* `u64_backend`\n* `simd_backend`\n\n#### Transcript debugging\n\nThe `debug-transcript` feature is for development and testing, and\nprints a log of the data fed into the proof transcript.\n\n#### Autogenerated benchmarks\n\nThe `define_proof` macro builds benchmarks for the generated proof\nstatements, but because these are generated in the client crate (where\nthe macro expansion happens), they need an extra step to be enabled.\n\n**To enable generated benchmarks in your crate, do the following**:\n\n* Add a `bench` feature to your crate's `Cargo.toml`;\n* Add `#[cfg_attr(feature = \"bench\", feature(test))]` to your crate's\n  `lib.rs` or `main.rs`, to enable Rust's nightly-only benchmark\n  feature.\n\n# WARNING\n\n**THIS IMPLEMENTATION IS NOT YET READY FOR PRODUCTION USE**\n\nWhile I expect the 1.0 version to be largely unchanged from the current\ncode, for now there are no stability guarantees on the proofs, so they\nshould not yet be deployed.\n\n[bellman]: https://github.com/zkcrypto/bellman\n[merlin_blog]: https://medium.com/@hdevalence/merlin-flexible-composable-transcripts-for-zero-knowledge-proofs-28d9fda22d9a\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdalek-cryptography%2Fzkp","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fdalek-cryptography%2Fzkp","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdalek-cryptography%2Fzkp/lists"}