The JS (typescript really) package for generating & verifying ZK proofs for symmetric encryption, on the browser or NodeJS.
npm i @reclaimprotocol/zk-symmetric-cryptoThe individual backends are optional dependencies. You can install them as needed.
For snarkjs: npm i snarkjs
For gnark: npm i koffi
- Also ensure you download the gnark binaries. See here
- Note: gnark is not supported on the browser.
- Note: gnark binaries are only built for linux - x86_64 & arm64
For expander: No additional dependencies needed
import { generateProof, verifyProof, makeSnarkJsZkOperator } from '@reclaimprotocol/zk-symmetric-crypto'
import { createCipheriv, randomBytes } from 'crypto'
async function main() {
const key = randomBytes(32)
const iv = randomBytes(12)
const algorithm = 'chacha20'
const data = 'Hello World!'
const cipher = createCipheriv('chacha20-poly1305', key, iv)
const ciphertext = Buffer.concat([
cipher.update(data),
cipher.final()
])
// the operator is the abstract interface for
// the snarkjs library to generate & verify the proof
const operator = makeLocalSnarkJsZkOperator(algorithm)
// generate the proof that you have the key to the ciphertext
const {
// groth16-snarkjs proof as a JSON string
proofJson,
// the plaintext, obtained from the output of the circuit
plaintext,
} = await generateProof({
algorithm,
// key, iv & counter are the private inputs to the circuit
privateInput: {
key,
iv,
// this is the counter from which to start
// the stream cipher. Read about
// the counter here: https://en.wikipedia.org/wiki/Stream_cipher
offset: 0
},
// the public ciphertext input to the circuit
publicInput: { ciphertext },
operator,
})
// you can check that the plaintext obtained from the circuit
// is the same as the plaintext obtained from the ciphertext
const plaintextBuffer = plaintext
// slice in case the plaintext was padded
.slice(0, data.length)
// "Hello World!"
console.log(Buffer.from(plaintextBuffer).toString())
// you can verify the proof with the public inputs
// and the proof JSON string
await verifyProof({
proof: {
proofJson,
plaintext,
algorithm
},
// the public inputs to the circuit
publicInput: { ciphertext },
operator
})
console.log('Proof verified')
}
main()Since the proving keys, binaries, circuits etc. are quite large, they aren't included by default in this package. Instead, the package will remotely fetch them as needed from this repository.
Limitations of Remote Fetching:
gnarkrequires the binaries to be present locally. So the files need to be present in thebinfolder of the repo.- It can of course be quite a pain to keep downloading dozens of MBs of files every time you run your code, especially when you're developing.
Thus, to overcome this, you can locally download the files & use the local file fetching by running the script:
node node_modules/@reclaimprotocol/zk-symmetric-crypto/lib/scripts/download-filesNow, you can use the local file fetcher right out of the box.
Do keep in mind, if you update the package, you will need to run this script again. This is intentional as newer versions of the package may need newer files or just may not be compatible with the old ones
- Of course, clone the repo
cdinto this directory (js)npm inpm run testto run the tests
Note: just FYI, the circuit files are symlinked to the root of the repo (i.e. resources & bin folders). So during local dev, the default local fetching works right out of the box.
To publish the package, we've a Github Action that will build the package & publish it to the Github Package Registry. It can be manually triggered by running the workflow Publish to NPM in the Actions tab.