Generates circuit assets #37
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Generates circuit assets | |
on: | |
workflow_dispatch: | |
inputs: | |
maxDepth: | |
description: 'Maximum depth of the slot tree' | |
default: '32' | |
maxSlots: | |
description: 'Maximum number of slots' | |
default: '256' | |
cellSize: | |
description: 'Cell size in bytes' | |
default: '2048' | |
blockSize: | |
description: 'Block size in bytes' | |
default: '65536' | |
nSamples: | |
description: 'Number of samples to prove' | |
default: '5' | |
seed: | |
description: 'Seed for creating fake data' | |
default: '12345' | |
nSlots: | |
description: 'Number of slots in the dataset' | |
default: '11' | |
slotIndex: | |
description: 'Which slot we prove (0..NSLOTS-1)' | |
default: '3' | |
nCells: | |
description: 'Number of cells in this slot' | |
default: '512' | |
ceremonyContribution: | |
description: 'Input into the circuit ceremony setup' | |
default: 'Let the Codex rock!' | |
env: | |
nim_version: 1.6.14 | |
nodejs_version: 18.15 | |
ceremony_source: https://storage.googleapis.com/zkevm/ptau/powersOfTau28_hez_final_21.ptau | |
s3_bucket_path: proving-key | |
circuit_file: workflow/build/proof_main.zkey | |
constraints_file: workflow/build/proof_main.r1cs | |
wasm_file: workflow/build/proof_main_js/proof_main.wasm | |
verification_key_file: workflow/build/proof_main_verification_key.json | |
zip_file: workflow/build/proof_circuit.zip | |
storage_url: https://circuit.codex.storage | |
jobs: | |
build: | |
defaults: | |
run: | |
shell: bash --noprofile --norc -e -o pipefail {0} | |
runs-on: buildjet-16vcpu-ubuntu-2204 | |
# runs-on: ubuntu-latest | |
timeout-minutes: 360 | |
steps: | |
- name: Checkout sources | |
uses: actions/checkout@v4 | |
- name: Setup Circom | |
uses: baptiste0928/cargo-install@v3 | |
with: | |
cache-key: 'invalid-cache-please' | |
crate: circom | |
git: https://github.com/iden3/circom.git | |
- name: Setup Nim | |
uses: jiro4989/setup-nim-action@v2 | |
with: | |
nim-version: ${{ env.nim_version }} | |
- name: Setup Node.js | |
uses: actions/setup-node@v4 | |
with: | |
node-version: ${{ env.nodejs_version }} | |
- name: Install SnarkJS | |
run: npm install -g snarkjs | |
- name: Setup CLI arguments | |
run: | | |
ENTROPY="${{ github.run_id }}" | |
echo "Entropy: $ENTROPY" | |
echo "CLI_ARGS=--depth=${{ github.event.inputs.maxDepth }} --maxslots=${{ github.event.inputs.maxSlots }} --cellsize=${{ github.event.inputs.cellSize }} --blocksize=${{ github.event.inputs.blockSize }} --nsamples=${{ github.event.inputs.nSamples }} --entropy="$ENTROPY" --seed=${{ github.event.inputs.seed }} --nslots=${{ github.event.inputs.nSlots }} --index=${{ github.event.inputs.slotIndex }} --ncells=${{ github.event.inputs.nCells }}" >> $GITHUB_ENV | |
- name: Build CLI Proof Generator | |
run: | | |
cd reference/nim/proof_input/ | |
nimble -y build -d:release cli | |
cd ../../../ | |
- name: Compile the circuit | |
run: | | |
mkdir -p workflow/build | |
cd workflow/build | |
../../reference/nim/proof_input/cli $CLI_ARGS -v --circom="proof_main.circom" | |
circom --r1cs --wasm --O2 -l../../circuit/lib -l../../circuit/poseidon2 -l../../circuit/codex proof_main.circom | |
- name: Circuit setup | |
run: | | |
cd workflow | |
wget -q -O ceremony.ptau ${{ env.ceremony_source }} | |
cd build | |
NODE_OPTIONS="--max-old-space-size=8192" snarkjs groth16 setup proof_main.r1cs ../ceremony.ptau proof_main_0000.zkey | |
NODE_OPTIONS="--max-old-space-size=8192" snarkjs zkey contribute proof_main_0000.zkey proof_main_0001.zkey --name="External Contribution" -e="${{ github.event.inputs.ceremonyContribution }}" | |
rm proof_main_0000.zkey | |
mv proof_main_0001.zkey proof_main.zkey | |
snarkjs zkey export verificationkey proof_main.zkey proof_main_verification_key.json | |
snarkjs zkey export solidityverifier proof_main.zkey verifier.sol | |
cd .. | |
- name: Generate proof | |
run: | | |
cd workflow/build/ | |
../../reference/nim/proof_input/cli $CLI_ARGS -v --output=input.json | |
cd proof_main_js | |
node generate_witness.js proof_main.wasm ../input.json ../witness.wtns | |
cd .. | |
snarkjs groth16 prove proof_main.zkey witness.wtns proof.json public.json | |
- name: Upload to storage | |
env: | |
s3_endpoint: ${{ secrets.S3_ENDPOINT }} | |
s3_bucket: ${{ secrets.S3_BUCKET }} | |
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
AWS_DEFAULT_REGION: ${{ secrets.AWS_DEFAULT_REGION }} | |
run: | | |
# Zip | |
zip -qj ${{ env.zip_file }} ${{ env.circuit_file }} ${{ env.constraints_file }} ${{ env.wasm_file }} ${{ env.verification_key_file }} | |
# Variables | |
hash=($(shasum -a 256 ${{ env.zip_file }})) | |
[[ -z "${{ env.s3_bucket_path}}" ]] && storage_file="${hash}" || storage_file="${{ env.s3_bucket_path}}/${hash}" | |
echo "storage_file=${storage_file}" >>$GITHUB_ENV | |
# Upload | |
aws s3 cp ${{ env.zip_file }} s3://${{ env.s3_bucket }}/${storage_file} --endpoint-url ${{ env.s3_endpoint }} | |
# Add hash to the assets | |
echo "\"${hash}\"" > workflow/build/zkey_hash.json | |
- name: Show download URL | |
run: | | |
echo "Download URL: ${{ env.download_url }}" | |
env: | |
download_url: ${{ format('{0}/{1}', env.storage_url, env.storage_file) }} | |
- name: Upload artifact | |
uses: actions/upload-artifact@v4 | |
with: | |
name: circuit-assets | |
path: workflow/build | |
retention-days: 5 |