feat: substring matching

[lonerapier]

Adds a substring matching circuit using random linear combination.

• removes circuits from circomlib and import from circomlib directly using circom's -l flag.
• asymptotic complexity: $O(m+n)$, where $m,n$ = data,key length respectively
• Uses an underconstrained function SubstringSearch to compute probable position of key in data. So, a malicious prover can set invalid position.
• position is verified by a properly constrained SubstringMatchWithIndex function
  • calculates linear combination of key and data at position specified
  • validates that sum should be equal.

Constraint count for dataLength: 787 and keyLength: 10

template instances: 293
non-linear constraints: 54707
linear constraints: 0
public inputs: 0
private inputs: 797
public outputs: 1
wires: 56282
labels: 313180

Most of these constraints are due to Poseidon hash used to calculate a random number for linear combination. r can't be public constant or even private input, because then the verification is prone to failure, and should be properly initiated using a random oracle.

[!NOTE] search circuit somehow doesn't compiles with circomkit (mentioned in README). You might have to compile manually using circom circuits/main/search.circom --r1cs --wasm -l node_modules/ -o build/search/

[devloper]

Nice! I'll give this a longer review tomorrow!

[Autoparallel]

Looking good! I'm just looking to have these comments/questions resolved, then can approve.

Nothing major! Looks good!

[Autoparallel]

We should look through the audit to see if this was hit then: https://www.zksecurity.xyz/reports/zkemail

[lonerapier]

It's currently not in upstream zkemail code, have a PR open.

[lonerapier]

Thanks for the amazing review @Autoparallel. Will incorporate these changes.

[Autoparallel]

Looks good now! Just bring it up to date with main.

If you want multiple files in utils/, I'm happy with that choice :)

[lonerapier]

rebased with main.

In the end, I decided to move utils circuits in separate files :)