Integration
For the beta version of the protocol the access to Quantum is permissioned. Every permissioned protocol is given an AUTH_KEY and RPC Endpoint to communicate with quantum layer rpc endpoint. To get whitelisted and get your key reach out to @garvit_electron or @utsavjnn on Telegram.
Proving Schemes Supported
The quantum layer right now supports SnarkJS Groth16 (Circom), Gnark-groth16 proofs, and Halo2-KZG Proofs.
We only support Gnark-groth16 proofs whose proofs are generated and verified with stdgroth16.GetNativeProverOptions(ecc.BN254.ScalarField(), ecc.BN254.ScalarField())the
option enabled. This will be changed in the near future, and global support will be added for Gnark-groth16 proof.
A quick example of adding the above option to your Gnark Circuit:
We only support Shplonk EVM Verifier as of now for Halo2 Proofs.
Getting Started
Install npm package in your project
Initialise Connection
After installing the npm package, quantum
client helps you interact with the quantum server seamlessly.
Primarily before interacting with the server, you will need to establish a connection.
Check if the quantum instance can talk with the server. If rpcLive
is True
, a connection is established.
Circuit Registration
Before submitting your proofs the user needs to register their circuit with the aggregation layer using their verification key.
SnarkJS Groth16 / Gnark Groth16:
Halo2-KZG Proofs:
Quantum also requires protocol.json, sg2.json, instance.json and proof.bin
to register a Halo2 circuit. Here is a gist with an example to generate above files:
https://gist.github.com/utsavjnn/fad24d5e3f5dcbaeef79dff9eea29226
If the circuit_hash
is successfully returned, which means the circuit was registered successfully. For different calls further to the quantum node circuit_hash
is used for circuit identification.
Circuit Registration Status
The circuit must be registered before sending the proof for aggregation to the quantum node. You can check the registration status of your circuit using the circuitHash
generated in the circuit registration call above. A successful registration produces a reductionCircuitHash
, which is later used to verify that your proof was aggregated as part of the quantum superproof.
Proof Submission
Once the circuit is registered successfully, you can use your circuitHash
to submit a proof for cheap verification on Ethereum. User sends (proof, public_inputs)
corresponding to registered circuit. If a proof is successfully submitted, proofHash
is returned from the quantum node.
Check Proof Status
proofHash
is used to track the progress or get details of the aggregation request.
Currently, the aggregated proof is submitted on Sepolia once every ~30 minutes, so for STATUS to get toVERIFIED
can take some time.
Verifying Protocol Proof On-Chain
Calculating User Circuit Vkey Hash
This is a unique hash corresponding to the user's circuit used to verify if proof corresponding to the user's circuit was included in the aggregated proof.
This vkeyHash
is used to initialize the protocol contract below.
On-chain Contract
For protocols to integrate quantum
, they would have to make some changes to their verification smart contract. The protocol smart contract imports ProtocolVerifier
corresponding to their number of public inputs and uses it to verify if the pubInputs were verified as part of the aggregated proof.
The ProtocolVerifier
contract offers functions verifyLatestPubInputs
and verifyOldPubInputs
to verify the latest and some old public inputs, respectively.
Latest Public Inputs
pubInputs
are sent on-chain for verification purposes.
Old Public Inputs
Note: Old public inputs can be verified for a limited time once aggregated.
Verification of old public inputs requires some Merkle-proof data, which can be fetched using the API as follows:
We only support Gnark-groth16 proofs whose proofs are generated and verified with stdgroth16.GetNativeProverOptions(ecc.BN254.ScalarField(), ecc.BN254.ScalarField())the
option enabled. This will be changed in the near future, and global support will be added for Gnark-groth16 proof.
pubInputs
along with its protocolInclusionProof
are sent on-chain for verification purposes.
Last updated