arithmeticcircuits alternatives and similar packages
Based on the "Cryptography" category.
Alternatively, view arithmeticcircuits alternatives based on common mentions on social networks and blogs.

cryptonite
lowlevel set of cryptographic primitives for haskell 
merkletree
An implementation of a Merkle Tree and merkle tree proofs 
saltine
Cryptography that's easy to digest (NaCl/libsodium bindings) 
cacophony
A Haskell library implementing the Noise protocol. 
pedersencommitment
An implementation of Pedersen commitment schemes 
aossignature
AbeOhkuboSuzuki Linkable Ring Signatures 
galoisfield
Finite field and algebraic extension field arithmetic 
oblivioustransfer
Oblivious transfer for multiparty computation 
cryptohash
efficient and practical cryptohashing in haskell. DEPRECATED in favor of cryptonite 
ellipticcurve
A polymorphic interface for elliptic curve operations 
ed25519
Minimal ed25519 Haskell package, binding to the ref10 SUPERCOP implementation. 
cipheraes
DEPRECATED  use cryptonite  a comprehensive fast AES implementation for haskell that supports aesni and advanced cryptographic modes. 
cipherblowfish
DEPRECATED by cryptonite; A collection of cryptographic block and stream ciphers in haskell 
cryptoapi
Haskell generic interface (type classes) for cryptographic algorithms 
signable
Deterministic serialisation and signatures with protolens and protobufelixir support 
skein
Skein, a family of cryptographic hash functions. Includes SkeinMAC as well. 
qnapdecrypt
Decrypt files encrypted by the QNAP's Hybrid Backup Sync 
galoisfft
Finite field polynomial arithmetic based on fast Fourier transforms 
cryptohashsha256
Fast, pure and practical SHA256 implementation 
cryptohashmd5
Fast, pure and practical MD5 implementation 
cryptopubkeytypes
Crypto Public Key algorithm generic types. 
cryptopubkey
DEPRECATED  use cryptonite  Cryptographic public key related algorithms in haskell (RSA,DSA,DH,ElGamal) 
cryptopubkeyopenssh
OpenSSH keys decoder/encoder 
cipheraes128
Based on cipheraes, but using a cryptoapi interface and providing resulting IVs for each mode 
scrypt
Haskell bindings to Colin Percival's scrypt implementation. 
cprngaes
Crypto Pseudo Random Number Generator using AES in counter mode 
pureMD5
A reasonably performing MD5 implementation in pure Haskell 
cryptoenigma
A Haskell Enigma machine simulator with rich display and machine state details. 
cryptonumbers
DEPRECATED  use cryptonite  Cryptographic number related function and algorithms
Truly a developer’s best friend
* Code Quality Rankings and insights are calculated and provided by Lumnify.
They vary from L1 to L5 with "L5" being the highest.
Do you think we are missing an alternative of arithmeticcircuits or a related project?
README
Arithmetic Circuits
An arithmetic circuit is a lowlevel representation of a program that consists of gates computing arithmetic operations of addition and multiplication, with wires connecting the gates.
This form allows us to express arbitrarily complex programs with a set of private inputs and public inputs whose execution can be publicly verified without revealing the private inputs. This construction relies on recent advances in zeroknowledge proving systems:
This library presents a lowlevel interface for building zkSNARK proving systems from higherlevel compilers. This system depends on the following cryptographic dependenices.
 pairing  Optimised bilinear pairings over elliptic curves
 galoisfield  Finite field arithmetic
 galoisfft  Finite field polynomial arithmetic based on fast Fourier transforms
 ellipticcurve  Elliptic curve operations
 bulletproofs  Bulletproofs proof system
 arithmoi  Number theory operations
 semirings  Algebraic semirings
 poly  Efficient polynomial arithmetic
Theory
Towers of Finite Fields
This library can build proof systems polymorphically over a variety of pairing friendly curves. By default we use the BN254 with an efficient implementation of the optimal Ate pairing.
The BarretoNaehrig (BN) family of curves achieve high security and efficiency with pairings due to an optimum embedding degree and high 2adicity. We have implemented the optimal Ate pairing over the BN254 curve we define and as:
The tower of finite fields we work with is defined as:
Arithmetic circuits
An arithmetic circuit over a finite field is a directed acyclic graph with gates as vertices and wires and edges. It consists of a list of multiplication gates together with a set of linear consistency equations relating the inputs and outputs of the gates.
Let be a finite field and a map that takes arguments as inputs from and outputs l elements in . The function C is an arithmetic circuit if the value of the inputs that pass through wires to gates are only manipulated according to arithmetic operations + or x (allowing constant gates).
Let , , respectively denote the input, witness and output size and be the number of all inputs and outputs of the circuit A tuple , is said to be a valid assignment for an arithmetic circuit C if .
Quadratic Arithmetic Programs (QAP)
QAPs are encodings of arithmetic circuits that allow the prover to construct a proof of knowledge of a valid assignment for a given circuit .
A quadratic arithmetic program (QAP) contains three sets of polynomials in :
, ,
and a target polynomial .
In this setting, an assignment is valid for a circuit if and only if the target polynomial divides the polynomial:
Logical circuits can be written in terms of the addition, multiplication and negation operations.
DSL and Circuit Builder Monad
Any arithmetic circuit can be built using a domain specific language to construct circuits that lives inside [Lang.hs](src/Circuit/Lang.hs).
```haskell ignore type ExprM f a = State (ArithCircuit f, Int) a execCircuitBuilder :: ExprM f a > ArithCircuit f
```haskell ignore
  Binary arithmetic operations
add, sub, mul :: Expr Wire f f > Expr Wire f f > Expr Wire f f
```haskell ignore   Binary logic operations  Have to use underscore or similar to avoid shadowing @[email protected] and @[email protected]  from Prelude/Protolude. and_, or_, xor_ :: Expr Wire f Bool > Expr Wire f Bool > Expr Wire f Bool
```haskell ignore
  Negate expression
not_ :: Expr Wire f Bool > Expr Wire f Bool
```haskell ignore   Compare two expressions eq :: Expr Wire f f > Expr Wire f f > Expr Wire f Bool
```haskell ignore
  Convert wire to expression
deref :: Wire > Expr Wire f f
```haskell ignore   Return compilation of expression into an intermediate wire e :: Num f => Expr Wire f f > ExprM f Wire
```haskell ignore
  Conditional statement on expressions
cond :: Expr Wire f Bool > Expr Wire f ty > Expr Wire f ty > Expr Wire f ty
```haskell ignore   Return compilation of expression into an output wire ret :: Num f => Expr Wire f f > ExprM f Wire
The following program represents the image of the
arithmetic circuit [above](#arithmeticcircuits1).
```haskell ignore
program :: ArithCircuit Fr
program = execCircuitBuilder (do
i0 < fmap deref input
i1 < fmap deref input
i2 < fmap deref input
let r0 = mul i0 i1
r1 = mul r0 (add i0 i2)
ret r1)
The output of an arithmetic circuit can be converted to a DOT graph and save it as SVG.
```haskell ignore dotOutput :: Text dotOutput = arithCircuitToDot (execCircuitBuilder program)
<p>
<img src=".assets/arithmeticcircuitexample.svg" width="250"/>
</p>
## Example
We'll keep taking the program constructed with our DSL as example and will
use the library [pairing](https://www.github.com/adjointio/pairing) that
provides a field of points of the BN254 curve and precomputes primitive roots of
unity for binary powers that divide <img src="/tex/580e7a6446bf50562e34247c545883a2.svg?invert_in_darkmode&sanitize=true" align=middle width=36.18335654999999pt height=21.18721440000001pt/>.
```haskell
import Protolude
import qualified Data.Map as Map
import Data.Pairing.BN254 (Fr, getRootOfUnity)
import Circuit.Arithmetic
import Circuit.Expr
import Circuit.Lang
import Fresh (evalFresh, fresh)
import QAP
program :: ArithCircuit Fr
program = execCircuitBuilder (do
i0 < fmap deref input
i1 < fmap deref input
i2 < fmap deref input
let r0 = mul i0 i1
r1 = mul r0 (add i0 i2)
ret r1)
We need to generate the roots of the circuit to construct polynomials and that satisfy the divisibility property and encode the circuit to a QAP to allow the prover to construct a proof of a valid assignment.
We also need to give values to the three input wires to this arithmetic circuit.
roots :: [[Fr]]
roots = evalFresh (generateRoots (fmap (fromIntegral . (+ 1)) fresh) program)
qap :: QAP Fr
qap = arithCircuitToQAPFFT getRootOfUnity roots program
inputs :: Map.Map Int Fr
inputs = Map.fromList [(0, 7), (1, 5), (2, 4)]
A prover can now generate a valid assignment.
assignment :: QapSet Fr
assignment = generateAssignment program inputs
The verifier can check the divisibility property of by for the given circuit.
main :: IO ()
main = do
if verifyAssignment qap assignment
then putText "Valid assignment"
else putText "Invalid assignment"
See [Example.hs](./Example.hs).
Disclaimer
This is experimental code meant for researchgrade projects only. Please do not use this code in production until it has matured significantly.
License
Copyright (c) 20172020 Adjoint Inc.
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all
copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM,
DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR
OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE
OR OTHER DEALINGS IN THE SOFTWARE.
*Note that all licence references and agreements mentioned in the arithmeticcircuits README section above
are relevant to that project's source code only.