false
false
5713000

Contract Address Details

0x63C5ACc9bd1cfC14582A5520415480c33734f18f

Contract Name
Bn128SchnorrVerifier
Creator
0xdb1388–e98779 at 0xf3c172–843b4a
Balance
0 PUNDIAI
Tokens
Fetching tokens...
Transactions
0 Transactions
Transfers
0 Transfers
Gas Used
Fetching gas used...
Last Balance Update
22384951
Warning! Contract bytecode has been changed and doesn't match the verified one. Therefore, interaction with this smart contract may be risky.
Contract name:
Bn128SchnorrVerifier




Optimization enabled
true
Compiler version
v0.4.26+commit.4563c3fc




Optimization runs
200
EVM Version
byzantium




Verified at
2023-04-20T02:35:29.016781Z

Contract source code

// File: openzeppelin-eth/contracts/math/SafeMath.sol

pragma solidity ^0.4.24;


/**
 * @title SafeMath
 * @dev Math operations with safety checks that revert on error
 */
library SafeMath {

  /**
  * @dev Multiplies two numbers, reverts on overflow.
  */
  function mul(uint256 a, uint256 b) internal pure returns (uint256) {
    // Gas optimization: this is cheaper than requiring 'a' not being zero, but the
    // benefit is lost if 'b' is also tested.
    // See: https://github.com/OpenZeppelin/openzeppelin-solidity/pull/522
    if (a == 0) {
      return 0;
    }

    uint256 c = a * b;
    require(c / a == b);

    return c;
  }

  /**
  * @dev Integer division of two numbers truncating the quotient, reverts on division by zero.
  */
  function div(uint256 a, uint256 b) internal pure returns (uint256) {
    require(b > 0); // Solidity only automatically asserts when dividing by 0
    uint256 c = a / b;
    // assert(a == b * c + a % b); // There is no case in which this doesn't hold

    return c;
  }

  /**
  * @dev Subtracts two numbers, reverts on overflow (i.e. if subtrahend is greater than minuend).
  */
  function sub(uint256 a, uint256 b) internal pure returns (uint256) {
    require(b <= a);
    uint256 c = a - b;

    return c;
  }

  /**
  * @dev Adds two numbers, reverts on overflow.
  */
  function add(uint256 a, uint256 b) internal pure returns (uint256) {
    uint256 c = a + b;
    require(c >= a);

    return c;
  }

  /**
  * @dev Divides two numbers and returns the remainder (unsigned integer modulo),
  * reverts when dividing by zero.
  */
  function mod(uint256 a, uint256 b) internal pure returns (uint256) {
    require(b != 0);
    return a % b;
  }
}

// File: contracts/schnorr/Bn128.sol

pragma solidity ^0.4.24;


contract Bn128 {
    using SafeMath for uint;

    uint256 constant gx = 0x1;
    uint256 constant gy = 0x2;

    /// @dev Order is the number of elements in both G₁ and G₂: 36u⁴+36u³+18u²+6u+1.
    uint256 constant order = 21888242871839275222246405745257275088548364400416034343698204186575808495617;

    function getGx() public pure returns (uint256) {
        return gx;
    }

    function getGy() public pure returns (uint256) {
        return gy;
    }

    function getOrder() public pure returns (uint256) {
        return order;
    }

    function ecadd(
        uint256 x1,
        uint256 y1,
        uint256 x2,
        uint256 y2
    ) public view returns (uint256 x3, uint256 y3) {
        uint256[2] memory outValue;
        uint256[4] memory input;
        input[0] = x1;
        input[1] = y1;
        input[2] = x2;
        input[3] = y2;

        assembly {
            if iszero(staticcall(gas, 0x06, input, 0x80, outValue, 0x40)) {
                revert(0, 0)
            }
        }

        x3 = outValue[0];
        y3 = outValue[1];
    }

    function ecmul(
        uint256 x1,
        uint256 y1,
        uint256 scalar
    ) public view returns (uint256 x2, uint256 y2) {
        uint256[2] memory outValue;
        uint256[3] memory input;
        input[0] = x1;
        input[1] = y1;
        input[2] = scalar;

        assembly {
            if iszero(staticcall(gas, 0x07, input, 0x60, outValue, 0x40)) {
                revert(0, 0)
            }
        }

        x2 = outValue[0];
        y2 = outValue[1];
    }
}

// File: contracts/schnorr/Bn128SchnorrVerifier.sol

pragma solidity ^0.4.24;


contract Bn128SchnorrVerifier is Bn128 {
    struct Point {
        uint256 x; uint256 y;
    }

    struct Verification {
        Point groupKey;
        Point randomPoint;
        uint256 signature;
        bytes32 message;

        uint256 _hash;
        Point _left;
        Point _right;
    }

    function h(bytes32 m, uint256 a, uint256 b) public pure returns (uint256) {
        return uint256(sha256(abi.encodePacked(m, a, b)));
    }

    // function cmul(Point p, uint256 scalar) public pure returns (uint256, uint256) {
    function cmul(uint256 x, uint256 y, uint256 scalar) public view returns (uint256, uint256) {
        return ecmul(x, y, scalar);
    }

    function sg(uint256 sig_s) public view returns (uint256, uint256) {
        return ecmul(getGx(), getGy(), sig_s);
    }

    // function cadd(Point a, Point b) public pure returns (uint256, uint256) {
    function cadd(uint256 ax, uint256 ay, uint256 bx, uint256 by) public view returns (uint256, uint256) {
        return ecadd(ax, ay, bx, by);
    }

    function verify(bytes32 signature, bytes32 groupKeyX, bytes32 groupKeyY, bytes32 randomPointX, bytes32 randomPointY, bytes32 message)
        public
        view
        returns(bool)
    {
        bool flag = false;
        Verification memory state;

        state.signature = uint256(signature);
        state.groupKey.x = uint256(groupKeyX);
        state.groupKey.y = uint256(groupKeyY);
        state.randomPoint.x = uint256(randomPointX);
        state.randomPoint.y = uint256(randomPointY);
        state.message = message;

        state._hash = h(state.message, state.randomPoint.x, state.randomPoint.y);

        /// change to bn256 range.
        state._hash = uint256(state._hash).mod(getOrder());

        (state._left.x, state._left.y) = sg(state.signature);
        Point memory rightPart;
        (rightPart.x, rightPart.y) = cmul(state.groupKey.x, state.groupKey.y, state._hash);
        (state._right.x, state._right.y) = cadd(state.randomPoint.x, state.randomPoint.y, rightPart.x, rightPart.y);

        flag = state._left.x == state._right.x && state._left.y == state._right.y;

        return flag;
    }
}

Contract ABI

[{"type":"function","stateMutability":"view","payable":false,"outputs":[{"type":"bool","name":""}],"name":"verify","inputs":[{"type":"bytes32","name":"signature"},{"type":"bytes32","name":"groupKeyX"},{"type":"bytes32","name":"groupKeyY"},{"type":"bytes32","name":"randomPointX"},{"type":"bytes32","name":"randomPointY"},{"type":"bytes32","name":"message"}],"constant":true},{"type":"function","stateMutability":"view","payable":false,"outputs":[{"type":"uint256","name":""},{"type":"uint256","name":""}],"name":"cmul","inputs":[{"type":"uint256","name":"x"},{"type":"uint256","name":"y"},{"type":"uint256","name":"scalar"}],"constant":true},{"type":"function","stateMutability":"pure","payable":false,"outputs":[{"type":"uint256","name":""}],"name":"getGx","inputs":[],"constant":true},{"type":"function","stateMutability":"view","payable":false,"outputs":[{"type":"uint256","name":""},{"type":"uint256","name":""}],"name":"cadd","inputs":[{"type":"uint256","name":"ax"},{"type":"uint256","name":"ay"},{"type":"uint256","name":"bx"},{"type":"uint256","name":"by"}],"constant":true},{"type":"function","stateMutability":"view","payable":false,"outputs":[{"type":"uint256","name":"x2"},{"type":"uint256","name":"y2"}],"name":"ecmul","inputs":[{"type":"uint256","name":"x1"},{"type":"uint256","name":"y1"},{"type":"uint256","name":"scalar"}],"constant":true},{"type":"function","stateMutability":"pure","payable":false,"outputs":[{"type":"uint256","name":""}],"name":"getGy","inputs":[],"constant":true},{"type":"function","stateMutability":"view","payable":false,"outputs":[{"type":"uint256","name":"x3"},{"type":"uint256","name":"y3"}],"name":"ecadd","inputs":[{"type":"uint256","name":"x1"},{"type":"uint256","name":"y1"},{"type":"uint256","name":"x2"},{"type":"uint256","name":"y2"}],"constant":true},{"type":"function","stateMutability":"pure","payable":false,"outputs":[{"type":"uint256","name":""}],"name":"getOrder","inputs":[],"constant":true},{"type":"function","stateMutability":"view","payable":false,"outputs":[{"type":"uint256","name":""},{"type":"uint256","name":""}],"name":"sg","inputs":[{"type":"uint256","name":"sig_s"}],"constant":true},{"type":"function","stateMutability":"pure","payable":false,"outputs":[{"type":"uint256","name":""}],"name":"h","inputs":[{"type":"bytes32","name":"m"},{"type":"uint256","name":"a"},{"type":"uint256","name":"b"}],"constant":true}]

Contract Creation Code

0x608060405234801561001057600080fd5b50610615806100206000396000f3006080604052600436106100a35763ffffffff7c0100000000000000000000000000000000000000000000000000000000600035041663182f875c81146100a85780632dfb77cc146100e35780634a6760b81461011a5780636495d679146101415780638081a1e714610162578063923e4f0114610180578063bb8c256a14610195578063d36dedd2146101b6578063f8fd2e83146101cb578063fb3941b4146101e3575b600080fd5b3480156100b457600080fd5b506100cf60043560243560443560643560843560a435610201565b604080519115158252519081900360200190f35b3480156100ef57600080fd5b50610101600435602435604435610317565b6040805192835260208301919091528051918290030190f35b34801561012657600080fd5b5061012f610331565b60408051918252519081900360200190f35b34801561014d57600080fd5b50610101600435602435604435606435610336565b34801561016e57600080fd5b50610101600435602435604435610352565b34801561018c57600080fd5b5061012f61039f565b3480156101a157600080fd5b506101016004356024356044356064356103a4565b3480156101c257600080fd5b5061012f6103f9565b3480156101d757600080fd5b5061010160043561041d565b3480156101ef57600080fd5b5061012f600435602435604435610442565b60008061020c610523565b610214610579565b604082018a90528151899052815160209081018990528083018051899052805182018890526060840187905251805191015160009450610255918791610442565b60808301526102766102656103f9565b60808401519063ffffffff61050216565b608083015260408201516102899061041d565b60a0840151602080820192909252919091528251805191015160808401516102b2929190610317565b60208084018290528284528481015180519101516102d4939192909190610336565b60c0840180516020810192909252919052515160a08301515114801561030957508160c00151602001518260a0015160200151145b9a9950505050505050505050565b600080610325858585610352565b91509150935093915050565b600190565b600080610345868686866103a4565b9150915094509492505050565b60008061035d610590565b6103656105ab565b8681526020810186905260408082018690528260608360075afa151561038a57600080fd5b50805160209091015190969095509350505050565b600290565b6000806103af610590565b6103b76105ca565b878152602081018790526040808201879052606082018690528260808360065afa15156103e357600080fd5b5080516020909101519097909650945050505050565b7f30644e72e131a029b85045b68181585d2833e84879b9709143e1f593f000000190565b60008061043961042b610331565b61043361039f565b85610352565b91509150915091565b604080516020808201869052818301859052606080830185905283518084039091018152608090920192839052815160009360029392909182918401908083835b602083106104a25780518252601f199092019160209182019101610483565b51815160209384036101000a600019018019909216911617905260405191909301945091925050808303816000865af11580156104e3573d6000803e3d6000fd5b5050506040513d60208110156104f857600080fd5b5051949350505050565b600081151561051057600080fd5b818381151561051b57fe5b069392505050565b61016060405190810160405280610538610579565b8152602001610545610579565b8152600060208201819052604082018190526060820152608001610567610579565b8152602001610574610579565b905290565b604080518082019091526000808252602082015290565b60408051808201825290600290829080388339509192915050565b6060604051908101604052806003906020820280388339509192915050565b60806040519081016040528060049060208202803883395091929150505600a165627a7a723058201ad8953ede7c3ddf6e91cf4ceeeb4bbac42fc3526a1e95916499d78182db498e0029

Deployed ByteCode

0x6080604052600436106100a35763ffffffff7c0100000000000000000000000000000000000000000000000000000000600035041663182f875c81146100a85780632dfb77cc146100e35780634a6760b81461011a5780636495d679146101415780638081a1e714610162578063923e4f0114610180578063bb8c256a14610195578063d36dedd2146101b6578063f8fd2e83146101cb578063fb3941b4146101e3575b600080fd5b3480156100b457600080fd5b506100cf60043560243560443560643560843560a435610201565b604080519115158252519081900360200190f35b3480156100ef57600080fd5b50610101600435602435604435610317565b6040805192835260208301919091528051918290030190f35b34801561012657600080fd5b5061012f610331565b60408051918252519081900360200190f35b34801561014d57600080fd5b50610101600435602435604435606435610336565b34801561016e57600080fd5b50610101600435602435604435610352565b34801561018c57600080fd5b5061012f61039f565b3480156101a157600080fd5b506101016004356024356044356064356103a4565b3480156101c257600080fd5b5061012f6103f9565b3480156101d757600080fd5b5061010160043561041d565b3480156101ef57600080fd5b5061012f600435602435604435610442565b60008061020c610523565b610214610579565b604082018a90528151899052815160209081018990528083018051899052805182018890526060840187905251805191015160009450610255918791610442565b60808301526102766102656103f9565b60808401519063ffffffff61050216565b608083015260408201516102899061041d565b60a0840151602080820192909252919091528251805191015160808401516102b2929190610317565b60208084018290528284528481015180519101516102d4939192909190610336565b60c0840180516020810192909252919052515160a08301515114801561030957508160c00151602001518260a0015160200151145b9a9950505050505050505050565b600080610325858585610352565b91509150935093915050565b600190565b600080610345868686866103a4565b9150915094509492505050565b60008061035d610590565b6103656105ab565b8681526020810186905260408082018690528260608360075afa151561038a57600080fd5b50805160209091015190969095509350505050565b600290565b6000806103af610590565b6103b76105ca565b878152602081018790526040808201879052606082018690528260808360065afa15156103e357600080fd5b5080516020909101519097909650945050505050565b7f30644e72e131a029b85045b68181585d2833e84879b9709143e1f593f000000190565b60008061043961042b610331565b61043361039f565b85610352565b91509150915091565b604080516020808201869052818301859052606080830185905283518084039091018152608090920192839052815160009360029392909182918401908083835b602083106104a25780518252601f199092019160209182019101610483565b51815160209384036101000a600019018019909216911617905260405191909301945091925050808303816000865af11580156104e3573d6000803e3d6000fd5b5050506040513d60208110156104f857600080fd5b5051949350505050565b600081151561051057600080fd5b818381151561051b57fe5b069392505050565b61016060405190810160405280610538610579565b8152602001610545610579565b8152600060208201819052604082018190526060820152608001610567610579565b8152602001610574610579565b905290565b604080518082019091526000808252602082015290565b60408051808201825290600290829080388339509192915050565b6060604051908101604052806003906020820280388339509192915050565b60806040519081016040528060049060208202803883395091929150505600a165627a7a723058201ad8953ede7c3ddf6e91cf4ceeeb4bbac42fc3526a1e95916499d78182db498e0029