Skip to content

feat(circuit-dsl): annotation-based circuit authoring API #6

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
satran004 merged 26 commits into from
May 27, 2026
Merged

feat(circuit-dsl): annotation-based circuit authoring API #6

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
26 commits
Select commit Hold shift + click to select a range
823c422
phase 0: add circuit annotation planning baseline
satran004 May 17, 2026
86f122c
phase 1: scaffold circuit annotation modules
satran004 May 17, 2026
bfe0b65
phase 2: add symbolic circuit foundation
satran004 May 17, 2026
7f49413
phase 3: add symbolic gadget adapters
satran004 May 17, 2026
b033b03
phase 4: generate circuit companions
satran004 May 17, 2026
c7b24b8
phase 5: add generated schema and input builders
satran004 May 17, 2026
d655fee
phase 6: add annotation examples and guide
satran004 May 17, 2026
126ef5c
phase 7: add bit and byte symbolic inputs
satran004 May 17, 2026
3b873d2
phase 8: add advanced symbolic gadget adapters
satran004 May 17, 2026
d3caf90
phase 9: integrate annotated circuits with proving flows
satran004 May 17, 2026
b5fbe03
Updated docs for new circuit annotation support
satran004 May 18, 2026
dc354c4
Updated docs as per the current support ZKCircuit
satran004 May 18, 2026
3dc3579
feat(circuit): add symbolic PoseidonN adapter
satran004 May 18, 2026
2f5b029
feat(circuit): add params-aware ZkMerkle helpers
satran004 May 18, 2026
8a571d6
docs(circuit): track nested ZkArray follow-up
satran004 May 18, 2026
de0196b
feat(onchain): add arbitrary-input Groth16 verifier
satran004 May 18, 2026
bb25023
chore(onchain): make generic Groth16 verifier default
satran004 May 18, 2026
a948645
refactor(onchain): make BLS12-381 Groth16 verifier canonical
satran004 May 18, 2026
42aa9a0
refactor(onchain): organize julc packages by role
satran004 May 18, 2026
029cd50
refactor(examples): use BLS12-381 Poseidon for Cardano paths
satran004 May 18, 2026
ab6f13d
feat(annotation): support nested ZkArray inputs
satran004 May 18, 2026
f3f5196
feat: add Poseidon MPF symbolic gadget
satran004 May 18, 2026
c60c2ac
perf: reduce MPF path packing constraints
satran004 May 19, 2026
35abf5b
Add vision v3
satran004 May 20, 2026
693a329
Update README with ZK annotation based circuit
satran004 May 20, 2026
0f6cf06
Fix CCL dependency
satran004 May 27, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
59 changes: 46 additions & 13 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,7 @@ ZeroJ lets Java developers **define ZK circuits**, **generate proofs**, **verify
- **CircuitSpec Java DSL** (recommended) — define circuits as reusable Java classes with `CircuitSpec`
- **Inline lambda DSL** — quick prototyping with `CircuitBuilder.define(api -> ...)`
- **circom interop** — use externally compiled circom/snarkjs artifacts (`.r1cs`, `.zkey`, `.wtns`; `.wasm` witness calculation in incubator)
- **Standard library** — Poseidon, PoseidonN, MiMC, MiMCSponge, Merkle, Comparators, Binary, Mux, AliasCheck
- **Standard library** — Poseidon, PoseidonN, MiMC, MiMCSponge, Merkle, Comparators, Binary, Mux, AliasCheck, symbolic `Zk*` adapters, and a per-gadget status table in [`zeroj-circuit-lib`](zeroj-circuit-lib/README.md)
- **Multi-backend compilation** — one Java circuit can compile to R1CS for Groth16 or to PlonK

### Generate Proofs
Expand Down Expand Up @@ -46,11 +46,37 @@ ZeroJ lets Java developers **define ZK circuits**, **generate proofs**, **verify

## Quick Start — Zero Dependencies

Define a circuit, prove it, and verify — all in pure Java:
Define a circuit, prove it, and verify — all in pure Java.

ZeroJ supports multiple ways to write the same circuit. For new application
circuits, start with symbolic annotations. Use `CircuitSpec` when you want a
manual reusable circuit class, and use the inline DSL for small tests or
experiments.

### Recommended: Symbolic Annotations

```java
// 1. Define the circuit (CircuitSpec — recommended pattern)
public class SecretMultiplierCircuit implements CircuitSpec {
// Define the circuit with @ZKCircuit and symbolic Zk* values.
@ZKCircuit(name = "secret-multiplier", version = 1)
public class SecretMultiplier {
@Prove
ZkBool prove(
ZkContext zk,
@Public ZkField a,
@Public ZkField product,
@Secret ZkField b) {
return a.mul(b).isEqual(product);
}
}

// The annotation processor generates SecretMultiplierCircuit.
var circuit = SecretMultiplierCircuit.build();
```

### Equivalent CircuitSpec

```java
public class SecretMultiplierSpecCircuit implements CircuitSpec {
@Override
public void define(SignalBuilder c) {
Signal a = c.publicInput("a");
Expand All @@ -62,31 +88,37 @@ public class SecretMultiplierCircuit implements CircuitSpec {
public static CircuitBuilder build() {
return CircuitBuilder.create("secret-multiplier")
.publicVar("a").publicVar("product").secretVar("b")
.defineSignals(new SecretMultiplierCircuit());
.defineSignals(new SecretMultiplierSpecCircuit());
}
}

// 2. Compile and compute witness
var circuit = SecretMultiplierCircuit.build();
var circuit = SecretMultiplierSpecCircuit.build();
```

Choose one definition style. Both produce a `CircuitBuilder`, and the proof flow
is the same after that point:

```java
// 1. Compile and compute witness
var r1cs = circuit.compileR1CS(CurveId.BLS12_381);
var witness = circuit.calculateWitness(Map.of(
"a", List.of(BigInteger.valueOf(3)),
"b", List.of(BigInteger.valueOf(11)), // secret!
"product", List.of(BigInteger.valueOf(33))
), CurveId.BLS12_381);

// 3. Setup + Prove (pure Java — zero native dependencies)
// 2. Setup + Prove (pure Java — zero native dependencies)
var srs = PowersOfTauBLS381.generate(4); // dev/test only
var constraints = r1cs.constraints();
var setup = Groth16SetupBLS381.setup(
constraints, r1cs.numWires(), r1cs.numPublicInputs(), srs.tauScalar());
var proof = Groth16ProverBLS381.prove(
setup.provingKey(), witness, constraints, r1cs.numWires());

// 4. Verify off-chain (pure Java)
// 3. Verify off-chain (pure Java)
boolean valid = BLS12381Pairing.pairingCheck(...); // Groth16 pairing equation

// 5. Verify on-chain (Cardano Plutus V3)
// 4. Verify on-chain (Cardano Plutus V3)
var script = JulcScriptLoader.load(Groth16BLS12381Verifier.class, vkParams...);
// Lock ADA → unlock with ZK proof → Cardano verifies BLS12-381 pairing
```
Expand Down Expand Up @@ -193,7 +225,7 @@ The **pure Java prover and verifier require no optional dependencies**.
| [`zeroj-blst`](zeroj-blst/) | BLS12-381 pairing operations via blst native library |
| [`zeroj-crypto`](zeroj-crypto/) | **Pure Java prover** — Montgomery field arithmetic, EC operations, Groth16 + PlonK for BN254 and BLS12-381 |
| [`zeroj-circuit-dsl`](zeroj-circuit-dsl/) | Java Circuit DSL — define circuits with CircuitSpec, compile to R1CS/PlonK |
| [`zeroj-circuit-lib`](zeroj-circuit-lib/) | Circuit standard library — Poseidon, PoseidonN, MiMC, MiMCSponge, Merkle, Comparators, Binary, Mux, AliasCheck |
| [`zeroj-circuit-lib`](zeroj-circuit-lib/) | Circuit standard library — Poseidon, PoseidonN, MiMC, MiMCSponge, Merkle, Comparators, Binary, Mux, AliasCheck, symbolic adapters, and [per-gadget status](zeroj-circuit-lib/README.md#gadget-status) |
| [`zeroj-prover-spi`](zeroj-prover-spi/) | Minimal prover request/response SPI shared by prover implementations |
| [`zeroj-prover-gnark`](zeroj-prover-gnark/) | gnark native prover (Groth16 + PlonK) via FFM |
| [`zeroj-patterns`](zeroj-patterns/) | High-level ZK patterns — state transitions, nullifier claims, membership proofs |
Expand Down Expand Up @@ -256,6 +288,7 @@ dependencies {
- **[Getting Started](docs/getting-started.md)** — end-to-end: circuit to on-chain verification
- **[Pure Java Prover Guide](docs/pure-java-prover-guide.md)** — zero-dependency proving pipeline
- **[Circuit DSL User Guide](docs/circuit-dsl-user-guide.md)** — CircuitSpec, Signal API, standard library
- **[Circuit Library Gadget Status](zeroj-circuit-lib/README.md#gadget-status)** — current curve, symbolic, and Cardano-readiness status for each reusable gadget
- **[Alternate Prover Backends](docs/alternate-prover-backends.md)** — gnark FFM and snarkjs
- **[Architecture Overview](docs/architecture-overview.md)** — module design and layer separation
- **[PlonK Support](docs/plonk-support.md)** — PlonK proving, off-chain verification, and the experimental Julc prototype
Expand All @@ -275,8 +308,8 @@ dependencies {

| Example | What It Demonstrates |
|---------|---------------------|
| `SealedBidPureJavaE2ETest` | MiMC hash + range proof → pure Java prove → pairing verify |
| `AnonymousVotingPureJavaE2ETest` | MiMC commitment + boolean → prove → verify |
| `SealedBidPureJavaE2ETest` | BLS12-381 Poseidon commitment + range proof → pure Java prove → pairing verify |
| `AnonymousVotingPureJavaE2ETest` | BLS12-381 Poseidon commitment + boolean → prove → verify |
| `BalanceThresholdPureJavaE2ETest` | Range comparison → prove → verify |
| `PureJavaProverYaciE2ETest` | **Full stack: prove → Yaci DevKit on-chain verify** |
| `CircomToOnChainE2ETest` | circom `.zkey` → Java prove → Julc VM on-chain verify |
Expand Down
6 changes: 6 additions & 0 deletions build.gradle
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,12 @@ allprojects {
repositories {
mavenCentral()
mavenLocal()
maven {
url = uri("https://central.sonatype.com/repository/maven-snapshots")
content {
snapshotsOnly()
}
}
}
}

Expand Down
Loading
Loading