Blitzar Crate

High-Level Rust wrapper for the blitzar-sys crate.
Report Bug | Request a Feature

Background

Blitzar was created by the core cryptography team at Space and Time to accelerate Proof of SQL, a novel zero-knowledge proof for SQL operations. After surveying our options for a GPU acceleration framework, we realized that Proof of SQL needed something better… so we built Blitzar. Now, Proof of SQL runs with a 3.2 second proving time against a million-row table on a single GPU, and it’s only getting faster.

We’ve open-sourced Blitzar to provide the Web3 community with a faster and more robust framework for building GPU-accelerated zk-proofs. We’re excited to open the project to community contributions to expand the scope of Blitzar and lay the foundation for the next wave of lightning fast zk-proofs.

Overview

Blitzar-rs is a High-Level rust wrapper for the blitzar-sys crate for accelerating cryptographic zero-knowledge proof algorithms on the CPU and GPU.

Note This repo contains the high-Level rust wrapper for the blitzar-sys crate. If you are using C++, use the code from the companion repo here: https://github.com/spaceandtimelabs/blitzar.

The crate provides

Functions for doing group operations on Curve-25519 and Ristretto25519 elements.
An implementation of Inner Product Argument Protocol for producing and verifying a compact proof of the inner product of two vectors.

WARNING: This project has not undergone a security audit and is NOT ready for production use.

Computational Backends

Although the primary goal of this library is to provide GPU acceleration for cryptographic zk-proof algorithms, the library also provides CPU support for the sake of testing. The following backends are supported:

| Backend | Implementation | Target Hardware | | :--- | :--- | :--- | | cpu | Serial | x86 capable CPUs | | gpu | Parallel | Nvidia CUDA capable GPUs

Cryptographic Primitives

Multi-Scalar Multiplication (MSM) / Generalized Pedersen Commitment / Multiexponentiation

Blitzar provides an implementation of Multi-Scalar Multiplication (i.e. generalized Pedersen commitments)

Let $g0\ldots gn\in \mathbb{G}$ be elements of a group (with prime order), and let $a0\ldots an\in\mathbb{F}$ be elements of the corresponding scalar field. (i.e. the field $\mathbb{F}_p$ where $p$ is the order of the group.)

Then, the Generalized Pedersen Commitment of the vector $\mathbf{a}=(a1,\ldots, an)$ is math P = a_1\cdot g_1+\cdots+ a_n\cdot g_n

Note: we interchangeably use the terms "multi-scalar multiplication" and "multiexponentiation" to refer to the this operation because when the group is written additively, the operation is a multi-scalar multiplication, and when the group is written multiplicatively, the operation is a multiexponentiation.

The Blitzar implementation allows for computation of multiple, potentially different length, MSMs simultaneously. Additionally, either built-in, precomputed, generators $g_n$ can be used, or they can be provided as needed.

Currently, Blitzar supports Curve25519 as the group. We're always working to expand the curves that we support, so check back for updates.

Inner Product Argument

Blitzar provides a modified implementation of an inner product argument (e.g. Bulletproofs and Halo2).

Given generators $g1, \ldots, gn$; Pedersen commitment $P$; scalar $c$; and vectors $\mathbf{a}=(a1,\ldots, an)$ and $\mathbf{b}=(b1,\ldots, bn)$; Blitzar's version of the inner product proof allows a Prover to establish that math \begin{aligned} P &= a_1\cdot g_1+\cdots+ a_n\cdot g_n \\ c &= \langle \mathbf{a}, \mathbf{b} \rangle = a_1\cdot b_1+\cdots+ a_n\cdot b_n \end{aligned} where it is assumed that $\boldsymbol{g}$, $\boldsymbol{b}$, and $c$ are known to both the Prover and Verifier.

This version of the inner product argument can be used in the context of a broader protocol.

Other Features to Come

If there is a particular feature that you would like to see, please reach out. Blitzar is a community-first project, and we want to hear from you.

Getting Started

To get a local copy up and running, consider the following steps.

Prerequisites to build from source

GPU backend prerequisites:

Rust 1.69.0
x86_64 Linux instance.
Nvidia Toolkit Driver Version: >= 530.30.02 (check the compatibility list here).

CPU backend prerequisites:

You'll need the following requirements to run the environment:

Rust 1.69.0
x86_64 Linux instance.

Usage

Add to your project

To add this library to your project, update your Cargo.toml file with the following line:

[dependencies] blitzar = "0.2.0"

Feature Flags

| Feature | Default? | Description | | :--- | :---: | :--- | | cpu | x | Enables the CPU backend. | | gpu | ✓ | Enables the GPU Backend. |

Tests

bash cargo test

Documentation

bash cargo doc --no-deps --open

Examples

Check EXAMPLES file.

Running benchmarks:

Benchmarks are run using criterion.rs:

$ cargo bench --features <cpu | gpu>

Development Process

The main branch is regularly built and tested, being the only source of truth. Tags are created regularly from automated semantic release executions.

Contributing

We're excited to open Blitzar-rs to the community, but are not accepting community Pull Requests yet due to logistic reasons. However, feel free to contribute with any suggestion, idea, or bugfix on our Issues panel. Also, see contribution guide.

Community & support

Join our Discord server to ask questions, discuss features, and for general chat.

License

This project is released under the Apache 2 License.

C++ code

This repo contains the high-Level rust wrapper for the blitzar-sys crate. If you are using C++, use the code from the companion repo here: https://github.com/spaceandtimelabs/blitzar.