From 5b4b65216a2d458c0c6a9c372bae094b6415f639 Mon Sep 17 00:00:00 2001
From: Alex Ozdemir <aozdemir@hmc.edu>
Date: Thu, 13 Feb 2025 10:51:00 -0800
Subject: [PATCH] readme zkp

---
 README.md                        |  4 ++++
 doc/zkp.md                       | 18 ++++++++++++++++++
 examples/ZoKrates/pf/maj.zok     |  2 +-
 examples/ZoKrates/pf/maj.zok.vin |  6 ++++++
 4 files changed, 29 insertions(+), 1 deletion(-)
 create mode 100644 doc/zkp.md
 create mode 100644 examples/ZoKrates/pf/maj.zok.vin

diff --git a/README.md b/README.md
index caa5edbb5..197da4bb3 100644
--- a/README.md
+++ b/README.md
@@ -26,6 +26,10 @@ On Ubuntu `coinor-cbc` and `coinor-libcbc-dev`.
 
 You'll also need a stable Rust compiler.
 
+## Quickstart
+
+For an example of doing ZKP compilation, look [here](./doc/zkp.md).
+
 ## Architecture
 
 * Components:
diff --git a/doc/zkp.md b/doc/zkp.md
new file mode 100644
index 000000000..93cdaaae5
--- /dev/null
+++ b/doc/zkp.md
@@ -0,0 +1,18 @@
+# Quickstart for ZKPs using the Z# front-end
+
+1. Configure CirC's example compiler: `./driver.py --features bellman r1cs poly zok`
+  * turns on the [bellman](https://github.com/zkcrypto/bellman/) ZKP backend,
+     the R1CS compiler extension needed to target it,
+     support for finite field polynomials,
+     and the Z# (an extended ZoKrates) frontend
+2. Build the CirC library and example compiler `./driver.py -b`
+3. Compile an example program to ZKPs and sample ZKP paramaters: `./target/release/examples/circ examples/ZoKrates/pf/maj.zok r1cs --action setup`
+  * creates a proving key in file `./P`
+  * creates a verifying key in file `./V`
+  * The program does a bitwise majority of three 8-bit arguments; the inputs are secret, the output is public.
+4. Create a proof: `./target/release/examples/zk --inputs examples/ZoKrates/pf/maj.zok.pin --action prove`
+  * creates a proof in file `./pi`
+  * the (secret) program inputs are in the input file `examples/ZoKrates/pf/maj.zok.pin`
+5. Verify the proof against a claimed program output: `./target/release/examples/zk --inputs examples/ZoKrates/pf/maj.zok.vin --action verify`
+  * the output is `return` in the input file `examples/ZoKrates/pf/maj.zok.vin`
+  * if verification fails, the command will return an error
diff --git a/examples/ZoKrates/pf/maj.zok b/examples/ZoKrates/pf/maj.zok
index c37f90bc1..d4254b7da 100644
--- a/examples/ZoKrates/pf/maj.zok
+++ b/examples/ZoKrates/pf/maj.zok
@@ -1,2 +1,2 @@
-def main(u8 a, u8 b, u8 c) -> u8:
+def main(private u8 a, private u8 b, private u8 c) -> u8:
     return (a & b) ^ (a & c) ^ (b & c)
diff --git a/examples/ZoKrates/pf/maj.zok.vin b/examples/ZoKrates/pf/maj.zok.vin
new file mode 100644
index 000000000..8edf209e7
--- /dev/null
+++ b/examples/ZoKrates/pf/maj.zok.vin
@@ -0,0 +1,6 @@
+(let (
+    (return #xD9)
+)
+    false
+)
+