ETH Price: $2,602.45 (-3.08%)

Contract

0xAE950A9B8F48bC4519820728E210515a07F7cB71

Overview

ETH Balance

0 ETH

ETH Value

$0.00

Multichain Info

No addresses found
Transaction Hash
Method
Block
From
To

There are no matching entries

1 Internal Transaction found.

Latest 1 internal transaction

Parent Transaction Hash Block From To
168636602024-10-16 16:53:48118 days ago1729097628  Contract Creation0 ETH
Loading...
Loading

Contract Source Code Verified (Exact Match)

Contract Name:
Groth16VerifierStateTransition

Compiler Version
v0.8.27+commit.40a35a09

Optimization Enabled:
No with 200 runs

Other Settings:
paris EvmVersion
File 1 of 2 : Groth16VerifierStateTransition.sol
// SPDX-License-Identifier: GPL-3.0
/*
    Copyright 2021 0KIMS association.

    This file is generated with [snarkJS](https://github.com/iden3/snarkjs).

    snarkJS is a free software: you can redistribute it and/or modify it
    under the terms of the GNU General Public License as published by
    the Free Software Foundation, either version 3 of the License, or
    (at your option) any later version.

    snarkJS is distributed in the hope that it will be useful, but WITHOUT
    ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
    or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public
    License for more details.

    You should have received a copy of the GNU General Public License
    along with snarkJS. If not, see <https://www.gnu.org/licenses/>.
*/

pragma solidity >=0.7.0 <0.9.0;

import "../../interfaces/IStateTransitionVerifier.sol";

contract Groth16VerifierStateTransition is IStateTransitionVerifier {
    // Scalar field size
    uint256 constant r    = 21888242871839275222246405745257275088548364400416034343698204186575808495617;
    // Base field size
    uint256 constant q   = 21888242871839275222246405745257275088696311157297823662689037894645226208583;

    // Verification Key data
    uint256 constant alphax  = 20491192805390485299153009773594534940189261866228447918068658471970481763042;
    uint256 constant alphay  = 9383485363053290200918347156157836566562967994039712273449902621266178545958;
    uint256 constant betax1  = 4252822878758300859123897981450591353533073413197771768651442665752259397132;
    uint256 constant betax2  = 6375614351688725206403948262868962793625744043794305715222011528459656738731;
    uint256 constant betay1  = 21847035105528745403288232691147584728191162732299865338377159692350059136679;
    uint256 constant betay2  = 10505242626370262277552901082094356697409835680220590971873171140371331206856;
    uint256 constant gammax1 = 11559732032986387107991004021392285783925812861821192530917403151452391805634;
    uint256 constant gammax2 = 10857046999023057135944570762232829481370756359578518086990519993285655852781;
    uint256 constant gammay1 = 4082367875863433681332203403145435568316851327593401208105741076214120093531;
    uint256 constant gammay2 = 8495653923123431417604973247489272438418190587263600148770280649306958101930;
    uint256 constant deltax1 = 4246152484702050277565132335408650010216666048103975186858037423667921011245;
    uint256 constant deltax2 = 11761106885383518720174451196687963724495127702612880995502231202411849421701;
    uint256 constant deltay1 = 20662719780693521898375922787282175696841448037933826627867273008735335783602;
    uint256 constant deltay2 = 9540218714987219778576059617464635889429392349728954857252076100095683267633;


    uint256 constant IC0x = 16043291973889324756617069487195476149512574727363051659112556958735977616725;
    uint256 constant IC0y = 16864605224185193093062266789812233298859884301538621362226822022081041278677;

    uint256 constant IC1x = 15935621905201691307201070923038920580506689594547556653696264182846970978554;
    uint256 constant IC1y = 20793947184131761785325026067954699416249353321530615459908048240252442935417;

    uint256 constant IC2x = 15873695673932800019757092006642463598109301274410205214955538808836281067900;
    uint256 constant IC2y = 13581010826645089044340117513778871694012835043547906854734814490388643425494;

    uint256 constant IC3x = 436067793811322464859758359330968701378288169738014324837094148538366747065;
    uint256 constant IC3y = 5184689509856778472522887232562113210294765146488556347841833551753176606959;

    uint256 constant IC4x = 1580946655352989990810599848244095954566838172532565943008224849077018394283;
    uint256 constant IC4y = 8901953775389474246223858845884219088656635610469822712500097959042485592148;

    // Memory data
    uint16 constant pVk = 0;
    uint16 constant pPairing = 128;

    uint16 constant pLastMem = 896;

    function verifyProof(
        uint[2] calldata _pA,
        uint[2][2] calldata _pB,
        uint[2] calldata _pC,
        uint[4] calldata _pubSignals
    ) public view returns (bool) {
        assembly {
            function checkField(v) {
                if iszero(lt(v, q)) {
                    mstore(0, 0)
                    return(0, 0x20)
                }
            }

            // G1 function to multiply a G1 value(x,y) to value in an address
            function g1_mulAccC(pR, x, y, s) {
                let success
                let mIn := mload(0x40)
                mstore(mIn, x)
                mstore(add(mIn, 32), y)
                mstore(add(mIn, 64), s)

                success := staticcall(sub(gas(), 2000), 7, mIn, 96, mIn, 64)

                if iszero(success) {
                    mstore(0, 0)
                    return(0, 0x20)
                }

                mstore(add(mIn, 64), mload(pR))
                mstore(add(mIn, 96), mload(add(pR, 32)))

                success := staticcall(sub(gas(), 2000), 6, mIn, 128, pR, 64)

                if iszero(success) {
                    mstore(0, 0)
                    return(0, 0x20)
                }
            }

            function checkPairing(pA, pB, pC, pubSignals, pMem) -> isOk {
                let _pPairing := add(pMem, pPairing)
                let _pVk := add(pMem, pVk)

                mstore(_pVk, IC0x)
                mstore(add(_pVk, 32), IC0y)

                // Compute the linear combination vk_x

                g1_mulAccC(_pVk, IC1x, IC1y, calldataload(add(pubSignals, 0)))

                g1_mulAccC(_pVk, IC2x, IC2y, calldataload(add(pubSignals, 32)))

                g1_mulAccC(_pVk, IC3x, IC3y, calldataload(add(pubSignals, 64)))

                g1_mulAccC(_pVk, IC4x, IC4y, calldataload(add(pubSignals, 96)))

                // -A
                mstore(_pPairing, calldataload(pA))
                mstore(add(_pPairing, 32), mod(sub(q, calldataload(add(pA, 32))), q))

                // B
                mstore(add(_pPairing, 64), calldataload(pB))
                mstore(add(_pPairing, 96), calldataload(add(pB, 32)))
                mstore(add(_pPairing, 128), calldataload(add(pB, 64)))
                mstore(add(_pPairing, 160), calldataload(add(pB, 96)))

                // alpha1
                mstore(add(_pPairing, 192), alphax)
                mstore(add(_pPairing, 224), alphay)

                // beta2
                mstore(add(_pPairing, 256), betax1)
                mstore(add(_pPairing, 288), betax2)
                mstore(add(_pPairing, 320), betay1)
                mstore(add(_pPairing, 352), betay2)

                // vk_x
                mstore(add(_pPairing, 384), mload(add(pMem, pVk)))
                mstore(add(_pPairing, 416), mload(add(pMem, add(pVk, 32))))

                // gamma2
                mstore(add(_pPairing, 448), gammax1)
                mstore(add(_pPairing, 480), gammax2)
                mstore(add(_pPairing, 512), gammay1)
                mstore(add(_pPairing, 544), gammay2)

                // C
                mstore(add(_pPairing, 576), calldataload(pC))
                mstore(add(_pPairing, 608), calldataload(add(pC, 32)))

                // delta2
                mstore(add(_pPairing, 640), deltax1)
                mstore(add(_pPairing, 672), deltax2)
                mstore(add(_pPairing, 704), deltay1)
                mstore(add(_pPairing, 736), deltay2)

                let success := staticcall(sub(gas(), 2000), 8, _pPairing, 768, _pPairing, 0x20)

                isOk := and(success, mload(_pPairing))
            }

            let pMem := mload(0x40)
            mstore(0x40, add(pMem, pLastMem))

            // Validate that all evaluations ∈ F

            checkField(calldataload(add(_pubSignals, 0)))

            checkField(calldataload(add(_pubSignals, 32)))

            checkField(calldataload(add(_pubSignals, 64)))

            checkField(calldataload(add(_pubSignals, 96)))

            checkField(calldataload(add(_pubSignals, 128)))

            // Validate all evaluations
            let isValid := checkPairing(_pA, _pB, _pC, _pubSignals, pMem)

            mstore(0, isValid)
            return(0, 0x20)
        }
    }
}

File 2 of 2 : IStateTransitionVerifier.sol
// SPDX-License-Identifier: GPL-3.0
pragma solidity 0.8.27;

interface IStateTransitionVerifier {
    function verifyProof(
        uint256[2] calldata a,
        uint256[2][2] calldata b,
        uint256[2] calldata c,
        uint256[4] calldata input
    ) external view returns (bool r);
}

Settings
{
  "evmVersion": "paris",
  "optimizer": {
    "enabled": false,
    "runs": 200
  },
  "outputSelection": {
    "*": {
      "*": [
        "evm.bytecode",
        "evm.deployedBytecode",
        "devdoc",
        "userdoc",
        "metadata",
        "abi"
      ]
    }
  },
  "libraries": {}
}

Contract Security Audit

Contract ABI

[{"inputs":[{"internalType":"uint256[2]","name":"_pA","type":"uint256[2]"},{"internalType":"uint256[2][2]","name":"_pB","type":"uint256[2][2]"},{"internalType":"uint256[2]","name":"_pC","type":"uint256[2]"},{"internalType":"uint256[4]","name":"_pubSignals","type":"uint256[4]"}],"name":"verifyProof","outputs":[{"internalType":"bool","name":"","type":"bool"}],"stateMutability":"view","type":"function"}]

6080604052348015600f57600080fd5b506107248061001f6000396000f3fe608060405234801561001057600080fd5b506004361061002b5760003560e01c80635fe8c13b14610030575b600080fd5b61004a6004803603810190610045919061064f565b610060565b60405161005791906106d3565b60405180910390f35b600061057c565b7f30644e72e131a029b85045b68181585d97816a916871ca8d3c208c16d87cfd478110610098576000805260206000f35b50565b600060405183815284602082015285604082015260408160608360076107d05a03fa9150816100ce576000805260206000f35b825160408201526020830151606082015260408360808360066107d05a03fa9150816100fe576000805260206000f35b505050505050565b600060808601600087017f23782e74ab120e17332feb501bcb3340e46aa66d97d227ce10d3b0d6191f155581527f2549073e43bec0249113913f540b1c803eb0fceb45181b4370b694352b8626d560208201526101a960008801357f2df8f4ffecaca21322387e2814d5cbd3e9ea882b9870155f6a09b4473d4c80797f233b3e0bdba80ff1393fe3ee9d1483adf633903b226771e31fb3305e2774e0fa8461009b565b6101f960208801357f1e069468e84e4443468d989b6fc64820336b165e815f0cce7c344ab64c87acd67f23183180476734a897d90341b322f6226879f47d5705624f625a9f81b12be97c8461009b565b61024860408801357f0b766e26319340b06fb428ab1241f5d2c84220fc609dbbfacda8e85b4c62e8ef7ef6ce3d6de122311ef96a588c41d42a0e8aaabd531dd2bfbbe23d00b3ece1b98461009b565b61029860608801357f13ae53c8f7d53cda6035e94c207c087599487be203a9fded64d9b803843420547f037ec8ba945630f6d6b5387f0a4a130ddd6f216ea478bc08079a6a0d13417eab8461009b565b833582527f30644e72e131a029b85045b68181585d97816a916871ca8d3c208c16d87cfd4760208501357f30644e72e131a029b85045b68181585d97816a916871ca8d3c208c16d87cfd4703066020830152843560408301526020850135606083015260408501356080830152606085013560a08301527f2d4d9aa7e302d9df41749d5507949d05dbea33fbb16c643b22f599a2be6df2e260c08301527f14bedd503c37ceb061d8ec60209fe345ce89830a19230301f076caff004d192660e08301527f0967032fcbf776d1afc985f88877f182d38480a653f2decaa9794cbc3bf3060c6101008301527f0e187847ad4c798374d0d6732bf501847dd68bc0e071241e0213bc7fc13db7ab6101208301527f304cfbd1e08a704a99f5e847d93f8c3caafddec46b7a0d379da69a4d112346a76101408301527f1739c1b1a457a8c7313123d24d2f9192f896b7c63eea05a9d57f06547ad0cec8610160830152600088015161018083015260206000018801516101a08301527f198e9393920d483a7260bfb731fb5d25f1aa493335a9e71297e485b7aef312c26101c08301527f1800deef121f1e76426a00665e5c4479674322d4f75edadd46debd5cd992f6ed6101e08301527f090689d0585ff075ec9e99ad690c3395bc4b313370b38ef355acdadcd122975b6102008301527f12c85ea5db8c6deb4aab71808dcb408fe3d1e7690c43d37b4ce6cc0166fa7daa610220830152853561024083015260208601356102608301527f09633cb521508aaac061ec58387116514b5ca8a5ef113b973dc5947cfd07c22d6102808301527f1a008cf3fb47fe77514ec4146a500e2ea851479d91c6a8286ffae46e737793856102a08301527f2daeaf590139f49f18bea7f56c980627d13b44525c4af2fe0d5e66adfdd09cb26102c08301527f1517928b5d86d1c6fa6d777090519971ea5a5b58173252da0677879848a30c316102e08301526020826103008460086107d05a03fa82518116935050505095945050505050565b60405161038081016040526105946000840135610067565b6105a16020840135610067565b6105ae6040840135610067565b6105bb6060840135610067565b6105c86080840135610067565b6105d5818486888a610106565b8060005260206000f35b600080fd5b600080fd5b600081905082602060020282011115610605576106046105e4565b5b92915050565b600081905082604060020282011115610627576106266105e4565b5b92915050565b600081905082602060040282011115610649576106486105e4565b5b92915050565b600080600080610180858703121561066a576106696105df565b5b6000610678878288016105e9565b94505060406106898782880161060b565b93505060c061069a878288016105e9565b9250506101006106ac8782880161062d565b91505092959194509250565b60008115159050919050565b6106cd816106b8565b82525050565b60006020820190506106e860008301846106c4565b9291505056fea2646970667358221220dbc3ed97e8a613dc477796ef9845562698b9b88aff200aa1df811a95bf19764e64736f6c634300081b0033

Deployed Bytecode

0x608060405234801561001057600080fd5b506004361061002b5760003560e01c80635fe8c13b14610030575b600080fd5b61004a6004803603810190610045919061064f565b610060565b60405161005791906106d3565b60405180910390f35b600061057c565b7f30644e72e131a029b85045b68181585d97816a916871ca8d3c208c16d87cfd478110610098576000805260206000f35b50565b600060405183815284602082015285604082015260408160608360076107d05a03fa9150816100ce576000805260206000f35b825160408201526020830151606082015260408360808360066107d05a03fa9150816100fe576000805260206000f35b505050505050565b600060808601600087017f23782e74ab120e17332feb501bcb3340e46aa66d97d227ce10d3b0d6191f155581527f2549073e43bec0249113913f540b1c803eb0fceb45181b4370b694352b8626d560208201526101a960008801357f2df8f4ffecaca21322387e2814d5cbd3e9ea882b9870155f6a09b4473d4c80797f233b3e0bdba80ff1393fe3ee9d1483adf633903b226771e31fb3305e2774e0fa8461009b565b6101f960208801357f1e069468e84e4443468d989b6fc64820336b165e815f0cce7c344ab64c87acd67f23183180476734a897d90341b322f6226879f47d5705624f625a9f81b12be97c8461009b565b61024860408801357f0b766e26319340b06fb428ab1241f5d2c84220fc609dbbfacda8e85b4c62e8ef7ef6ce3d6de122311ef96a588c41d42a0e8aaabd531dd2bfbbe23d00b3ece1b98461009b565b61029860608801357f13ae53c8f7d53cda6035e94c207c087599487be203a9fded64d9b803843420547f037ec8ba945630f6d6b5387f0a4a130ddd6f216ea478bc08079a6a0d13417eab8461009b565b833582527f30644e72e131a029b85045b68181585d97816a916871ca8d3c208c16d87cfd4760208501357f30644e72e131a029b85045b68181585d97816a916871ca8d3c208c16d87cfd4703066020830152843560408301526020850135606083015260408501356080830152606085013560a08301527f2d4d9aa7e302d9df41749d5507949d05dbea33fbb16c643b22f599a2be6df2e260c08301527f14bedd503c37ceb061d8ec60209fe345ce89830a19230301f076caff004d192660e08301527f0967032fcbf776d1afc985f88877f182d38480a653f2decaa9794cbc3bf3060c6101008301527f0e187847ad4c798374d0d6732bf501847dd68bc0e071241e0213bc7fc13db7ab6101208301527f304cfbd1e08a704a99f5e847d93f8c3caafddec46b7a0d379da69a4d112346a76101408301527f1739c1b1a457a8c7313123d24d2f9192f896b7c63eea05a9d57f06547ad0cec8610160830152600088015161018083015260206000018801516101a08301527f198e9393920d483a7260bfb731fb5d25f1aa493335a9e71297e485b7aef312c26101c08301527f1800deef121f1e76426a00665e5c4479674322d4f75edadd46debd5cd992f6ed6101e08301527f090689d0585ff075ec9e99ad690c3395bc4b313370b38ef355acdadcd122975b6102008301527f12c85ea5db8c6deb4aab71808dcb408fe3d1e7690c43d37b4ce6cc0166fa7daa610220830152853561024083015260208601356102608301527f09633cb521508aaac061ec58387116514b5ca8a5ef113b973dc5947cfd07c22d6102808301527f1a008cf3fb47fe77514ec4146a500e2ea851479d91c6a8286ffae46e737793856102a08301527f2daeaf590139f49f18bea7f56c980627d13b44525c4af2fe0d5e66adfdd09cb26102c08301527f1517928b5d86d1c6fa6d777090519971ea5a5b58173252da0677879848a30c316102e08301526020826103008460086107d05a03fa82518116935050505095945050505050565b60405161038081016040526105946000840135610067565b6105a16020840135610067565b6105ae6040840135610067565b6105bb6060840135610067565b6105c86080840135610067565b6105d5818486888a610106565b8060005260206000f35b600080fd5b600080fd5b600081905082602060020282011115610605576106046105e4565b5b92915050565b600081905082604060020282011115610627576106266105e4565b5b92915050565b600081905082602060040282011115610649576106486105e4565b5b92915050565b600080600080610180858703121561066a576106696105df565b5b6000610678878288016105e9565b94505060406106898782880161060b565b93505060c061069a878288016105e9565b9250506101006106ac8782880161062d565b91505092959194509250565b60008115159050919050565b6106cd816106b8565b82525050565b60006020820190506106e860008301846106c4565b9291505056fea2646970667358221220dbc3ed97e8a613dc477796ef9845562698b9b88aff200aa1df811a95bf19764e64736f6c634300081b0033

Block Transaction Gas Used Reward
view all blocks sequenced

Block Uncle Number Difficulty Gas Used Reward
View All Uncles
Loading...
Loading
Loading...
Loading

Validator Index Block Amount
View All Withdrawals

Transaction Hash Block Value Eth2 PubKey Valid
View All Deposits
[ Download: CSV Export  ]

A contract address hosts a smart contract, which is a set of code stored on the blockchain that runs when predetermined conditions are met. Learn more about addresses in our Knowledge Base.