first exercise

.gitignore

@@ -0,0 +1,8 @@
+node_modules
+witness.json
+verification_key.json
+proving_key.json
+input.json
+proof.json
+public.json
+circuit.json

.gitmodules

@@ -0,0 +1,3 @@
+[submodule "circomlib"]
+	path = circomlib
+	url = https://github.com/iden3/circomlib

1_simple_arithmetic/generate_circuit_input.js

@@ -0,0 +1,19 @@
+const fs = require("fs");
+
+var a = 2;
+var b = 4;
+var c = 6;
+var d = 24;
+
+const inputs = {
+    "a": a,
+    "b": b,
+    "c": c,
+    "d": d
+}
+
+fs.writeFileSync(
+    "./input.json",
+    JSON.stringify(inputs),
+    "utf-8"
+);

1_simple_arithmetic/sample_circuit.circom

@@ -0,0 +1,23 @@
+template SimpleChecks(k) {
+    signal private input a[k];
+    signal private input b[k];
+    signal input c[k];
+    signal private input d[k];
+    signal output out;
+
+    var sum = 0;
+    for (var i = 0; i < k; i++){
+        // force a + b = c
+        a[i] + b[i] === c[i];
+
+        // force b * c = d
+        b[i] * c[i] === d[i];
+
+        // add up c and d arrays
+        sum = sum + c[i] + d[i];
+    }
+    // output sum of c and d arrays
+    out <== sum;
+}
+
+component main = SimpleChecks(4);

README.md

@@ -3,6 +3,7 @@ This is a [circom](https://github.com/iden3/circom) and [snarkjs](https://github
 
 (Created for [IC3 2019](https://www.initc3.org/) and inspired by [GuthL's rollup circom tutorial](https://github.com/GuthL/roll_up_circom_tutorial).)
 
+![](https://i.imgur.com/x1tDlfD.png)
 
 ## Setting up this tutorial
 0. We are using `node v10.16.0`, which you can possibly install using [nvm](https://github.com/nvm-sh/nvm/blob/master/README.md)
@@ -12,6 +13,79 @@ This is a [circom](https://github.com/iden3/circom) and [snarkjs](https://github
 
 ## Exercises
 ### Simple arithmetic constraints
+`cd 1_simple_arithmetic`
+
+This is a contrived example to familiarise ourselves with the syntax of `circom` and how it works with `snarkjs`.
+
+Let's write a circuit to check:
+- that the sum of two private inputs `a + b` is equal to a public input `c`;
+- that the product `b * c` is equal to private input `d`;
+
+Create a new file named `circuit.circom` with the following content:
+```
+template SimpleChecks() {
+    signal private input a;
+    signal private input b;
+    signal input c;
+    signal private input d;
+    signal output out;
+    
+    // force a + b = c
+    a + b === c;
+
+    // force b * c = d
+    // fill this in
+
+    // output c + d
+    out <== c + d;
+}
+
+component main = SimpleChecks();
+```
+NB: there's a circom syntax highlighter in VS code! otherwise one can make do with `C#` highlighting.
+TODO: replace if loops with comparator
+
+Compile your circuit `circom circuit.circom -o circuit.json`.
+
+Generate your input `node generate_circuit_input.json` (generates `input.json`).
+
+Calculate the witness `snarkjs calculatewitness -c circuit.json -i input.json`. This generates `witness.json`.
+
+Perform the trusted setup to get your `proving_key.json` and `verification_key.json`: `snarkjs setup -c circuit.json --protocol groth`.
+
+Generate the proof `snarkjs proof -w witness.json --pk proving_key.json`. This generates `proof.json` and `public.json`.
+
+Verify the proof `snarkjs verify`. 
+
+#### Challenge
+Modify the circuit and input to take in length-4 arrays of `a`, `b`, `c`, and `d`, and perform the checks in a `for` loop. Output the sums of `c` and `d` arrays. To get you started:
+
+```
+template SimpleChecks(k) {
+    signal private input a[k];
+    signal private input b[k];
+    signal input c[k];
+    signal private input d[k];
+    signal output out;
+    
+    var sum = 0;
+    for (var i = 0; i < k; i++){
+        // force a + b = c
+        a[i] + b[i] === c[i];
+
+        // force b * c = d
+        // fill this in
+
+        // add up c and d arrays
+        // use the variable 'sum' defined outside the for loop
+    }
+    // output sum of c and d arrays
+    out <== sum;
+}
+
+component main = SimpleChecks(4);
+```
+
 
 ### Verifying an EdDSA signature