Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

QuotaExceededError for random bytes when verifying zkey or ptau file #389

Open
Scratch-net opened this issue Jun 25, 2023 · 2 comments
Open

QuotaExceededError for random bytes when verifying zkey or ptau file #389

Scratch-net opened this issue Jun 25, 2023 · 2 comments

Comments

@Scratch-net
Copy link

Scratch-net commented Jun 25, 2023
edited
Loading

SnarkJS 0.7 produces this error. Previous version didn't
BN128, Groth16, official ptau 2**18

snarkjs powersoftau verify powersOfTau28_hez_final_18.ptau

...
[INFO]  snarkJS: Powers Of tau file OK!
[DEBUG] snarkJS: Verifying powers in tau*G1 section
[DEBUG] snarkJS: points relations: tauG1: 0/524287
[ERROR] snarkJS: DOMException [QuotaExceededError]: The requested length exceeds 65,536 bytes
    at new DOMException (node:internal/per_context/domexception:53:5)
    at __node_internal_ (node:internal/util:663:10)
    at Crypto.getRandomValues (node:internal/crypto/random:328:11)
    at Crypto.getRandomValues (node:internal/crypto/webcrypto:1000:10)
    at getRandomBytes (/home//.nvm/versions/node/v20.3.0/lib/node_modules/snarkjs/build/cli.cjs:285:27)

snarkjs zkey verify circuit.r1cs powersOfTau28_hez_final_18.ptau circuit_final.zkey

[ERROR] snarkJS: DOMException [QuotaExceededError]: The requested length exceeds 65,536 bytes
    at new DOMException (node:internal/per_context/domexception:53:5)
    at __node_internal_ (node:internal/util:663:10)
    at Crypto.getRandomValues (node:internal/crypto/random:328:11)
    at Crypto.getRandomValues (node:internal/crypto/webcrypto:1000:10)
    at getRandomBytes (/home//.nvm/versions/node/v20.3.0/lib/node_modules/snarkjs/build/cli.cjs:285:27)
    at sectionHasSameRatio (/home//.nvm/versions/node/v20.3.0/lib/node_modules/snarkjs/build/cli.cjs:4768:29)
    at async phase2verifyFromInit (/home//.nvm/versions/node/v20.3.0/lib/node_modules/snarkjs/build/cli.cjs:4716:10)
    at async phase2verifyFromR1cs (/home//.nvm/versions/node/v20.3.0/lib/node_modules/snarkjs/build/cli.cjs:4960:12)
    at async Object.zkeyVerifyFromR1cs [as action] (/home//.nvm/versions/node/v20.3.0/lib/node_modules/snarkjs/build/cli.cjs:13442:17)
    at async clProcessor (/home//.nvm/versions/node/v20.3.0/lib/node_modules/snarkjs/build/cli.cjs:481:27)

It requests 260k+ random bytes which is a bit weird
@phated
Copy link
Contributor

phated commented Jun 25, 2023

This function now prefers the Crypto APIs instead of the nodejs APIs, so maybe there is a hard limit specified by that API (or maybe nodejs has a bug).

We might need to do something to prefer node API but that causes problems with the browser.

@Scratch-net
Copy link
Author

Yes, getRandomValues() has a hard limit for 65k bytes as per doc.
Maybe just split random bytes generation in 65k chunks or use some stream cipher

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@phated @Scratch-net