feat(contract-dev): add working examples of Groth16 verification

[delovoyhomie]

Closes #1840

Summary by CodeRabbit

• Documentation
  • Added a comprehensive guide for verifying upstream Groth16 verifier examples on TON, featuring step-by-step instructions for multiple circuit implementations (Circom, Noname, Gnark, Arkworks).
  • Updated zero-knowledge documentation with references to new Groth16 resources.

[github-actions]

Thanks for the updates to contract-dev/privacy-zk and the docs navigation; I’ve left several suggestions to align the frontmatter, safety guidance, snippet labeling, and sidebar text—please apply the inline suggestions.

[github-actions]

Thanks for expanding the ZK docs; I’ve left several suggestions in contract-dev/privacy-zk/groth16-examples.mdx plus a couple of small navigation and cross-link tweaks—please apply the inline suggestions to align with the content and safety guidelines.

[coderabbitai]

📝 Walkthrough

Walkthrough

This PR introduces a comprehensive tutorial page for running and verifying upstream Groth16 verifier examples on TON, featuring step-by-step flows for four proving stacks (Circom, Noname, Gnark, Arkworks). The zero-knowledge guide is updated with a cross-reference, navigation is restructured to list the new page, and spell-check dictionary entries are added for technical terms.

Changes

Groth16 Examples & ZK Documentation

Layer / File(s)	Summary
Page structure & introduction contract-dev/techniques/groth16-examples.mdx	MDX frontmatter and opening content establish the page title, sidebar configuration, and warn developers to run locally first before considering production setups.
Setup, prerequisites & repository clone contract-dev/techniques/groth16-examples.mdx	Objectives and prerequisites (Node.js, proving stack choice, Blueprint) guide developers; repository clone from zk-ton-examples and local Blueprint sandbox context are explained.
Examples mapping table contract-dev/techniques/groth16-examples.mdx	Reference table maps four circuits (Multiplier, Sudoku, cubic-gnark, MulCircuit) to proving stacks, circuit locations, public outputs, and Blueprint test commands.
Four example implementations contract-dev/techniques/groth16-examples.mdx	Step-by-step instructions for each stack (Circom, Noname, Gnark, Arkworks): setup, proof generation, verifier export via export-ton-verifier, Blueprint testing, expected output snapshots, and gas cost numbers.
Verification conditions & troubleshooting contract-dev/techniques/groth16-examples.mdx	Runtime verification conditions (local snarkjs.groth16.verify, on-chain getVerify* getters, test exit codes), example Tolk code snippet, and remediation steps for export/test/proof mismatches.
Cross-references, navigation & dictionary contract-dev/techniques/zero-knowledge.mdx, docs.json, resources/dictionaries/custom.txt	Updated zero-knowledge Aside with Groth16 examples link; fixed "Useful links" capitalization; added groth16-examples to Contract development → Techniques navigation; extended spell-check with Gnark, Groth16, MulCircuit, subgrids.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

Possibly related PRs

• ton-org/docs#2128: Modifies the same contract-dev/techniques/zero-knowledge.mdx file; this PR adds a Groth16-examples cross-reference and capitalization fix while the related PR involves extensive reformatting of the same guide.

Suggested labels

3p

Suggested reviewers

• aigerimu

Poem

🐰 A rabbit hops through zero-knowledge gates,
Four circuits prove their cryptographic states,
From Circom's logic to Arkworks' design,
Groth16 verifies—now TON contracts shine! ✨

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Linked Issues check	✅ Passed	The PR successfully implements all coding requirements from issue #1840: provides Groth16 verification examples, creates documentation page referencing circuits, and incorporates zk-ton-examples repository examples.
Out of Scope Changes check	✅ Passed	All changes are directly scoped to implementing Groth16 verification examples; minor dictionary and documentation updates are incidental to the main objective.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Title check	✅ Passed	The title directly and clearly summarizes the main change: adding working examples of Groth16 verification, which is the primary content of the pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

📝 Generate docstrings

• Create stacked PR
• Commit on current branch

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch Groth16-examples

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

♻️ Duplicate comments (2)

contract-dev/privacy-zk/groth16-examples.mdx (2)

53-65: ⚠️ Potential issue | 🟠 Major | ⚡ Quick win

Add a safety warning about the test-only entropy in the trusted setup commands.

Lines 57 and 60 use hard-coded "some random text" for entropy contributions. Readers who copy-paste these commands for production use will create an insecure trusted setup that allows proof forgery.

Add a caution block before the commands

+<Aside type="caution" title="Test-only setup">
+  The commands below use weak entropy (`"some random text"`) suitable only for local testing.
+  For production, use high-entropy sources and participate in a multi-party ceremony.
+</Aside>
+
 ```bash
 cd circuits/Multiplier

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@contract-dev/privacy-zk/groth16-examples.mdx` around lines 53 - 65, Add a
clear caution block before the setup commands warning that the hard-coded
entropy string "some random text" in the npx snarkjs powersoftau contribute and
npx snarkjs zkey contribute commands is for tests only and must not be used in
production; instruct readers to supply secure, high-entropy randomness (e.g.,
use a secure RNG, OS-provided entropy, or explicit interactive/random-file
contribution) and never reuse weak or copy-pasted entropy for trusted-setup
contributions, and mention that using test-only entropy makes the ceremony
insecure and enables proof forgery.

---

44-46: ⚠️ Potential issue | 🟠 Major | ⚡ Quick win

Use type="caution" for environment warnings when examples involve fund transfers.

Line 174 shows a sendVerify call with value: toNano('0.15'), which transfers TON. Environment separation is a safety concern, not a tip, when fund movement is involved.

Suggested fix

-<Aside type="tip">
+<Aside type="caution" title="Run in sandbox or testnet">
   This page follows the upstream Tolk verifier tests and runs locally in the Blueprint sandbox, not on TON mainnet.
 </Aside>

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@contract-dev/privacy-zk/groth16-examples.mdx` around lines 44 - 46, The Aside
currently uses type="tip" but the example includes a sendVerify call that
transfers funds (sendVerify with value: toNano('0.15')), so change the Aside
component's type from "tip" to "caution" and update its text to clearly flag the
environment and fund-transfer risk; locate the Aside instance surrounding the
verifier example and the sendVerify usage to make this change (search for Aside
and the sendVerify / toNano('0.15') symbols).

🧹 Nitpick comments (1)

contract-dev/privacy-zk/groth16-examples.mdx (1)

82-83: ⚡ Quick win

Move placeholder definitions before their first use.

Line 83 uses <SOLUTION_JSON> and <GRID_JSON>, but their definitions don't appear until lines 96-99. Readers encounter undefined placeholders and must scroll down to understand what they mean.

Reorder the content

Move lines 96-99 to appear immediately before line 82, or integrate them into an Aside above the command block:

<Aside>
  Before running `noname run`, prepare two JSON files:
  
  - `<SOLUTION_JSON>` — the private solved grid in the format expected by `circuits/Sudoku/src/main.no`
  - `<GRID_JSON>` — the public partially filled grid in the format expected by `circuits/Sudoku/src/main.no`
</Aside>

```bash
cd circuits/Sudoku
noname check
noname run --backend r1cs-bls12-381 --private-inputs '<SOLUTION_JSON>' --public-inputs '<GRID_JSON>'

Also applies to: 96-99

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@contract-dev/privacy-zk/groth16-examples.mdx` around lines 82 - 83, Place the
placeholder definitions for <SOLUTION_JSON> and <GRID_JSON> before they are used
in the `noname run` example: move the existing descriptive lines about those
placeholders (the definitions currently at lines 96-99) to immediately above the
`noname check` / `noname run` block or wrap them as an Aside right above that
command so readers see what `<SOLUTION_JSON>` and `<GRID_JSON>` mean before
encountering `noname run --backend r1cs-bls12-381 --private-inputs
'<SOLUTION_JSON>' --public-inputs '<GRID_JSON>'`.

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Duplicate comments:
In `@contract-dev/privacy-zk/groth16-examples.mdx`:
- Around line 53-65: Add a clear caution block before the setup commands warning
that the hard-coded entropy string "some random text" in the npx snarkjs
powersoftau contribute and npx snarkjs zkey contribute commands is for tests
only and must not be used in production; instruct readers to supply secure,
high-entropy randomness (e.g., use a secure RNG, OS-provided entropy, or
explicit interactive/random-file contribution) and never reuse weak or
copy-pasted entropy for trusted-setup contributions, and mention that using
test-only entropy makes the ceremony insecure and enables proof forgery.
- Around line 44-46: The Aside currently uses type="tip" but the example
includes a sendVerify call that transfers funds (sendVerify with value:
toNano('0.15')), so change the Aside component's type from "tip" to "caution"
and update its text to clearly flag the environment and fund-transfer risk;
locate the Aside instance surrounding the verifier example and the sendVerify
usage to make this change (search for Aside and the sendVerify / toNano('0.15')
symbols).

---

Nitpick comments:
In `@contract-dev/privacy-zk/groth16-examples.mdx`:
- Around line 82-83: Place the placeholder definitions for <SOLUTION_JSON> and
<GRID_JSON> before they are used in the `noname run` example: move the existing
descriptive lines about those placeholders (the definitions currently at lines
96-99) to immediately above the `noname check` / `noname run` block or wrap them
as an Aside right above that command so readers see what `<SOLUTION_JSON>` and
`<GRID_JSON>` mean before encountering `noname run --backend r1cs-bls12-381
--private-inputs '<SOLUTION_JSON>' --public-inputs '<GRID_JSON>'`.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 185007b0-9d2d-4299-8e53-497f68e588eb

📥 Commits

Reviewing files that changed from the base of the PR and between 45160fd and aed69b3.

📒 Files selected for processing (4)

• contract-dev/privacy-zk/groth16-examples.mdx
• contract-dev/zero-knowledge.mdx
• docs.json
• resources/dictionaries/custom.txt

[novusnota]

Neat, thanks!