swanky provides a suite of rust libraries for doing secure computation.

These libraries are broken into two categories: core and edge.

Core crates are maintained, documented, and tested. If you want to build off a stable foundation of Swanky, then consider building off the core crates. Note that, even the core crates are still research software that shouldn't be deployed to production or trusted with sensitive data. (See "A note on security" below.)

Edge crates may have less extensive testing and documentation than the core crates, and have a lesser stability guarantee.

• vectoreyes: Cross-platform SIMD types and functions

• bristol-fashion: A parser for Bristol Fashion circuits.
• diet-mac-and-cheese: A diet version of the Mac'n'Cheese protocol
• fancy-garbling: A library for boolean and arithmetic garbling
• humidor: A test-bed for Ligero-like protocols
• inferno: An implementation of the Limbo zero knowledge proof protocol
• keyed_arena: Bump allocator which allows for random access to its allocations
• mac-n-cheese-compiler: A tool to compile a zero knowledge circuit to the mac n'cheese IR
• mac-n-cheese-event-log: Utilities to define metrics for mac n'cheese
• mac-n-cheese-inspector: A tool to inspect mac n'cheese IR files
• mac-n-cheese-ir: The definition of the mac n'cheese IR
• mac-n-cheese-runner: A tool to proof mac n'cheese IR files in zero-knowledge
• mac-n-cheese-sieve-parser: A parser for SIEVE IR (a zero knoweldge proof circuit format)
• mac-n-cheese-vole: An implementation of Vector Oblivious Linear Evaluation
• mac-n-cheese-wire-map: An implementation of a sparse array
• popsicle: A library for private set intersection
• schmivitz: A library for zero-knowledge protocols using VOLE-in-the-head
• simple-arith-circuit: Simple arithmetic circuit library
• swanky-adversary: Traits describing MPC adversaries.
• swanky-aes-hash: Correlation-robust hashing based on fixed-key AES.
• swanky-aes-rng: A random number generator based on AES-CTR.
• swanky-authenticated-bits: Authenticated bits, shares, and AND triples
• swanky-bit-matrix-transpose: Transpose a bit matrix
• swanky-block: 128-, 256-, and 512-bit data blocks.
• swanky-bytearray-utils: Functions for working with bits and bytearrays.
• swanky-channel: A channel abstraction to let users avoid manual flushing
• swanky-channel-legacy: A (legacy) channel abstraction; use swanky-channel for new code!
• swanky-cointoss: A simple coin-tossing protocol.
• swanky-deprecated-bitwise-utils: [DEPRECATED] Old bitwise utilities from ocelot
• swanky-f-eq: Two-party functionality for checking equality of inputs in an oblivious manner.
• swanky-field: Definitions of the core FiniteField and FiniteRing traits
• swanky-field-binary: Binary finite (extension) fields
• swanky-field-f61p: An implementation of GF(2^61-1)
• swanky-field-ff-primes: Finite field implementations for large prime fields
• swanky-field-fft: FFT implementations for finite fields
• swanky-field-test: Utilitites for testing correctness of finite field implementations
• swanky-flatbuffer-build: Tooling to automate compiling flatbuffer schemas
• swanky-ocelot-error: [DEPRECATED] An error type used by crates formerly contained in ocelot
• swanky-oprf-kkrt: An implementation of the kkrt OPRF protocol
• swanky-oprf-kmprt: An implementation of the KMPRT OPRF protocol
• swanky-oprf-traits: Base traits impl-ed by all our OPRF implementations
• swanky-ot-alsz-kos: Oblivious transfer implementations for the ALSZ and KOS protocols
• swanky-ot-chou-orlandi: An implementation of the Chou-Orlandi OT protocol
• swanky-ot-dummy: Implementation of an insecure OT protocol for testing purposes
• swanky-ot-noar-pinkas: An implementation of the Noar-Pinkas OT protocol
• swanky-ot-test: Testing utilities for oblivious transfer protocols
• swanky-ot-traits: Base traits for Obliivious Transfer protocols
• swanky-party: Support for types indexed by a party.
• swanky-polynomial: Support for various representations of polynomials over finite fields
• swanky-serialization: Traits and utilities for compact serialization into a canonical byte representation
• swanky-svole-wykw: An implementation of the WYKW svole protocol
• web-mac-n-cheese-wasm: Web Mac'n'Cheese, the wasm part
• web-mac-n-cheese-websocket: Web Mac'n'Cheese, the websocket part
• zkv: Zero knowledge proofs for verilog files generated using saw / abc

2024-02-09 Projection gates in arithmetic garbled circuits have a proven security vulnerability in their design. The issue affects the fancy-garbling library and its dependencies (including popsicle). We are currently investigating the impact this bug has on Arithmetic Garbling (CRT) in swanky.

swanky is currently research software. Do not deploy it in production, or trust it with sensitive data.

Please reach out to us at [email protected] if you're interested in using Swanky in a production setting.

The preferred way to use swanky is to fork this monorepo, and add your code to your fork. This approach makes it easy for your code to inherit the configuration of the swanky repo.

It is also possible to use swanky as traditional Rust crates. The downside of this approach is that you won't automatically get the configuration of the swanky repo. swanky is only tested against the pinned rust version in the repository and the pinned dependency versions.

To use a swanky crate in your project, add the following line to the [dependencies] entry in Cargo.toml:

<crate-name> = { git = "https://github.com/GaloisInc/swanky", rev = "xxxxxx" }

where <crate-name> is one of the crates listed above and rev is the particular revision to use.

Note: As swanky is currently considered prototype software, it is best to pin a particular revision of swanky, as there is no guarantee that future versions of swanky will maintain backwards compatibility.

It is also advisable to copy over swanky's .cargo/config file, and to enable LTO in your release builds (lto = true in your Cargo.toml file).

To compile Swanky, you should install and use Rust via rustup. The swanky repo will direct rustup to use the correct version of Rust.

The ./swanky tool automates some tasks in the codebase. For example, ./swanky lint will run the Swanky linting checks. In order to use this tool, you need to install the Nix package manager. You'll also need a python3 installation (no packages other than the standard library are required).

If you use swanky in your academic paper, please cite it as follows:

@misc{swanky,
    author = {{Galois, Inc.}},
    title = {{swanky}: A suite of rust libraries for secure computation},
    howpublished = {\url{https://github.com/GaloisInc/swanky}},
    year = 2019,
}

MIT License

You can contact the swanky team at [email protected].

This material is based upon work supported in part by ARO, SSC Pacific, IARPA and DARPA under Contract Nos. W911NF-15-C-0227, N66001-15-C-4070, 2019-1902070006, and HR001120C0085.

Any opinions, findings and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect the views of the ARO, SSC Pacific, IARPA and DARPA. Distribution Statement ``A'' (Approved for Public Release, Distribution Unlimited).

Copyright © 2019-2024 Galois, Inc.