You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

232 lines
12 KiB

6 years ago
6 years ago
6 years ago
6 years ago
  1. /***************************************************************************************************
  2. SMTProcessor: Sparse Merkle Tree processor is a component to verify an insert/update/delete elements
  3. into the Sparse Merkle tree.
  4. Insert to an empty leaf
  5. =======================
  6. STATE OLD STATE NEW STATE
  7. ===== ========= =========
  8. oldRoot newRoot
  9. ▲ ▲
  10. │ │
  11. ┌───────┐ ┏━━━┻━━━┓ ┌───────┐ ┏━━━┻━━━┓
  12. top │Sibling├────▶┃ Hash ┃◀─┐ │Sibling├────▶┃ Hash ┃◀─┐
  13. └───────┘ ┗━━━━━━━┛ │ └───────┘ ┗━━━━━━━┛ │
  14. │ │
  15. │ │
  16. ┏━━━┻━━━┓ ┌───────┐ ┏━━━┻━━━┓ ┌───────┐
  17. top ┌─────▶┃ Hash ┃◀──┤Sibling│ ┌─────▶┃ Hash ┃◀──┤Sibling│
  18. │ ┗━━━━━━━┛ └───────┘ │ ┗━━━━━━━┛ └───────┘
  19. │ │
  20. │ │
  21. ┌───────┐ ┏━━━┻━━━┓ ┌───────┐ ┏━━━┻━━━┓
  22. top │Sibling├──▶┃ Hash ┃◀─────┐ │Sibling├──▶┃ Hash ┃◀─────┐
  23. └───────┘ ┗━━━━━━━┛ │ └───────┘ ┗━━━━━━━┛ │
  24. │ │
  25. │ │
  26. ┌────┴────┐ ┌────┴────┐
  27. old0 │ 0 │ │New1Leaf │
  28. └─────────┘ └─────────┘
  29. ┏━━━━━━━┓ ┏━━━━━━━┓
  30. na ┃ Hash ┃ ┃ Hash ┃
  31. ┗━━━━━━━┛ ┗━━━━━━━┛
  32. ┏━━━━━━━┓ ┏━━━━━━━┓
  33. na ┃ Hash ┃ ┃ Hash ┃
  34. ┗━━━━━━━┛ ┗━━━━━━━┛
  35. Insert to a used leaf.
  36. =====================
  37. STATE OLD STATE NEW STATE
  38. ===== ========= =========
  39. oldRoot newRoot
  40. ▲ ▲
  41. │ │
  42. ┌───────┐ ┏━━━┻━━━┓ ┌───────┐ ┏━━━┻━━━┓
  43. top │Sibling├────▶┃ Hash ┃◀─┐ │Sibling├────▶┃ Hash ┃◀─┐
  44. └───────┘ ┗━━━━━━━┛ │ └───────┘ ┗━━━━━━━┛ │
  45. │ │
  46. │ │
  47. ┏━━━┻━━━┓ ┌───────┐ ┏━━━┻━━━┓ ┌───────┐
  48. top ┌─────▶┃ Hash ┃◀──┤Sibling│ ┌─────▶┃ Hash ┃◀──┤Sibling│
  49. │ ┗━━━━━━━┛ └───────┘ │ ┗━━━━━━━┛ └───────┘
  50. │ │
  51. │ │
  52. ┌───────┐ ┏━━━┻━━━┓ ┌───────┐ ┏━━━┻━━━┓
  53. top │Sibling├──▶┃ Hash ┃◀─────┐ │Sibling├──▶┃ Hash ┃◀─────┐
  54. └───────┘ ┗━━━━━━━┛ │ └───────┘ ┗━━━━━━━┛ │
  55. │ │
  56. │ │
  57. ┌────┴────┐ ┏━━━┻━━━┓ ┌───────┐
  58. bot │Old1Leaf │ ┌─────▶┃ Hash ┃◀──┼─ 0 │
  59. └─────────┘ │ ┗━━━━━━━┛ └───────┘
  60. ┏━━━━━━━┓ ┌───────┐ ┏━━━┻━━━┓
  61. bot ┃ Hash ┃ │ 0 ─┼──▶┃ Hash ┃◀─────┐
  62. ┗━━━━━━━┛ └───────┘ ┗━━━━━━━┛ │
  63. ┏━━━━━━━┓ ┏━━━┻━━━┓ ┌───────┐
  64. bot ┃ Hash ┃ ┌─────▶┃ Hash ┃◀──│ 0 │
  65. ┗━━━━━━━┛ │ ┗━━━━━━━┛ └───────┘
  66. ┏━━━━━━━┓ ┌─────────┐ ┏━━━┻━━━┓ ┌─────────┐
  67. new1 ┃ Hash ┃ │Old1Leaf ├──▶┃ Hash ┃◀──│New1Leaf │
  68. ┗━━━━━━━┛ └─────────┘ ┗━━━━━━━┛ └─────────┘
  69. ┏━━━━━━━┓ ┏━━━━━━━┓
  70. na ┃ Hash ┃ ┃ Hash ┃
  71. ┗━━━━━━━┛ ┗━━━━━━━┛
  72. ┏━━━━━━━┓ ┏━━━━━━━┓
  73. na ┃ Hash ┃ ┃ Hash ┃
  74. ┗━━━━━━━┛ ┗━━━━━━━┛
  75. Fnction
  76. fnc[0] fnc[1]
  77. 0 0 NOP
  78. 0 1 UPDATE
  79. 1 0 INSERT
  80. 1 1 DELETE
  81. ***************************************************************************************************/
  82. include "../gates.circom";
  83. include "../bitify.circom";
  84. include "../comparators.circom";
  85. include "../switcher.circom";
  86. include "smtlevins.circom";
  87. include "smtprocessorlevel.circom";
  88. include "smtprocessorsm.circom";
  89. include "smthash.circom";
  90. template SMTProcessor(nLevels) {
  91. signal input oldRoot;
  92. signal input newRoot;
  93. signal input siblings[nLevels];
  94. signal input oldKey;
  95. signal input oldValue;
  96. signal input isOld0;
  97. signal input newKey;
  98. signal input newValue;
  99. signal input fnc[2];
  100. signal enabled;
  101. enabled <== fnc[0] + fnc[1] - fnc[0]*fnc[1]
  102. component hash1Old = SMTHash1();
  103. hash1Old.key <== oldKey;
  104. hash1Old.value <== oldValue;
  105. component hash1New = SMTHash1();
  106. hash1New.key <== newKey;
  107. hash1New.value <== newValue;
  108. component n2bOld = Num2Bits_strict();
  109. component n2bNew = Num2Bits_strict();
  110. n2bOld.in <== oldKey;
  111. n2bNew.in <== newKey;
  112. component smtLevIns = SMTLevIns(nLevels);
  113. for (var i=0; i<nLevels; i++) smtLevIns.siblings[i] <== siblings[i];
  114. smtLevIns.enabled <== enabled;
  115. component xors[nLevels];
  116. for (var i=0; i<nLevels; i++) {
  117. xors[i] = XOR();
  118. xors[i].a <== n2bOld.out[i];
  119. xors[i].b <== n2bNew.out[i];
  120. }
  121. component sm[nLevels];
  122. for (var i=0; i<nLevels; i++) {
  123. sm[i] = SMTProcessorSM();
  124. if (i==0) {
  125. sm[i].prev_top <== enabled;
  126. sm[i].prev_old0 <== 0;
  127. sm[i].prev_bot <== 0;
  128. sm[i].prev_new1 <== 0;
  129. sm[i].prev_na <== 1-enabled;
  130. sm[i].prev_upd <== 0;
  131. } else {
  132. sm[i].prev_top <== sm[i-1].st_top;
  133. sm[i].prev_old0 <== sm[i-1].st_old0;
  134. sm[i].prev_bot <== sm[i-1].st_bot;
  135. sm[i].prev_new1 <== sm[i-1].st_new1;
  136. sm[i].prev_na <== sm[i-1].st_na;
  137. sm[i].prev_upd <== sm[i-1].st_upd;
  138. }
  139. sm[i].is0 <== isOld0;
  140. sm[i].xor <== xors[i].out;
  141. sm[i].fnc[0] <== fnc[0];
  142. sm[i].fnc[1] <== fnc[1];
  143. sm[i].levIns <== smtLevIns.levIns[i];
  144. }
  145. sm[nLevels-1].st_na === 1;
  146. component levels[nLevels];
  147. for (var i=nLevels-1; i != -1; i--) {
  148. levels[i] = SMTProcessorLevel();
  149. levels[i].st_top <== sm[i].st_top;
  150. levels[i].st_old0 <== sm[i].st_old0;
  151. levels[i].st_bot <== sm[i].st_bot;
  152. levels[i].st_new1 <== sm[i].st_new1;
  153. levels[i].st_na <== sm[i].st_na;
  154. levels[i].st_upd <== sm[i].st_upd;
  155. levels[i].sibling <== siblings[i];
  156. levels[i].old1leaf <== hash1Old.out;
  157. levels[i].new1leaf <== hash1New.out;
  158. levels[i].newlrbit <== n2bNew.out[i];
  159. if (i==nLevels-1) {
  160. levels[i].oldChild <== 0;
  161. levels[i].newChild <== 0;
  162. } else {
  163. levels[i].oldChild <== levels[i+1].oldRoot;
  164. levels[i].newChild <== levels[i+1].newRoot;
  165. }
  166. }
  167. component topSwitcher = Switcher();
  168. topSwitcher.sel <== fnc[0]*fnc[1];
  169. topSwitcher.L <== levels[0].oldRoot;
  170. topSwitcher.R <== levels[0].newRoot;
  171. topSwitcher.outL === oldRoot*enabled;
  172. topSwitcher.outR === newRoot*enabled;
  173. // Ckeck keys are equal if updating
  174. component areKeyEquals = IsEqual();
  175. areKeyEquals.in[0] <== oldKey;
  176. areKeyEquals.in[1] <== newKey;
  177. component keysOk = MultiAND(3);
  178. keysOk.in[0] <== 1-fnc[0];
  179. keysOk.in[1] <== fnc[1];
  180. keysOk.in[2] <== 1-areKeyEquals.out;
  181. keysOk.out === 0;
  182. }