You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

79 lines
2.7 KiB

  1. /*
  2. # deposit.circom
  3. +----------+
  4. | |
  5. PRI_secret+--------->+ Poseidon +<----+PUB_key
  6. | | | +
  7. | +----------+ | +----------+
  8. | nullifier | | +<------+PUB_rootOld
  9. | + | | |
  10. | | | | +<------+PUB_rootNew
  11. | v | | SMT |
  12. | +----+-----+ +---->+ Poseidon +<------+PRI_oldKey
  13. +--------->+ | | Verifier |
  14. | +-----+------->+ (insert) +<------+PRI_oldValue
  15. PUB_coinCode+------->+ Poseidon | | | |
  16. | | | | +<------+PRI_isOld0
  17. PUB_amount+--------->+ | | | |
  18. +----------+ | | +<------+PRI_siblings
  19. | +----------+
  20. |
  21. |
  22. |
  23. |
  24. +----+ |
  25. PUB_commitment+----> == +<------------+
  26. +----+
  27. */
  28. include "../node_modules/circomlib/circuits/comparators.circom";
  29. include "../node_modules/circomlib/circuits/poseidon.circom";
  30. include "../node_modules/circomlib/circuits/smt/smtprocessor.circom";
  31. template Deposit(nLevels) {
  32. signal input coinCode;
  33. signal input amount;
  34. signal private input secret;
  35. signal private input oldKey;
  36. signal private input oldValue;
  37. signal private input isOld0;
  38. signal private input siblings[nLevels];
  39. signal input rootOld;
  40. signal input rootNew;
  41. signal input commitment;
  42. signal input key;
  43. component nullifierCmp = Poseidon(2, 6, 8, 57);
  44. nullifierCmp.inputs[0] <== key;
  45. nullifierCmp.inputs[1] <== secret;
  46. component hash = Poseidon(4, 6, 8, 57);
  47. hash.inputs[0] <== coinCode;
  48. hash.inputs[1] <== amount;
  49. hash.inputs[2] <== secret;
  50. hash.inputs[3] <== nullifierCmp.out; // nullifier
  51. component comCheck = IsEqual();
  52. comCheck.in[0] <== hash.out;
  53. comCheck.in[1] <== commitment;
  54. comCheck.out === 1;
  55. component smtProcessor = SMTProcessor(nLevels);
  56. smtProcessor.oldRoot <== rootOld;
  57. smtProcessor.newRoot <== rootNew;
  58. for (var i=0; i<nLevels; i++) {
  59. smtProcessor.siblings[i] <== siblings[i];
  60. }
  61. smtProcessor.oldKey <== oldKey;
  62. smtProcessor.oldValue <== oldValue;
  63. smtProcessor.isOld0 <== isOld0;
  64. smtProcessor.newKey <== key;
  65. smtProcessor.newValue <== hash.out;
  66. smtProcessor.fnc[0] <== 1;
  67. smtProcessor.fnc[1] <== 0;
  68. }