You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

237 lines
8.6 KiB

  1. const DepositVerifier = artifacts.require("../build/DepositVerifier");
  2. const WithdrawVerifier = artifacts.require("../build/WithdrawVerifier");
  3. const Miksi = artifacts.require("../build/Miksi.sol");
  4. const chai = require("chai");
  5. const expect = chai.expect;
  6. const truffleAssert = require('truffle-assertions');
  7. const fs = require("fs");
  8. const { groth } = require('snarkjs');
  9. const { stringifyBigInts, unstringifyBigInts } = require('ffjavascript').utils;
  10. const Fr = require("ffjavascript").bn128.Fr;
  11. const WitnessCalculatorBuilder = require("circom_runtime").WitnessCalculatorBuilder;
  12. const circomlib = require("circomlib");
  13. const smt = require("circomlib").smt;
  14. let insVerifier;
  15. let insMiksi;
  16. const nLevels = 4;
  17. const secret = ["1234567890", "987654321", "123"];
  18. const coinCode = "0"; // refearing to ETH
  19. const ethAmount = '1';
  20. const amount = web3.utils.toWei(ethAmount, 'ether');
  21. const nullifier = ["0", "0", "0"];
  22. let commitment = [];
  23. let tree;
  24. let currKey=0;
  25. let proofs = [];
  26. contract("miksi", (accounts) => {
  27. const {
  28. 0: owner,
  29. 1: addr1, // used for the deposit
  30. 2: addr2, // used for the withdraw
  31. 3: addr3,
  32. 4: addr4,
  33. } = accounts;
  34. before(async () => {
  35. insDepositVerifier = await DepositVerifier.new();
  36. insWithdrawVerifier = await WithdrawVerifier.new();
  37. insMiksi = await Miksi.new(insDepositVerifier.address, insWithdrawVerifier.address);
  38. });
  39. before(async() => {
  40. let balance_wei = await web3.eth.getBalance(addr1);
  41. // console.log("Balance at " + addr1, web3.utils.fromWei(balance_wei, 'ether'));
  42. expect(balance_wei).to.be.equal('100000000000000000000');
  43. tree = await smt.newMemEmptyTrie();
  44. await tree.insert(currKey, 0);
  45. expect(tree.root.toString()).to.be.equal('7191590165524151132621032034309259185021876706372059338263145339926209741311');
  46. });
  47. it("Make first deposit", async () => {
  48. nullifier[0] = await makeDeposit(secret[0], addr1);
  49. balance_wei = await web3.eth.getBalance(addr1);
  50. // console.log("Balance at " + addr1, web3.utils.fromWei(balance_wei, 'ether'));
  51. // expect(balance_wei).to.be.equal('98993526980000000000');
  52. });
  53. it("Make second deposit", async () => {
  54. nullifier[1] = await makeDeposit(secret[1], addr3);
  55. });
  56. it("Make 3rd deposit", async () => {
  57. nullifier[2] = await makeDeposit(secret[2], addr3);
  58. });
  59. it("Get the commitments data & rebuild the tree", async () => {
  60. // get the commitments data
  61. let res = await insMiksi.getCommitments();
  62. expect(res[1].toString()).to.be.equal(tree.root.toString());
  63. let commitmentsArray = res[0];
  64. currKey = res[2];
  65. // rebuild the tree
  66. let treeTmp = await smt.newMemEmptyTrie();
  67. await treeTmp.insert(0, 0);
  68. for (let i=0; i < commitmentsArray.length; i++) {
  69. await treeTmp.insert(i+1, commitmentsArray[i]);
  70. }
  71. expect(treeTmp.root).to.be.equal(tree.root);
  72. });
  73. it("Calculate witness and generate the zkProof", async () => {
  74. proofs[0] = await genWithdrawZKProof(secret[0], nullifier[0], addr2, "1");
  75. proofs[1] = await genWithdrawZKProof(secret[1], nullifier[1], addr4, "2");
  76. proofs[2] = await genWithdrawZKProof(secret[2], nullifier[2], addr4, "3");
  77. });
  78. it("Try to use the zkProof with another address and get revert", async () => {
  79. // console.log("Try to reuse the zkproof and expect revert");
  80. await truffleAssert.fails(
  81. withdrawSC(nullifier[0], addr1, proofs[0]),
  82. truffleAssert.ErrorType.REVERT,
  83. "zkProof withdraw could not be verified"
  84. );
  85. });
  86. it("Withdraw 1 ETH with the zkProof of the 1st deposit to addr2", async () => {
  87. // withdraw
  88. // console.log("Withdraw of " + ethAmount + " ETH to " + addr2);
  89. let resW = await withdrawSC(nullifier[0], addr2, proofs[0]);
  90. // console.log("resW", resW);
  91. balance_wei = await web3.eth.getBalance(addr2);
  92. // console.log("Balance at " + addr2, web3.utils.fromWei(balance_wei, 'ether'));
  93. expect(balance_wei).to.be.equal('101000000000000000000');
  94. });
  95. it("Try to reuse the zkProof and get revert", async () => {
  96. // console.log("Try to reuse the zkproof and expect revert");
  97. await truffleAssert.fails(
  98. withdrawSC(nullifier[0], addr2, proofs[0]),
  99. truffleAssert.ErrorType.REVERT,
  100. "nullifier already used"
  101. );
  102. balance_wei = await web3.eth.getBalance(addr2);
  103. expect(balance_wei).to.be.equal('101000000000000000000');
  104. });
  105. it("Withdraw 1 ETH with the zkProof of the 2nd deposit to addr4", async () => {
  106. let resW = await withdrawSC(nullifier[1], addr4, proofs[1]);
  107. balance_wei = await web3.eth.getBalance(addr4);
  108. expect(balance_wei).to.be.equal('101000000000000000000');
  109. });
  110. it("Withdraw 1 ETH with the zkProof of the 3rd deposit to addr4", async () => {
  111. let resW = await withdrawSC(nullifier[2], addr4, proofs[2]);
  112. balance_wei = await web3.eth.getBalance(addr4);
  113. expect(balance_wei).to.be.equal('102000000000000000000');
  114. });
  115. });
  116. async function makeDeposit(secret, addr) {
  117. currKey += 1;
  118. const poseidon = circomlib.poseidon.createHash(6, 8, 57);
  119. let currNullifier = poseidon([currKey, secret]).toString();
  120. let currCommitment = poseidon([coinCode, amount, secret, currNullifier]).toString();
  121. let resI = await tree.insert(currKey, currCommitment);
  122. while (resI.siblings.length < nLevels) resI.siblings.push(Fr.e(0));
  123. // calculate witness
  124. const wasm = await fs.promises.readFile("./test/build/deposit.wasm");
  125. const input = unstringifyBigInts({
  126. "coinCode": coinCode,
  127. "amount": amount,
  128. "secret": secret,
  129. "oldKey": resI.isOld0 ? 0 : resI.oldKey,
  130. "oldValue": resI.isOld0 ? 0 : resI.oldValue,
  131. "isOld0": resI.isOld0 ? 1 : 0,
  132. "siblings": resI.siblings,
  133. "rootOld": resI.oldRoot,
  134. "rootNew": resI.newRoot,
  135. "commitment": currCommitment,
  136. "key": currKey
  137. });
  138. const options = {};
  139. // console.log("Calculate witness", input);
  140. const wc = await WitnessCalculatorBuilder(wasm, options);
  141. const w = await wc.calculateWitness(input);
  142. const witness = unstringifyBigInts(stringifyBigInts(w));
  143. // generate zkproof of commitment using snarkjs (as is a test)
  144. const provingKey = unstringifyBigInts(JSON.parse(fs.readFileSync("./test/build/deposit-proving_key.json", "utf8")));
  145. // console.log("Generate zkSNARK proof");
  146. const res = groth.genProof(provingKey, witness);
  147. let proof = res.proof;
  148. const verificationKey = unstringifyBigInts(JSON.parse(fs.readFileSync("./test/build/deposit-verification_key.json", "utf8")));
  149. let pubI = unstringifyBigInts([coinCode, amount, resI.oldRoot.toString(), resI.newRoot.toString(), currCommitment, currKey]);
  150. let validCheck = groth.isValid(verificationKey, proof, pubI);
  151. // console.log("VALIDCHECK", validCheck, pubI, proof);
  152. assert(validCheck);
  153. await insMiksi.deposit(
  154. currCommitment,
  155. tree.root.toString(),
  156. [proof.pi_a[0].toString(), proof.pi_a[1].toString()],
  157. [
  158. [proof.pi_b[0][1].toString(), proof.pi_b[0][0].toString()],
  159. [proof.pi_b[1][1].toString(), proof.pi_b[1][0].toString()]
  160. ],
  161. [proof.pi_c[0].toString(), proof.pi_c[1].toString()],
  162. {from: addr, value: amount}
  163. );
  164. return currNullifier;
  165. }
  166. async function genWithdrawZKProof(secret, nullifier, addr, k) {
  167. const resC = await tree.find(k);
  168. assert(resC.found);
  169. let siblings = resC.siblings;
  170. while (siblings.length < nLevels) {
  171. siblings.push("0");
  172. };
  173. // calculate witness
  174. const wasm = await fs.promises.readFile("./test/build/withdraw.wasm");
  175. const input = unstringifyBigInts({
  176. "coinCode": coinCode,
  177. "amount": amount,
  178. "secret": secret,
  179. "nullifier": nullifier,
  180. "siblings": siblings,
  181. "root": tree.root,
  182. "address": addr,
  183. "key": k
  184. });
  185. const options = {};
  186. // console.log("Calculate witness");
  187. const wc = await WitnessCalculatorBuilder(wasm, options);
  188. const w = await wc.calculateWitness(input);
  189. const witness = unstringifyBigInts(stringifyBigInts(w));
  190. // generate zkproof of commitment using snarkjs (as is a test)
  191. const provingKey = unstringifyBigInts(JSON.parse(fs.readFileSync("./test/build/withdraw-proving_key.json", "utf8")));
  192. // console.log("Generate zkSNARK proof");
  193. const res = groth.genProof(provingKey, witness);
  194. return res.proof;
  195. }
  196. async function withdrawSC(nullifier, addr, proof) {
  197. // console.log("withdrawSC", proof);
  198. return insMiksi.withdraw(
  199. addr,
  200. nullifier,
  201. [proof.pi_a[0].toString(), proof.pi_a[1].toString()],
  202. [
  203. [proof.pi_b[0][1].toString(), proof.pi_b[0][0].toString()],
  204. [proof.pi_b[1][1].toString(), proof.pi_b[1][0].toString()]
  205. ],
  206. [proof.pi_c[0].toString(), proof.pi_c[1].toString()]
  207. );
  208. }