arnaucube/miksi-core
1
0
Fork 0
mirror of https://github.com/arnaucube/miksi-core.git synced 2026-02-06 19:16:40 +01:00
Code Issues Packages Projects Releases Wiki Activity

Add fixed key leaf by contract

Browse Source
This commit is contained in:
arnaucube
2020-05-18 13:09:41 +02:00
parent ecb1704793
commit 00b52a1a53
9 changed files with 84 additions and 59 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
README.md
View File

@@ -7,6 +7,8 @@
**Warning:** This repository is in a very early stage.
WebApp to use miksi-core can be found at https://github.com/arnaucube/miksi-app
## Circuits tests
```
npm run test-circuits

14
circuits/deposit.circom
View File

@@ -36,17 +36,19 @@ template Deposit(nLevels) {
signal private input secret;
signal private input nullifier;
signal private input oldKey;
signal private input oldValue;
signal private input siblingsOld[nLevels];
signal private input siblingsNew[nLevels];
signal input rootOld;
signal input rootNew;
signal input commitment;
signal input key;
component hash = Poseidon(4, 6, 8, 57);
hash.inputs[0] <== coinCode;
hash.inputs[1] <== amount;
hash.inputs[2] <== secret;
hash.inputs[3] <== nullifier;
hash.inputs[3] <== nullifier; // nullifier
component comCheck = IsEqual();
comCheck.in[0] <== hash.out;
@@ -64,10 +66,10 @@ template Deposit(nLevels) {
}
/* smtOld.oldKey <== 1; */
smtOld.oldKey <== oldKey;
smtOld.oldValue <== 0;
smtOld.oldValue <== oldValue;
smtOld.isOld0 <== 0;
smtOld.key <== hash.out;
smtOld.value <== 0;
smtOld.key <== key;
smtOld.value <== hash.out;
component smtNew = SMTVerifier(nLevels);
smtNew.enabled <== 1;
@@ -79,8 +81,8 @@ template Deposit(nLevels) {
smtNew.oldKey <== 0;
smtNew.oldValue <== 0;
smtNew.isOld0 <== 0;
smtNew.key <== hash.out;
smtNew.value <== 0;
smtNew.key <== key;
smtNew.value <== hash.out;
}
component main = Deposit(5);

5
circuits/withdraw.circom
View File

@@ -36,6 +36,7 @@ template Withdraw(nLevels) {
signal private input siblings[nLevels];
signal input root;
signal input address;
signal private input key;
component hash = Poseidon(4, 6, 8, 57);
hash.inputs[0] <== coinCode;
@@ -57,8 +58,8 @@ template Withdraw(nLevels) {
smtV.oldKey <== 0;
smtV.oldValue <== 0;
smtV.isOld0 <== 0;
smtV.key <== hash.out;
smtV.value <== 0;
smtV.key <== key;
smtV.value <== hash.out;
}
component main = Withdraw(5);

13
contracts/Miksi.sol
View File

@@ -7,6 +7,7 @@ contract Miksi {
DepositVerifier dVerifier;
WithdrawVerifier wVerifier;
uint256 key = 0;
uint256 amount = uint256(1000000000000000000);
uint256 root ;
uint256[] commitments;
@@ -15,7 +16,7 @@ contract Miksi {
constructor( address _depositVerifierContractAddr, address _withdrawVerifierContractAddr) public {
dVerifier = DepositVerifier(_depositVerifierContractAddr);
wVerifier = WithdrawVerifier(_withdrawVerifierContractAddr);
root = uint256(11499909227292257605992378629333104385616480982267969744564817844870636870870);
root = uint256(7191590165524151132621032034309259185021876706372059338263145339926209741311);
}
function deposit(
@@ -26,22 +27,24 @@ contract Miksi {
uint[2] memory c
) public payable {
// check root state transition update with zkp
uint256[5] memory input = [
uint256[6] memory input = [
0,
msg.value,
root, // rootOld
_root, // rootNew
_commitment
_commitment,
key+1
];
require(dVerifier.verifyProof(a, b, c, input), "zkProof deposit could not be verified");
require(msg.value==amount, "value should be 1 ETH"); // this can be flexible with a wrapper with preset fixed amounts
commitments.push(_commitment);
root = _root;
key += 1;
}
function getCommitments() public view returns (uint256[] memory, uint256) {
return (commitments, root);
function getCommitments() public view returns (uint256[] memory, uint256, uint256) {
return (commitments, root, key+1);
}
function withdraw(

25
contracts/deposit-verifier.sol
View File

@@ -174,17 +174,18 @@ contract DepositVerifier {
DepositPairing.G1Point C;
}
function verifyingKey() internal pure returns (VerifyingKey memory vk) {
vk.alfa1 = DepositPairing.G1Point(4690052268710270598869542532809702456418003799694536273077130369652196429884,9145902013599810527210227446448286424172036724970647907168421870847502009945);
vk.beta2 = DepositPairing.G2Point([16623062689690044255750716956401317560821762623856422123246403067057225130588,14652078637219990978821431784894112719594629514313306953371073983618015546541], [676307836452309210538606902645077301940331422390550491696691282441239090551,10369757414475454684684292675796821047567632748417978318178776038061059658326]);
vk.gamma2 = DepositPairing.G2Point([16528273881363574239250709218131920578661276173856341283262670072792844980215,6787263438752395682957935213403119833234411728635969992478064476167401704867], [5274450027585795927175443590954483941244906290165165924583130738506736130942,3392062216862930269651390569850019803754187174311810728530683507098775212357]);
vk.delta2 = DepositPairing.G2Point([17494603128862092548460623189930936969297925345032047648552416238816792961152,10402239940545833330287339048137499178728329705094695706126321196019762386747], [6175570631583630130350739728971333086849468117273142369720724145166167909214,20067049654764111179832549405286061192607773249291087398308936796066289541314]);
vk.IC = new DepositPairing.G1Point[](6);
vk.IC[0] = DepositPairing.G1Point(12697195619443882847721561991615544069218791667870821589914853846794238615885,18011435976524410295453245674507929643029222984348817278231712383283229915782);
vk.IC[1] = DepositPairing.G1Point(20324524778567704633470845008079551007952919835272398568401853167438653396525,8061504440558567975766943783054577602934521477527864647610640054521787242724);
vk.IC[2] = DepositPairing.G1Point(13332163378649502560807390864020561151254011879905389699984218750502394665905,4286598055677625399864995783940420134575107187974587372574457085466044561759);
vk.IC[3] = DepositPairing.G1Point(10175138903387311357088170792861518054422766016077544491949838159573444744976,16570515458939310802788756001103880353070070639900081360517205384175233432226);
vk.IC[4] = DepositPairing.G1Point(3298627468931988714290186736998190106240510584555740172431361939625148350723,10415330389886845959598036431340102923398308416032482557275534081287380793067);
vk.IC[5] = DepositPairing.G1Point(16030968253618323807449863533252146464206835591288004165377534537620304134907,6223567249648011787592835059978931866773091863735841649895374018321000148662);
vk.alfa1 = DepositPairing.G1Point(18695173155707885922021631283033755535591418672197129614467100440698872763407,1626506100460323286733991395349100178389097370543005429942370444444167817065);
vk.beta2 = DepositPairing.G2Point([7298930152319519678724671205658347486392659569051487272914904218878630422004,20278804400136230600016602729050494456082496665552956593575216136952301465879], [14400234736726653666673256209185515676662403987927981307851255786137918403808,202061819848056105351629960337366504214917264758439266970901420364923813257]);
vk.gamma2 = DepositPairing.G2Point([88902560478033838314004667971746300540170455168011513957934457035035362077,10509682790371697523911222284395334237969554461187168055951064284438196928133], [262372519755819494139123390519431075073514105365767199648231997477378997038,9903995889180920976180540681258851480387134172307619545103102622070424881278]);
vk.delta2 = DepositPairing.G2Point([19749667459894634917871046338432887676262288965549093528649050450724219163245,13756931459128709749559820929305092888983958863551084787825233693015050987062], [20576516057444847821805169435613033091289908065519785381540290141111162328929,15244981401483924012411101359641406633223142876027993598824472316124280834070]);
vk.IC = new DepositPairing.G1Point[](7);
vk.IC[0] = DepositPairing.G1Point(2000117758538561750953181437087792909020385452287399464015848728440127592389,275875173722294745606860506515174747141273674463415300932791922897441449811);
vk.IC[1] = DepositPairing.G1Point(4176102879547484253346821261893297661469569413245667250587796973056187219608,1926060395020061418051275655183984440402034736270275535768335121260270447114);
vk.IC[2] = DepositPairing.G1Point(8176255402316361002530601013228562072839156358144426319604813511766758290537,19255649988335327919495695859359269216762287298096174272638221716012315581350);
vk.IC[3] = DepositPairing.G1Point(20944119614073443108911839024077113785116860484550901273175814017528952294710,15941356189224733186425469351312052553223296343229173777927394845664358416828);
vk.IC[4] = DepositPairing.G1Point(16474742653420689694601265238954907093607463298284817604813422283427863653617,9311356062394012318240362122996250765056867942021818814568734196480690247200);
vk.IC[5] = DepositPairing.G1Point(12016269570988993052956789433371861013003194299504564318255744188658097042633,18130086499603245000319550360003638349858422145937471155520725380017515910661);
vk.IC[6] = DepositPairing.G1Point(14992989709522098533999247134336293504761296073753622771564136461571770746835,8331491724814987424742621582227793410739471354578262538342699991611045759814);
}
function verify(uint[] memory input, Proof memory proof) internal view returns (uint) {
@@ -210,7 +211,7 @@ contract DepositVerifier {
uint[2] memory a,
uint[2][2] memory b,
uint[2] memory c,
uint[5] memory input
uint[6] memory input
) public view returns (bool r) {
Proof memory proof;
proof.A = DepositPairing.G1Point(a[0], a[1]);

20
contracts/withdraw-verifier.sol
View File

@@ -174,17 +174,17 @@ contract WithdrawVerifier {
WithdrawPairing.G1Point C;
}
function verifyingKey() internal pure returns (VerifyingKey memory vk) {
vk.alfa1 = WithdrawPairing.G1Point(13125964035345732513320606972223597271702849498706862906431560515196316741541,2743237172859524479647981525721821119820168209195336069832075995585988365216);
vk.beta2 = WithdrawPairing.G2Point([2669112095067980506727873345758867054347466312660021806636272987760660828849,14539491114301519973242319011485401150263667232078179655062833197913312500017], [11720061635178934637313951615051060311580364580444053837400914945552182061616,2177765169672031700082566520171740120321696910335776288543190901344722545410]);
vk.gamma2 = WithdrawPairing.G2Point([10917104788485395001839994387809646569218736354722844653893803100190554724907,7478437791943783449531717383744438552168785436031321431732103220558102742468], [14238787877319603173234096439758621306673382329766962364233031837910870237536,10502637950741476389590969419560058151857179703312600335067455738743909083958]);
vk.delta2 = WithdrawPairing.G2Point([11073954909083264728700321333863259614089048106992800121105800848198886470375,14812237089106501466576017780356417002388876842333510442550104527732748120622], [17635776349801663084503912927095921433092564181571541546104162053167176565421,27998176086381233961153068490868928492606872937787873022612510202839716507]);
vk.alfa1 = WithdrawPairing.G1Point(10461708735553443176992732459814962577655306635753492245435095461770754609206,17170070190117362250052226704107651880175572987936980166979072370846071276566);
vk.beta2 = WithdrawPairing.G2Point([11084164661947067228695984420449497565302107485274732922694018877422637260948,14768196651755007408254022498360029528155122429952581228808458847305698486036], [21804606851539124842853838093984466542476538467493989613050132455132951994121,1861720569920484390282049349437713344652903656767554167309156051148865987563]);
vk.gamma2 = WithdrawPairing.G2Point([9706265884453026747036821224300582108519975058422630973848693287593728789837,5514760811545236654037526142877016941373586932537660711868264285004769174888], [14491809303075760609694333332967923981527717776009730567611199650481234125548,12129581260877191822815335682707682434919070096035795484939038493639252524617]);
vk.delta2 = WithdrawPairing.G2Point([16890371933892859364017140187474707868747433731104663205146192533825447514505,21399578739239166683287431604946765321077367409391376717538684282829150225976], [8842639902446623294657089461047982654757172648192937200077646586006331774863,18487165336340965321051036729791768485990613323135528024606788207720211920031]);
vk.IC = new WithdrawPairing.G1Point[](6);
vk.IC[0] = WithdrawPairing.G1Point(7491469026033918642677753652819151318339809973344463260827293357803586754235,4395946869661103322863744384786121261968956085472500963739363200632751346458);
vk.IC[1] = WithdrawPairing.G1Point(15792971708971548807702008065816978287582873199570212151763666852711881685748,20015547917924502689826594351540769795386333462562793050625401907390132405289);
vk.IC[2] = WithdrawPairing.G1Point(793110436159598650905223468298132112327901373645402348921311553793588112899,14932167562920745456386464748315950361167693788066386103439968740538587455112);
vk.IC[3] = WithdrawPairing.G1Point(3599763262227997054360288324315679176821090066709181138105454315553755125997,4842799741086852072636969222133537228560778966327440675220863187433692844579);
vk.IC[4] = WithdrawPairing.G1Point(1332654856961752997984248173858188249144320018346121854916888456163273080288,18357171701145993355281642916301559974565034917797021528848570764297806434641);
vk.IC[5] = WithdrawPairing.G1Point(12178090359527457673534455683642890230743486788471599510120235645318440790942,14955354663406965918722091973717855430180824697349764743374253473894681342412);
vk.IC[0] = WithdrawPairing.G1Point(10682120661229048274949364949968842843395989293050982446578990269399782749953,1990964813812662139462300927859607978511478023403957963432885533764658033890);
vk.IC[1] = WithdrawPairing.G1Point(19858805194844516511519307221183024963657395449667106116942848839464106278308,14007050627405719561074645119613087016962000876415739087812187315207916912886);
vk.IC[2] = WithdrawPairing.G1Point(21012689485487519157247991544697647278544236668403782222712353518350961502559,2452121773666466264963717054681755250351950870974950586177089269810623349820);
vk.IC[3] = WithdrawPairing.G1Point(21777835995512453624376343196859713839817688740670494291073772535091042372431,14230131375167768135013466989061198415649711922017749764614481281052630561040);
vk.IC[4] = WithdrawPairing.G1Point(18224309327975275226135927148877460666894066703361312842594398634528579211246,1805137703259464346304717616574612959020983663951806398290027184756994095101);
vk.IC[5] = WithdrawPairing.G1Point(6680422453531132615016449106377746942927034063013504561878935989154670779439,21031511412360362734553233505420357520515690946654736114154923572533964087548);
}
function verify(uint[] memory input, Proof memory proof) internal view returns (uint) {

8
test/circuits/deposit.test.ts
View File

@@ -42,10 +42,10 @@ describe("deposit test", function () {
};
console.log("siblingsOld", siblingsOld);
await tree.insert(commitment, 0);
await tree.insert(2, commitment);
let rootNew = tree.root;
res = await tree.find(commitment);
res = await tree.find(2);
// console.log(res);
assert(res.found);
let siblingsNew = res.siblings;
@@ -62,11 +62,13 @@ describe("deposit test", function () {
"secret": secret,
"nullifier": nullifier,
"oldKey": "1",
"oldValue": "0",
"siblingsOld": siblingsOld,
"siblingsNew": siblingsNew,
"rootOld": rootOld,
"rootNew": rootNew,
"commitment": commitment
"commitment": commitment,
"key": 2
});
await circuit.checkConstraints(witness);
});

9
test/circuits/withdraw.test.ts
View File

@@ -29,11 +29,11 @@ describe("withdraw test", function () {
// add commitment into SMT
let tree = await smt.newMemEmptyTrie();
await tree.insert(commitment, 0);
await tree.insert(1, 0);
await tree.insert(2, 0);
await tree.insert(2, commitment);
await tree.insert(3, 0);
console.log("root", tree.root);
const res = await tree.find(commitment);
const res = await tree.find(2);
assert(res.found);
let siblings = res.siblings;
while (siblings.length < nLevels) {
@@ -50,7 +50,8 @@ describe("withdraw test", function () {
"nullifier": nullifier,
"siblings": siblings,
"root": root,
"address": "987654321"
"address": "987654321",
"key": 2
});
await circuit.checkConstraints(witness);
});

47
test/contracts/miksi.test.ts
View File

@@ -26,6 +26,7 @@ const nullifier = ["567891234", "432198765", "321"];
let commitment = [];
let tree;
let oldKey = [];
let oldValue = [];
let siblingsOld = [];
let siblingsNew = [];
let rootOld = [];
@@ -34,6 +35,7 @@ let rootNew = [];
let proof = [];
let publicSignals = [];
let commitmentsArray = [];
let currKey=0;
let u = 0;
contract("miksi", (accounts) => {
@@ -60,12 +62,12 @@ contract("miksi", (accounts) => {
expect(balance_wei).to.be.equal('100000000000000000000');
tree = await smt.newMemEmptyTrie();
await tree.insert(1, 0);
await tree.insert(currKey, 0);
await computeTree(0);
expect(rootOld[0].toString()).to.be.equal('11499909227292257605992378629333104385616480982267969744564817844870636870870');
expect(rootNew[0].toString()).to.be.equal('9328869343897770565751281504295758914771207504252217956739346620422361279598');
expect(rootOld[0].toString()).to.be.equal('7191590165524151132621032034309259185021876706372059338263145339926209741311');
// expect(rootNew[0].toString()).to.be.equal('9328869343897770565751281504295758914771207504252217956739346620422361279598');
});
it("Make first deposit", async () => {
@@ -90,21 +92,22 @@ contract("miksi", (accounts) => {
// expect(res[1].toString()).to.be.equal('9328869343897770565751281504295758914771207504252217956739346620422361279598');
console.log(res[0]);
commitmentsArray[0] = res[0];
currKey = res[2];
});
it("Rebuild the tree from sc commitments", async () => {
let treeTmp = await smt.newMemEmptyTrie();
await treeTmp.insert(1, 0);
await treeTmp.insert(0, 0);
for (let i=0; i<commitmentsArray[0].length; i++) {
await treeTmp.insert(commitmentsArray[0][i], 0);
await treeTmp.insert(i+1, commitmentsArray[0][i]);
}
expect(treeTmp.root).to.be.equal(tree.root);
});
it("Calculate witness and generate the zkProof", async () => {
await genZKProof(0, addr2);
await genZKProof(1, addr4);
await genZKProof(2, addr4);
await genZKProof(0, addr2, "1");
await genZKProof(1, addr4, "2");
await genZKProof(2, addr4, "3");
});
it("Try to use the zkProof with another address and get revert", async () => {
@@ -157,24 +160,31 @@ async function computeTree(u) {
// deposit
// add commitment into SMT
// console.log("currKey", currKey);
rootOld[u] = tree.root;
const resC = await tree.find(commitment[u]);
const resC = await tree.find(currKey+1);
assert(!resC.found);
oldKey[u] = "1";
oldKey[u] = "0";
oldValue[u] = "0";
if (!resC.found) {
oldKey[u] = resC.notFoundKey.toString();
oldValue[u] = resC.notFoundValue.toString();
}
// console.log(oldValue[u]);
// console.log("FIND", resC);
siblingsOld[u] = resC.siblings;
while (siblingsOld[u].length < nLevels) {
siblingsOld[u].push("0");
};
await tree.insert(commitment[u], 0);
await tree.insert(currKey+1, commitment[u]);
rootNew[u] = tree.root;
currKey += 1;
// console.log("currKey", currKey);
}
async function makeDeposit(u, addr) {
const resC = await tree.find(commitment[u]);
const resC = await tree.find(currKey);
assert(resC.found);
siblingsNew[u] = resC.siblings;
while (siblingsNew[u].length < nLevels) {
@@ -189,11 +199,13 @@ async function makeDeposit(u, addr) {
"secret": secret[u],
"nullifier": nullifier[u],
"oldKey": oldKey[u],
"oldValue": oldValue[u],
"siblingsOld": siblingsOld[u],
"siblingsNew": siblingsNew[u],
"rootOld": rootOld[u],
"rootNew": rootNew[u],
"commitment": commitment[u]
"commitment": commitment[u],
"key": currKey
});
const options = {};
// console.log("Calculate witness");
@@ -210,7 +222,7 @@ async function makeDeposit(u, addr) {
publicSignals[u] = res.publicSignals;
const verificationKey = unstringifyBigInts(JSON.parse(fs.readFileSync("./build/deposit-verification_key.json", "utf8")));
let pubI = unstringifyBigInts([coinCode, amount, rootOld[u].toString(), rootNew[u].toString(), commitment[u]]);
let pubI = unstringifyBigInts([coinCode, amount, rootOld[u].toString(), rootNew[u].toString(), commitment[u], currKey]);
let validCheck = groth.isValid(verificationKey, proof[u], pubI);
assert(validCheck);
await insMiksi.deposit(
@@ -227,8 +239,8 @@ async function makeDeposit(u, addr) {
}
async function genZKProof(u, addr) {
const resC = await tree.find(commitment[u]);
async function genZKProof(u, addr, k) {
const resC = await tree.find(k);
assert(resC.found);
let siblings = resC.siblings;
while (siblings.length < nLevels) {
@@ -245,7 +257,8 @@ async function genZKProof(u, addr) {
"nullifier": nullifier[u],
"siblings": siblings,
"root": tree.root,
"address": addr
"address": addr,
"key": k
});
const options = {};
// console.log("Calculate witness");