arnaucube
/
miksi-core
mirror of https://github.com/arnaucube/miksi-core.git
1
1
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

Add nullifier=H(key, secret)

pull/2/head
arnaucube 4 years ago
parent
9776f46e4b
commit
a756810fc9
11 changed files with 103 additions and 77 deletions
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. +28
    -20
      circuits/deposit.circom
  2. +31
    -18
      circuits/withdraw.circom
  3. +11
    -11
      contracts/deposit-verifier.sol
  4. +10
    -10
      contracts/withdraw-verifier.sol
  5. +6
    -3
      dist/miksi-browser.js
  6. +1
    -1
      migrations/1_initial_migration.js
  7. +6
    -3
      src/miksi.ts
  8. +3
    -3
      test/circuits/deposit.test.ts
  9. +2
    -1
      test/circuits/withdraw.test.ts
  10. +3
    -5
      test/contracts/miksi.test.ts
  11. +2
    -2
      test/miksi.test.ts

+ 28
- 20
circuits/deposit.circom
View File

@ -2,22 +2,29 @@
# deposit.circom
+----------+ +----------+
PUB_nullifier+------>+ | | |
| | | SMT |
PUB_coinCode+------->+ | | Poseidon +<------+PUB_rootOld
| Poseidon +-+----------->+ Verifier |
PUB_amount+--------->+ | | | Non |
| | | | Existance+<------+PRI_siblings
PRI_secret+--------->+ | | | | +
+----------+ | +----------+ |
| |
| |
| +----------+ |
| | | |
| | | |
+----+ | | SMT +<---------+
PUB_commitment+----> == +<--------+----------->+ Poseidon |
+----------+
| |
PRI_secret+--------->+ Poseidon +<----+PUB_key
| | | +
| +----------+ |
| nullifier |
| + |
| | | +----------+
| v | | |
| +----+-----+ +---->+ SMT |
+--------->+ | | Poseidon +<------+PUB_rootOld
| +-----+------->+ Verifier |
PUB_coinCode+------->+ Poseidon | | | Non |
| | | | Existance+<------+PRI_siblings
PUB_amount+--------->+ | | | | +
+----------+ | +----------+ |
| |
| |
| +----------+ |
| | | |
| | | |
+----+ | | SMT +<---------+
PUB_commitment+----> == +<------------+------->+ Poseidon |
+----+ | Verifier |
| +<------+PUB_rootNew
| |
@ -34,7 +41,6 @@ template Deposit(nLevels) {
signal input coinCode;
signal input amount;
signal private input secret;
signal private input nullifier;
signal private input oldKey;
signal private input oldValue;
signal private input siblingsOld[nLevels];
@ -44,11 +50,15 @@ template Deposit(nLevels) {
signal input commitment;
signal input key;
component nullifierCmp = Poseidon(2, 6, 8, 57);
nullifierCmp.inputs[0] <== key;
nullifierCmp.inputs[1] <== secret;
component hash = Poseidon(4, 6, 8, 57);
hash.inputs[0] <== coinCode;
hash.inputs[1] <== amount;
hash.inputs[2] <== secret;
hash.inputs[3] <== nullifier; // nullifier
hash.inputs[3] <== nullifierCmp.out; // nullifier
component comCheck = IsEqual();
comCheck.in[0] <== hash.out;
@ -106,5 +116,3 @@ template Deposit(nLevels) {
smtNew.key <== key;
smtNew.value <== hash.out;
}
/* component main = Deposit(17); // 16 real levels (due circom leaf protection) */

+ 31
- 18
circuits/withdraw.circom
View File

@ -4,21 +4,27 @@
WARNING: WIP, very initial version of the miksi circuit
-----------+ +----------+
PUB_nullifier+------>+ | | |
| | | |
PUB_coinCode+------->+ | | SMT +<------+PRI_siblings
| Poseidon +------------->+ Poseidon |
PUB_amount+--------->+ | | Verifier |
| | | +<------+PUB_root
PRI_secret+--------->+ | | | +
+----------+ +----------+ |
|
|
+----+ +----+ |
PUB_address+--->+ != +<-------+0+------>+ != +<-------+
+----+ +----+
+----------+
| |
PRI_secret+--------->+ Poseidon +<------+PRI_key+---------+
| | | |
| +----------+ +----+ |
| nullifier+----->+ != +<-----+0 |
| + +----+ v
| | +--+-------+
| v | |
| +-----+----+ | |
+--------->+ | | SMT +<------+PRI_siblings
| +--------------------->+ Poseidon |
PUB_coinCode+------->+ Poseidon | | Verifier |
| | | +<------+PUB_root
PUB_amount+--------->+ | | | +
+----------+ +----------+ |
|
|
+----+ +----+ |
PUB_address+--->+ != +<-------+0+-------------->+ != +<-------+
+----+ +----+
@ -38,11 +44,20 @@ template Withdraw(nLevels) {
signal input address;
signal private input key;
component nullifierCmp = Poseidon(2, 6, 8, 57);
nullifierCmp.inputs[0] <== key;
nullifierCmp.inputs[1] <== secret;
component nullifierCheck = IsEqual();
nullifierCheck.in[0] <== nullifierCmp.out;
nullifierCheck.in[1] <== nullifier;
nullifierCheck.out === 1;
component hash = Poseidon(4, 6, 8, 57);
hash.inputs[0] <== coinCode;
hash.inputs[1] <== amount;
hash.inputs[2] <== secret;
hash.inputs[3] <== nullifier;
hash.inputs[3] <== nullifierCmp.out;
component z = IsZero();
z.in <== address;
@ -61,5 +76,3 @@ template Withdraw(nLevels) {
smtV.key <== key;
smtV.value <== hash.out;
}
/* component main = Withdraw(17); // 16 real levels (due circom leaf protection) */

+ 11
- 11
contracts/deposit-verifier.sol
View File

@ -174,18 +174,18 @@ contract DepositVerifier {
DepositPairing.G1Point C;
}
function verifyingKey() internal pure returns (VerifyingKey memory vk) {
vk.alfa1 = DepositPairing.G1Point(6252279943948821612875254485822400771880244748647402468559313390659426369211,14613992641366395519215313033197052494675205790791681942712524672663717445198);
vk.beta2 = DepositPairing.G2Point([8815707221276583891078115500662413295646422001003116635595393183791263464666,2419345326742699182992664780905159492965802671871300884928909939820530848387], [13802188444049362002223101887345226877142883308911663519491915021252904802728,8432022027118506252472861389475505702286644933376629310815925957781079388244]);
vk.gamma2 = DepositPairing.G2Point([406780534454176465129277539913777571896656479994247886563898597395429608191,8553686745430855428347818111461857703407929988498137065162278041029533501400], [10853405844969955843420851706686864381784815223125536658953775544597422525149,16970177376889915166884914612008041178398555620271753364587667807183773056978]);
vk.delta2 = DepositPairing.G2Point([17774593393920734301044375457515456063884202391938358455667100316292620932619,652992445536380252856758894184970383216921565250275732529612554514615486705], [8565671556084260686055251361834646248751758478811415108547802639098436142689,13627472961242110255971086079899697279073175536722168875617347642947908794476]);
vk.alfa1 = DepositPairing.G1Point(1258740466619721561764848263868948885256868728083361044431705704250200328469,21429540617461013763355995827369015728574005711708554964620455716559845665960);
vk.beta2 = DepositPairing.G2Point([1970073964470939152021048511578236383128106002002646214631675246653310717957,12712064789215987207311676617832240483534887569403229725706661660234806079568], [6870389010384618580426191051449467588139581765956292544372582938359353782255,6848532171529839105686210172312789080165730008667873614736656943070291514440]);
vk.gamma2 = DepositPairing.G2Point([13025863801027866036957367957812995765980137647543971093801580955580158571874,20814717907036542939719692573804299830237034748270287956482979656634810999797], [16865748738430061541889111484860607300264882791091260395585977539280926944744,6582452541423888885538277642620939176084115646218892470412691713075803269496]);
vk.delta2 = DepositPairing.G2Point([2706422800377368885835489037908110628648159507031013921848827952225418230859,10128511868105727233071317029928430873590267714292386130186788090735888000654], [9307796408359964981598578123726621566221091904060802593884747535035317267698,10229229177642547369193569171638060693529620333185044332089881198521466285102]);
vk.IC = new DepositPairing.G1Point[](7);
vk.IC[0] = DepositPairing.G1Point(10428563448506003955350846849697024823467951195979510170085385051366494122630,2001368486752884718033076277913854180721154412880313561543985388032034832578);
vk.IC[1] = DepositPairing.G1Point(4128122503032922060195529775123411053757718861576733396781404734329175129810,10674578892367272724467858279423956771312053469141701790449967683133025637132);
vk.IC[2] = DepositPairing.G1Point(19773281464520362843244450371118225183481659515807020952674214520191343536792,15379009728817649289524197508360737263801583612474597112384517352187225280313);
vk.IC[3] = DepositPairing.G1Point(14445852532044159873734129156753952133803550608446385223251919704854960384859,7077329911841232859880292933329532486425877098134111290548060164729473197615);
vk.IC[4] = DepositPairing.G1Point(21203069170036177324269770159791288324714871209409930031741364108474535151841,8265986849104087053031541158247678629561167271267822543600920475259735501627);
vk.IC[5] = DepositPairing.G1Point(7815738803719288008965544439519375118301374923131249465167234012095974108078,14621864468590078300113893865387457049678236814266039911309734278145027746551);
vk.IC[6] = DepositPairing.G1Point(8935039868766995891455796224784160256067346799724853938828138135035767086643,904657175184727805046626884361174202421281696337758135233214084380356026332);
vk.IC[0] = DepositPairing.G1Point(8397052292217400695143537066445367917145410240792913306851228502454937821366,12671160300014072845850036020940585445323243765280661661695708986287317615875);
vk.IC[1] = DepositPairing.G1Point(6596045848853057767878231551177724402312499873808498125139673743823045037250,7534954341042032271738328495861493195651777182379101357540540106554292796757);
vk.IC[2] = DepositPairing.G1Point(4901276071960695759302493242818574371230833857454046609753730934715589681877,13809211544158082674160387144353489098197497336900883805464212924786897695399);
vk.IC[3] = DepositPairing.G1Point(2284803743046947681824176654599433605185583055184533094933575326747068384159,2284200205123294415907017338355314014204105239362681972585077325269318233489);
vk.IC[4] = DepositPairing.G1Point(21716095221104104663235558033723097977851973293891360765306880852225906302195,18269386656024591769800450266310198804152899431728523144697352898486771309144);
vk.IC[5] = DepositPairing.G1Point(4423411107516450238605209094503652145439393246493785143531883737456094986038,12516994610092142480164396204315951248730163354266253105562761854742484119787);
vk.IC[6] = DepositPairing.G1Point(7796439859607328142065987214031690144742541126385291233968361100031127756853,21735884364940330079209527729232705812864156681957672956585478889553770695530);
}
function verify(uint[] memory input, Proof memory proof) internal view returns (uint) {

+ 10
- 10
contracts/withdraw-verifier.sol
View File

@ -174,17 +174,17 @@ contract WithdrawVerifier {
WithdrawPairing.G1Point C;
}
function verifyingKey() internal pure returns (VerifyingKey memory vk) {
vk.alfa1 = WithdrawPairing.G1Point(4297056733213219859343595902911474212531679066691174515518566289296862448444,4118210981440029225166132201111655761091977199270131833660894679466015902790);
vk.beta2 = WithdrawPairing.G2Point([8432401178610715017522187095017141452256968060720655001943681144704681203162,20225339942421781890739814367503015805021408029816534384568975989447323618511], [4834758580575986670881233088235906918937658419326998231175019058718340643738,18563021167708801438919497910470781384291873402945244720127030262991586019354]);
vk.gamma2 = WithdrawPairing.G2Point([12216917316860064359319225214672707506982145717785585352407055318045791852406,16166539837790779483464664514892121904759368139188876537264973277846536919241], [20490357584101774634267615913836176478875767727346317112419586614764063234950,16010134726469276935755880346958799379053190723590701758427883606793091122235]);
vk.delta2 = WithdrawPairing.G2Point([10474213958708183921155086977680302183767751804928195354437737122452000530775,9773108273173417325339709698942421365637766622753869523317186054233667618378], [16147854964572048164082375837809824945742203950104688071859656285754596010250,11100262415558015426093541731679959772584136240842322421838884270434696620945]);
vk.alfa1 = WithdrawPairing.G1Point(11409068853756798814936124347751329073714060701740446597478422218560206445758,16307887919185411074461162514565293539798560629762151895981933912918907095458);
vk.beta2 = WithdrawPairing.G2Point([7251220013464197846241844721359309776896763036272826930712901410316354650148,14916303478359187735015641670440403429698869473868729048212546922914077002474], [18211498819199508460251069486886384399731840516685342748931656167756056543712,8874050391988730461899098188033396090287848116848581254042468820295115019769]);
vk.gamma2 = WithdrawPairing.G2Point([18243312913217582213671285532303762373614349407613660426190623713836205041234,8002499263366987790694142114137942554246563360100993171567470892470253717715], [5101789453622522636051816103606254513585817263100408629732625784631019392110,11103980668176400594372381484148071708850113352167680748055027633945382594250]);
vk.delta2 = WithdrawPairing.G2Point([16098761043629001805465286169491044916675831324018099734204712260649588341703,19769730035350773990203390501439447961424668221404762178293701706197745545740], [8688701351437626790357916288760375351147435444896067675241357486671215251369,8455256066870861595443543932211829056699959252725383991522357896994317226602]);
vk.IC = new WithdrawPairing.G1Point[](6);
vk.IC[0] = WithdrawPairing.G1Point(12549035287950018826389227128124648821309642448046081194740867551414746445936,16568684014919445974100333544046090587350141595344577637675040655062709518493);
vk.IC[1] = WithdrawPairing.G1Point(12115083684378263354532293492903135977611827458752142958704830075120237564442,20870100634266963726587012268331775772515090702290901068079447765002759133309);
vk.IC[2] = WithdrawPairing.G1Point(5812745461009917344575852755312885578454227891300545343869244275304038771554,20292323840549344370214519296853977558551052789143029493431728787305104927396);
vk.IC[3] = WithdrawPairing.G1Point(4547260115459198012764009325266310410529115043680958732580932197784570644367,10715056277994978617773043139980635251314875156509544440091005842529235092175);
vk.IC[4] = WithdrawPairing.G1Point(1917397956416751861666133718730009968886977460807568824355482458793905843210,3701368891299580862131264739399266552453491844311287913354184906669407062679);
vk.IC[5] = WithdrawPairing.G1Point(9794226343300072560298373762652188441793658526495383382310165666486106285885,13609131229374196873721534431966454573967113169445854598703174909986898964199);
vk.IC[0] = WithdrawPairing.G1Point(2196244256820986567690679996736462451552129559361830175635841659301698130240,165089131243676339464114487098255787822583319468395307669959484414351728542);
vk.IC[1] = WithdrawPairing.G1Point(17268765234743108265652438016645776441257441044491122918862662638109371886622,16271655515517205557815838795170378396691506771170200642570141877418298560999);
vk.IC[2] = WithdrawPairing.G1Point(2948780275473397242543570881784329151300936590175851800649409338551940794103,7459991620945381798521094109942977024582184419006796838077427417326367418494);
vk.IC[3] = WithdrawPairing.G1Point(14126068401014488583026867986497891029401323572850638120219902210320665079121,12837383067484111352928338327694584489849366255365568904250423854761877284524);
vk.IC[4] = WithdrawPairing.G1Point(4035053269905941448869990955467912804643642147479323759450659886610920901687,16351688143022086978492392339555394524864154460935065484258649758201836006417);
vk.IC[5] = WithdrawPairing.G1Point(18802458565488979046369094260543220868642937974211915451306988597267942099055,12108624098056255328526306317129377211653789160060445574749682563859873858540);
}
function verify(uint[] memory input, Proof memory proof) internal view returns (uint) {

+ 6
- 3
dist/miksi-browser.js
View File

@ -76304,14 +76304,16 @@ exports.randBigInt = () => {
return Fr.random();
};
exports.calcCommitment = (secret, nullifier) => {
exports.calcCommitment = (key, secret) => {
const poseidon = circomlib.poseidon.createHash(6, 8, 57);
const nullifier = poseidon([key, secret]).toString();
const commitment = poseidon([coinCode, amount, secret, nullifier]).toString();
return commitment;
};
exports.calcDepositWitness = async (wasm, secret, nullifier, commitments, key) => {
exports.calcDepositWitness = async (wasm, key, secret, commitments) => {
const poseidon = circomlib.poseidon.createHash(6, 8, 57);
const nullifier = poseidon([key, secret]).toString();
const commitment = poseidon([coinCode, amount, secret, nullifier]).toString();
console.log("PROVA", poseidon([key, commitment]).toString());
@ -76403,8 +76405,9 @@ exports.calcDepositWitness = async (wasm, secret, nullifier, commitments, key) =
};
}
exports.calcWithdrawWitness = async (wasm, secret, nullifier, commitments, addr, key) => {
exports.calcWithdrawWitness = async (wasm, key, secret, commitments, addr) => {
const poseidon = circomlib.poseidon.createHash(6, 8, 57);
const nullifier = poseidon([key, secret]).toString();
const commitment = poseidon([coinCode, amount, secret, nullifier]).toString();
// rebuild the tree

+ 1
- 1
migrations/1_initial_migration.js
View File

@ -1,4 +1,4 @@
var Migrations = artifacts.require("./contracts/helpers/Migrations.sol");
var Migrations = artifacts.require("./test/build/helpers/Migrations.sol");
module.exports = function(deployer) {
deployer.deploy(Migrations);

+ 6
- 3
src/miksi.ts
View File

@ -19,14 +19,16 @@ exports.randBigInt = () => {
return Fr.random();
};
exports.calcCommitment = (secret, nullifier) => {
exports.calcCommitment = (key, secret) => {
const poseidon = circomlib.poseidon.createHash(6, 8, 57);
const nullifier = poseidon([key, secret]).toString();
const commitment = poseidon([coinCode, amount, secret, nullifier]).toString();
return commitment;
};
exports.calcDepositWitness = async (wasm, secret, nullifier, commitments, key) => {
exports.calcDepositWitness = async (wasm, key, secret, commitments) => {
const poseidon = circomlib.poseidon.createHash(6, 8, 57);
const nullifier = poseidon([key, secret]).toString();
const commitment = poseidon([coinCode, amount, secret, nullifier]).toString();
console.log("PROVA", poseidon([key, commitment]).toString());
@ -118,8 +120,9 @@ exports.calcDepositWitness = async (wasm, secret, nullifier, commitments, key) =
};
}
exports.calcWithdrawWitness = async (wasm, secret, nullifier, commitments, addr, key) => {
exports.calcWithdrawWitness = async (wasm, key, secret, commitments, addr) => {
const poseidon = circomlib.poseidon.createHash(6, 8, 57);
const nullifier = poseidon([key, secret]).toString();
const commitment = poseidon([coinCode, amount, secret, nullifier]).toString();
// rebuild the tree

+ 3
- 3
test/circuits/deposit.test.ts
View File

@ -22,9 +22,10 @@ describe("deposit test", function () {
const coinCode = "0";
const amount = '1000000000000000000';
const nullifier = "567891234";
// const nullifier = "567891234";
const poseidon = circomlib.poseidon.createHash(6, 8, 57);
const nullifier = poseidon([2, secret]);
const commitment = poseidon([coinCode, amount, secret, nullifier]).toString();
// add commitment into SMT
@ -33,7 +34,7 @@ describe("deposit test", function () {
// await tree.insert(2, 0);
let rootOld = tree.root;
let res = await tree.find(commitment);
let res = await tree.find(2);
// console.log(res);
assert(!res.found);
let siblingsOld = res.siblings;
@ -60,7 +61,6 @@ describe("deposit test", function () {
"coinCode": coinCode,
"amount": amount,
"secret": secret,
"nullifier": nullifier,
"oldKey": "1",
"oldValue": "0",
"siblingsOld": siblingsOld,

+ 2
- 1
test/circuits/withdraw.test.ts
View File

@ -22,9 +22,10 @@ describe("withdraw test", function () {
const coinCode = "0";
const amount = '1000000000000000000';
const nullifier = "567891234";
// const nullifier = "567891234";
const poseidon = circomlib.poseidon.createHash(6, 8, 57);
const nullifier = poseidon([2, secret]);
const commitment = poseidon([coinCode, amount, secret, nullifier]).toString();
// add commitment into SMT

+ 3
- 5
test/contracts/miksi.test.ts
View File

@ -22,7 +22,7 @@ const secret = ["1234567890", "987654321", "123"];
const coinCode = "0"; // refearing to ETH
const ethAmount = '1';
const amount = web3.utils.toWei(ethAmount, 'ether');
const nullifier = ["567891234", "432198765", "321"];
const nullifier = ["0", "0", "0"];
let commitment = [];
let tree;
let oldKey = [];
@ -88,9 +88,7 @@ contract("miksi", (accounts) => {
it("Get the commitments data", async () => {
// getCommitments data
let res = await insMiksi.getCommitments();
expect(res[0][0].toString()).to.be.equal('189025084074544266465422070282645213792582195466360448472858620722286781863');
// expect(res[1].toString()).to.be.equal('9328869343897770565751281504295758914771207504252217956739346620422361279598');
console.log(res[0]);
expect(res[1].toString()).to.be.equal(tree.root.toString());
commitmentsArray[0] = res[0];
currKey = res[2];
});
@ -155,6 +153,7 @@ contract("miksi", (accounts) => {
async function computeTree(u) {
const poseidon = circomlib.poseidon.createHash(6, 8, 57);
nullifier[u] = poseidon([currKey+1, secret[u]]).toString();
commitment[u] = poseidon([coinCode, amount, secret[u], nullifier[u]]).toString();
// deposit
@ -197,7 +196,6 @@ async function makeDeposit(u, addr) {
"coinCode": coinCode,
"amount": amount,
"secret": secret[u],
"nullifier": nullifier[u],
"oldKey": oldKey[u],
"oldValue": oldValue[u],
"siblingsOld": siblingsOld[u],

+ 2
- 2
test/miksi.test.ts
View File

@ -9,13 +9,13 @@ describe("deposit test", function () {
it("Test Deposit", async () => {
const secret = "1234567890";
const nullifier = "567891234";
const key = 1;
const commitments = [];
const wasm = await fs.promises.readFile("./build/deposit.wasm");
console.log("w", wasm.length);
const witness = await miksi.calcDepositWitness(wasm, secret, nullifier, commitments, 1);
const witness = await miksi.calcDepositWitness(wasm, key, secret, commitments);
// console.log("w", witness);

Write Preview
Loading…
Cancel
Save