arnaucube 77719dbe4e | 4 years ago | |
---|---|---|
.github/workflows | 4 years ago | |
circuits | 4 years ago | |
contracts | 4 years ago | |
dist | 4 years ago | |
migrations | 4 years ago | |
src | 4 years ago | |
test | 4 years ago | |
.gitattributes | 4 years ago | |
.gitignore | 4 years ago | |
LICENSE | 4 years ago | |
README.md | 4 years ago | |
compile-circuits.sh | 4 years ago | |
miksi-logo00-small.png | 4 years ago | |
package-lock.json | 4 years ago | |
package.json | 4 years ago | |
truffle-config.js | 4 years ago | |
tsconfig.json | 4 years ago | |
tslint.json | 4 years ago |
From Esperanto, miksi (miks·i): to mingle, to blend, to mix, to shuffle
Ethereum mixer where all the computation & constructions are done offchain and then proved inside a zkSNARK to the Smart Contract (for the deposit and for the withdraw).
This means that the client builds a MerkleTree and makes all the needed computation, and then generates a zk-proof where proves that all the offchain computation is done following all the rules (no leaf deletion, only one leaf addition, correct leaf format).
This allows to use only ~325.000 gas
for the deposit, and ~308.000 gas
for the withdraw.
Warning: This repository is in a very early stage. The current version works, but is not finished and there are some improvements to be added.
WebApp to use miksi-core can be found at https://github.com/arnaucube/miksi-app
npm run test-circuits
npm run test-sc
./compile-circuits.sh
Note: The spec & code is a work in progress, there are some pending works & improvements planned to do, and some diagrams for better explanation.
All computation & constructions are done offchain and then proved inside a zkSNARK to the Smart Contract
secret
& nullifier
commitment
, which is the Poseidon hash: commitment = H(coinCode, amount, secret, nullifier)
, where:
coinCode
: code that specifies which currency is being used (0
==ETH)amount
: the amount to be depositedsecret
: random, privatenullifier
: randomcommitment
into the MerkleTreesecret
& nullifier
for the commitment
which is in a leaf in the merkletreeRootOld
(the current one in the Smart Contract) to RootNew
has been done following the rules (only one leaf addition, no leaf deletion, correct leaf format, etc)deposit
call, together with the zkProof dataDeposit circuit can be found here.
All computation & constructions are done offchain and then proved inside a zkSNARK to the Smart Contract
commitment
of which the user knows the secret
& nullifier
secret
for a public nullifier
- which commitment
is in the MerkleTree
- which MerkleTree root
is the one that knows the SmartContractWithdraw circuit can be found here.
Miksi is possible thanks to circom, circomlib, wasmsnark, and thanks to the ideas about offchain computation validated with a zkSNARK in the Zexe paper.