tornadocash/tornado-core
1
0
Fork 0
mirror of https://github.com/tornadocash/tornado-core.git synced 2024-11-22 17:50:19 +01:00
Code Issues Packages Projects Releases Wiki Activity

add explicit constraints to fee and receiver inputs

Browse Source
This commit is contained in:
poma 2019-08-01 22:12:02 +03:00
parent a657860418
commit 5e6c7392de
No known key found for this signature in database
GPG Key ID: 530BBEE4AE8C3604
1 changed files with 8 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
circuits/withdraw.circom
View File

@ -30,7 +30,6 @@ template CommitmentHasher() {
template Withdraw(levels, rounds) { template Withdraw(levels, rounds) {
signal input root; signal input root;
signal input nullifierHash; signal input nullifierHash;
// TODO: Check if we need some kind of explicit constraints or something for those 2 inputs
signal input receiver; // not taking part in any computations signal input receiver; // not taking part in any computations
signal input fee; // not taking part in any computations signal input fee; // not taking part in any computations
signal private input nullifier; signal private input nullifier;
@ -51,6 +50,14 @@ template Withdraw(levels, rounds) {
tree.pathElements[i] <== pathElements[i]; tree.pathElements[i] <== pathElements[i];
tree.pathIndex[i] <== pathIndex[i]; tree.pathIndex[i] <== pathIndex[i];
} }
// Add hidden signals to make sure that tampering with receiver or fee will invalidate the snark proof
// Most likely it is not required, but it's better to stay on the safe side and it only takes 2 constraints
// Squares are used to prevent optimizer from removing those constraints
signal receiverSquare;
signal feeSquare;
receiverSquare <== receiver * receiver;
feeSquare <== fee * fee;
} }
component main = Withdraw(16, 220); component main = Withdraw(16, 220);