inline commitment and nullifier hashers

This commit is contained in:
poma 2021-10-17 14:01:49 +03:00
parent 0ea12fc209
commit fb4d3ca8e6
No known key found for this signature in database
GPG Key ID: BA20CB01FE165657
3 changed files with 19 additions and 45 deletions

View File

@ -1,3 +1,4 @@
include "../node_modules/circomlib/circuits/bitify.circom";
include "../node_modules/circomlib/circuits/poseidon.circom"; include "../node_modules/circomlib/circuits/poseidon.circom";
include "../node_modules/circomlib/circuits/switcher.circom"; include "../node_modules/circomlib/circuits/switcher.circom";

View File

@ -1,3 +1,4 @@
include "../node_modules/circomlib/circuits/poseidon.circom";
include "./merkleProof.circom" include "./merkleProof.circom"
include "./treeUpdater.circom" include "./treeUpdater.circom"
include "./utils.circom" include "./utils.circom"
@ -49,19 +50,19 @@ template Transaction(levels, nIns, nOuts, zeroLeaf) {
inKeypair[tx] = Keypair(); inKeypair[tx] = Keypair();
inKeypair[tx].privateKey <== inPrivateKey[tx]; inKeypair[tx].privateKey <== inPrivateKey[tx];
inUtxoHasher[tx] = TransactionHasher(); inUtxoHasher[tx] = Poseidon(3);
inUtxoHasher[tx].amount <== inAmount[tx]; inUtxoHasher[tx].inputs[0] <== inAmount[tx];
inUtxoHasher[tx].blinding <== inBlinding[tx]; inUtxoHasher[tx].inputs[1] <== inBlinding[tx];
inUtxoHasher[tx].publicKey <== inKeypair[tx].publicKey; inUtxoHasher[tx].inputs[2] <== inKeypair[tx].publicKey;
nullifierHasher[tx] = NullifierHasher(); nullifierHasher[tx] = Poseidon(3);
nullifierHasher[tx].commitment <== inUtxoHasher[tx].commitment; nullifierHasher[tx].inputs[0] <== inUtxoHasher[tx].out;
nullifierHasher[tx].merklePath <== inPathIndices[tx]; nullifierHasher[tx].inputs[1] <== inPathIndices[tx];
nullifierHasher[tx].privateKey <== inPrivateKey[tx]; nullifierHasher[tx].inputs[2] <== inPrivateKey[tx];
nullifierHasher[tx].nullifier === inputNullifier[tx]; nullifierHasher[tx].out === inputNullifier[tx];
tree[tx] = MerkleProof(levels); tree[tx] = MerkleProof(levels);
tree[tx].leaf <== inUtxoHasher[tx].commitment; tree[tx].leaf <== inUtxoHasher[tx].out;
tree[tx].pathIndices <== inPathIndices[tx]; tree[tx].pathIndices <== inPathIndices[tx];
for (var i = 0; i < levels; i++) { for (var i = 0; i < levels; i++) {
tree[tx].pathElements[i] <== inPathElements[tx][i]; tree[tx].pathElements[i] <== inPathElements[tx][i];
@ -86,11 +87,11 @@ template Transaction(levels, nIns, nOuts, zeroLeaf) {
// verify correctness of transaction outputs // verify correctness of transaction outputs
for (var tx = 0; tx < nOuts; tx++) { for (var tx = 0; tx < nOuts; tx++) {
outUtxoHasher[tx] = TransactionHasher(); outUtxoHasher[tx] = Poseidon(3);
outUtxoHasher[tx].amount <== outAmount[tx]; outUtxoHasher[tx].inputs[0] <== outAmount[tx];
outUtxoHasher[tx].blinding <== outBlinding[tx]; outUtxoHasher[tx].inputs[1] <== outBlinding[tx];
outUtxoHasher[tx].publicKey <== outPubkey[tx]; outUtxoHasher[tx].inputs[2] <== outPubkey[tx];
outUtxoHasher[tx].commitment === outputCommitment[tx]; outUtxoHasher[tx].out === outputCommitment[tx];
// Check that amount fits into 248 bits to prevent overflow // Check that amount fits into 248 bits to prevent overflow
outAmountCheck[tx] = Num2Bits(248); outAmountCheck[tx] = Num2Bits(248);

View File

@ -1,8 +1,6 @@
include "../node_modules/circomlib/circuits/pointbits.circom";
include "../node_modules/circomlib/circuits/compconstant.circom";
include "../node_modules/circomlib/circuits/poseidon.circom"; include "../node_modules/circomlib/circuits/poseidon.circom";
// Since we don't use signatures, the keypair can be based on a simple hash
template Keypair() { template Keypair() {
signal input privateKey; signal input privateKey;
signal output publicKey; signal output publicKey;
@ -11,29 +9,3 @@ template Keypair() {
hasher.inputs[0] <== privateKey; hasher.inputs[0] <== privateKey;
publicKey <== hasher.out; publicKey <== hasher.out;
} }
template TransactionHasher() {
signal input amount;
signal input blinding;
signal input publicKey;
signal output commitment;
component hasher = Poseidon(3);
hasher.inputs[0] <== amount;
hasher.inputs[1] <== blinding;
hasher.inputs[2] <== publicKey;
commitment <== hasher.out;
}
template NullifierHasher() {
signal input commitment;
signal input merklePath;
signal input privateKey;
signal output nullifier;
component hasher = Poseidon(3);
hasher.inputs[0] <== commitment;
hasher.inputs[1] <== merklePath;
hasher.inputs[2] <== privateKey;
nullifier <== hasher.out;
}