address review comments

Signed-off-by: Chengxuan Xing <[email protected]>
hyperledger-labs · Sep 17, 2024 · 8f1250e · 8f1250e
1 parent 2493b2e
commit 8f1250e
Show file tree

Hide file tree

Showing 8 changed files with 43 additions and 39 deletions.
diff --git a/solidity/contracts/lib/verifier_anon_enc.sol b/solidity/contracts/lib/verifier_anon_enc.sol
@@ -46,17 +46,17 @@ contract Groth16Verifier_AnonEnc {
     uint256 constant IC0x = 5696326670703652601376328914723856805804139150397636629981154943267586835846;
     uint256 constant IC0y = 17913431813079674015620165360736989993822627917830194405007674349883405519566;
 
-    uint256 constant IC1x = 15825765194464726182776026234639522157004618110842020817264286413596445235307;
-    uint256 constant IC1y = 2401477487480347699703028792091325200698394178743640467196981936283298710021;
+    uint256 constant IC1x = 2102562587253616254650248571898720579563063454685611900201869023012028011038;
+    uint256 constant IC1y = 858837120372047227699859025595943051604219338012183710955972141361344096680;
 
-    uint256 constant IC2x = 17823254154132200329306690888156067227498822342519393685861534093309766001383;
-    uint256 constant IC2y = 14804040920166770014088667887230353137747938842993092323563528559936821334324;
+    uint256 constant IC2x = 19871902121561448541783335513612822391415363559792595451397804594141318386828;
+    uint256 constant IC2y = 14203964380144242038882743638980469366132880555873818345914201687170773944754;
 
-    uint256 constant IC3x = 18619661077507789630281262029605339062675871751807780618791872378570042056116;
-    uint256 constant IC3y = 18692831968495678168274986594838227336308377551834418943816657968243321416157;
+    uint256 constant IC3x = 4534338244167504974683945726615729215678954323916000129150608047181600075942;
+    uint256 constant IC3y = 9004530693581096650487103914238080672423858350236817229254519649589395343912;
 
-    uint256 constant IC4x = 8481249797936633465645328566302395583826148290507195864467073391607936154307;
-    uint256 constant IC4y = 4631061052012679777402506942756063974564041904906197227863591152456358430540;
+    uint256 constant IC4x = 16926200767829183396766074136228821955738540059328214039731068817771880630127;
+    uint256 constant IC4y = 15535238050385142389806452090946716626530242126040333805866336792975972380578;
 
     uint256 constant IC5x = 269115022971501175992618085182824077406065858697651888560831707201556157978;
     uint256 constant IC5y = 19699073094724988754117299114476621695804537148277402334737306097425629024180;

diff --git a/solidity/contracts/lib/verifier_anon_enc_nullifier.sol b/solidity/contracts/lib/verifier_anon_enc_nullifier.sol
@@ -46,17 +46,17 @@ contract Groth16Verifier_AnonEncNullifier {
     uint256 constant IC0x = 19712575420668268335634440622054263372704657131549679423053748840610444649065;
     uint256 constant IC0y = 21552018618280422667464008645151951952543569291144282502207358485399703168568;
 
-    uint256 constant IC1x = 8879640517323472103773105774693203238739849734532829129136892239475022333668;
-    uint256 constant IC1y = 8763769862439095053692831300380880413523736171679197931386220812298104316000;
+    uint256 constant IC1x = 21152648367462137565411101477610760889415992049938974004172633386627195379833;
+    uint256 constant IC1y = 17526913059347331839566720566403027766484314611214702153099182458740108823;
 
-    uint256 constant IC2x = 938844563415264744387226778430871504680270942210685580230120080929277918399;
-    uint256 constant IC2y = 9128906501228717785843913573881993155178978243801248472013755207523145161265;
+    uint256 constant IC2x = 5554249810657633166990745736699774333938659965451342592982728994998805456417;
+    uint256 constant IC2y = 9730676046857216859008721613182313555756289801254042508531677626774346999622;
 
-    uint256 constant IC3x = 15866014959526954538183423799071681422553639776348384721828133108069370471390;
-    uint256 constant IC3y = 17150051530085128616371619156987380853738195686559145384648523741607899076676;
+    uint256 constant IC3x = 16411770669872316544841615427270736472060848758458781353444450000872952405569;
+    uint256 constant IC3y = 3883712029134278704236321509155602434293779347341551692030084302663589933567;
 
-    uint256 constant IC4x = 16628587721511911382464102713531591331106282985537150732913149203131020489047;
-    uint256 constant IC4y = 15415751731187982732941102993178329101138735638465538195218064540808443483176;
+    uint256 constant IC4x = 7689756896440471053876099704125828625789315755353261183292592808881136591701;
+    uint256 constant IC4y = 8154637307804119872460314948142196702392444351248969101164117581937044926170;
 
     uint256 constant IC5x = 12299330364713292827284970278663419727424821736280679334696618553775046366194;
     uint256 constant IC5y = 21075649501958706881669057145213727696785798949405955661717827102964559861134;

diff --git a/solidity/contracts/lib/verifier_anon_enc_nullifier_kyc.sol b/solidity/contracts/lib/verifier_anon_enc_nullifier_kyc.sol
@@ -46,17 +46,17 @@ contract Groth16Verifier_AnonEncNullifierKyc {
     uint256 constant IC0x = 9571444203847882263349163823295111750012388583457810565732023354927681835330;
     uint256 constant IC0y = 8269430673392355800760839451470053559913816443341643262118006327992857911204;
 
-    uint256 constant IC1x = 9064618673757941298723368256455368704652053245680352298747244104270117399013;
-    uint256 constant IC1y = 18460523336912744595286963914355935468980100749586794932399055794642428817860;
+    uint256 constant IC1x = 4171425333877223863056817685674841454723358686631303251580406544847360463144;
+    uint256 constant IC1y = 15508434706912610115961511481609592716639093445421134335652880195025374357944;
 
-    uint256 constant IC2x = 6234445486135103452353461753870378713252491194598434626156924198461569144220;
-    uint256 constant IC2y = 19806194266588836706192248603836164188429573371931646966506431735887915813107;
+    uint256 constant IC2x = 2805234997490797748511701790284534458659062187129667755544299868178828988756;
+    uint256 constant IC2y = 12737871927823892823240455203969207068418359360382939881586564793007265918634;
 
-    uint256 constant IC3x = 18144060134373768126079377488553518214212771938728804260549905835847903158616;
-    uint256 constant IC3y = 19752625621061851934279429923793259058430161041447424946974778118660304770459;
+    uint256 constant IC3x = 10037927645989308427370729946962854922194022862178974033089345641900642443287;
+    uint256 constant IC3y = 1869974150112738935511161628734764742128849823652210548167483049626273686915;
 
-    uint256 constant IC4x = 19799962330511666047510772152384361697930140486539832408955733607335237352017;
-    uint256 constant IC4y = 21390552580901965014309509907380647647075600781150265090969128649763744906005;
+    uint256 constant IC4x = 20687486203577926209406522416577489369623505298901447042889614462294165837937;
+    uint256 constant IC4y = 2451926520013626473243440086333573559066473857550647156934680886755185047100;
 
     uint256 constant IC5x = 17506157096475522989244923493066068666613854999605413994180693698287006754601;
     uint256 constant IC5y = 18337141315691397667266548067044460253572013083720894042089481649614687489349;

diff --git a/zkp/circuits/anon_enc.circom b/zkp/circuits/anon_enc.circom
@@ -93,10 +93,10 @@ template Zeto(nInputs, nOutputs) {
   encrypt.plainText[1] <== outputSalts[0];
   encrypt.key <== sharedSecret;
   encrypt.nonce <== encryptionNonce;
-  encrypt.cipherText[0] --> cipherText[0];
-  encrypt.cipherText[1] --> cipherText[1];
-  encrypt.cipherText[2] --> cipherText[2];
-  encrypt.cipherText[3] --> cipherText[3];
+  encrypt.cipherText[0] ==> cipherText[0];
+  encrypt.cipherText[1] ==> cipherText[1];
+  encrypt.cipherText[2] ==> cipherText[2];
+  encrypt.cipherText[3] ==> cipherText[3];
 }
 
 component main { public [ inputCommitments, outputCommitments, encryptionNonce ] } = Zeto(2, 2);
diff --git a/zkp/circuits/anon_enc_nullifier.circom b/zkp/circuits/anon_enc_nullifier.circom
@@ -118,10 +118,10 @@ template Zeto(nInputs, nOutputs, nSMTLevels) {
   encrypt.plainText[1] <== outputSalts[0];
   encrypt.key <== sharedSecret;
   encrypt.nonce <== encryptionNonce;
-  encrypt.cipherText[0] --> cipherText[0];
-  encrypt.cipherText[1] --> cipherText[1];
-  encrypt.cipherText[2] --> cipherText[2];
-  encrypt.cipherText[3] --> cipherText[3];
+  encrypt.cipherText[0] ==> cipherText[0];
+  encrypt.cipherText[1] ==> cipherText[1];
+  encrypt.cipherText[2] ==> cipherText[2];
+  encrypt.cipherText[3] ==> cipherText[3];
 }
 
 component main { public [ nullifiers, outputCommitments, encryptionNonce, root, enabled ] } = Zeto(2, 2, 64);
diff --git a/zkp/circuits/anon_enc_nullifier_kyc.circom b/zkp/circuits/anon_enc_nullifier_kyc.circom
@@ -147,10 +147,10 @@ template Zeto(nInputs, nOutputs, nUTXOSMTLevels, nIdentitiesSMTLevels) {
   encrypt.plainText[1] <== outputSalts[0];
   encrypt.key <== sharedSecret;
   encrypt.nonce <== encryptionNonce;
-  encrypt.cipherText[0] --> cipherText[0];
-  encrypt.cipherText[1] --> cipherText[1];
-  encrypt.cipherText[2] --> cipherText[2];
-  encrypt.cipherText[3] --> cipherText[3];
+  encrypt.cipherText[0] ==> cipherText[0];
+  encrypt.cipherText[1] ==> cipherText[1];
+  encrypt.cipherText[2] ==> cipherText[2];
+  encrypt.cipherText[3] ==> cipherText[3];
 }
 
 component main { public [ nullifiers, outputCommitments, encryptionNonce, utxosRoot, identitiesRoot, enabled ] } = Zeto(2, 2, 64, 10);
diff --git a/zkp/js/test/anon_enc_nullifier_kyc.js b/zkp/js/test/anon_enc_nullifier_kyc.js
@@ -320,7 +320,7 @@ describe('main circuit tests for Zeto fungible tokens with encryption and anonym
           identitiesMerkleProof: [
             proof3.siblings.map((s) => s.bigInt()),
             proof4.siblings.map((s) => s.bigInt()),
-            proof4.siblings.map((s) => s.bigInt()),
+            [0n, 0n, 0n, 0n, 0n, 0n, 0n, 0n, 0n, 0n], // invalid MTP
           ],
           outputCommitments,
           outputValues,

diff --git a/zkp/js/test/anon_nullifier_kyc.js b/zkp/js/test/anon_nullifier_kyc.js
@@ -183,7 +183,7 @@ describe('main circuit tests for Zeto fungible tokens with anonymity, KYC, using
 
     let error;
     try {
-      const witness = await circuit.calculateWitness(
+      await circuit.calculateWitness(
         {
           nullifiers,
           inputCommitments,
@@ -194,7 +194,11 @@ describe('main circuit tests for Zeto fungible tokens with anonymity, KYC, using
           utxosMerkleProof: [proof1.siblings.map((s) => s.bigInt()), proof2.siblings.map((s) => s.bigInt())],
           enabled: [1, 1],
           identitiesRoot,
-          identitiesMerkleProof: [proof3.siblings.map((s) => s.bigInt()), proof4.siblings.map((s) => s.bigInt()), proof4.siblings.map((s) => s.bigInt())],
+          identitiesMerkleProof: [
+            proof3.siblings.map((s) => s.bigInt()),
+            proof4.siblings.map((s) => s.bigInt()),
+            [0n, 0n, 0n, 0n, 0n, 0n, 0n, 0n, 0n, 0n], // invalid MTP
+          ],
           outputCommitments,
           outputValues,
           outputSalts: [salt3, salt4],