Merge pull request #13 from hyperledger-labs/proving-keys

zeto-js should make no assumptions about environment variables
hyperledger-labs · Jul 12, 2024 · ebfa06b · ebfa06b
2 parents 80a17a9 + d3fc8c1
commit ebfa06b
Show file tree

Hide file tree

Showing 23 changed files with 162 additions and 94 deletions.
diff --git a/solidity/package-lock.json b/solidity/package-lock.json
diff --git a/solidity/test/utils.ts b/solidity/test/utils.ts
@@ -0,0 +1,39 @@
+// Copyright © 2024 Kaleido, Inc.
+//
+// SPDX-License-Identifier: Apache-2.0
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+import { readFileSync } from "fs";
+import * as path from "path";
+
+function provingKeysRoot() {
+  const PROVING_KEYS_ROOT = process.env.PROVING_KEYS_ROOT;
+  if (!PROVING_KEYS_ROOT) {
+    throw new Error("PROVING_KEYS_ROOT env var is not set");
+  }
+  return PROVING_KEYS_ROOT;
+}
+
+export function loadProvingKeys(type: string) {
+  const provingKeyFile = path.join(provingKeysRoot(), `${type}.zkey`);
+  const verificationKey = JSON.parse(
+    new TextDecoder().decode(
+      readFileSync(path.join(provingKeysRoot(), `${type}-vkey.json`))
+    )
+  );
+  return {
+    provingKeyFile,
+    verificationKey,
+  };
+}
diff --git a/solidity/test/zeto_anon.ts b/solidity/test/zeto_anon.ts
@@ -17,13 +17,13 @@
 import { ethers, ignition } from 'hardhat';
 import { Signer, BigNumberish, AddressLike, ContractTransactionReceipt, ZeroAddress } from 'ethers';
 import { expect } from 'chai';
-import { loadCircuits, encodeProof, Poseidon } from "zeto-js";
+import { loadCircuit, encodeProof, Poseidon } from "zeto-js";
 import { groth16 } from 'snarkjs';
 import { formatPrivKeyForBabyJub, stringifyBigInts } from 'maci-crypto';
 import { User, UTXO, newUser, newUTXO, doMint, parseUTXOEvents } from './lib/utils';
-
 import RegistryModule from '../ignition/modules/registry';
 import zetoModule from '../ignition/modules/zeto_anon';
+import { loadProvingKeys } from './utils';
 
 const ZERO_PUBKEY = [0, 0];
 const poseidonHash = Poseidon.poseidon4;
@@ -57,9 +57,8 @@ describe("Zeto based fungible token with anonymity without encryption or nullifi
     const tx3 = await registry.connect(deployer).register(Charlie.ethAddress, Charlie.babyJubPublicKey as [BigNumberish, BigNumberish]);
     await tx3.wait();
 
-    const result = await loadCircuits('anon');
-    circuit = result.circuit;
-    provingKey = result.provingKeyFile;
+    circuit = await loadCircuit('anon');
+    ({ provingKeyFile: provingKey } = loadProvingKeys('anon'));
   });
 
   it("mint to Alice and transfer UTXOs honestly to Bob should succeed", async function () {

diff --git a/solidity/test/zeto_anon_enc.ts b/solidity/test/zeto_anon_enc.ts
@@ -17,12 +17,13 @@
 import { ethers, ignition } from 'hardhat';
 import { ContractTransactionReceipt, Signer, BigNumberish, AddressLike } from 'ethers';
 import { expect } from 'chai';
-import { loadCircuits, poseidonDecrypt, encodeProof, Poseidon } from "zeto-js";
+import { loadCircuit, poseidonDecrypt, encodeProof, Poseidon } from "zeto-js";
 import { groth16 } from 'snarkjs';
 import { genRandomSalt, formatPrivKeyForBabyJub, genEcdhSharedKey, stringifyBigInts } from 'maci-crypto';
 import RegistryModule from '../ignition/modules/registry';
 import zetoModule from '../ignition/modules/zeto_anon_enc';
 import { User, UTXO, newUser, newUTXO, doMint, ZERO_UTXO, parseUTXOEvents } from './lib/utils';
+import { loadProvingKeys } from './utils';
 
 const poseidonHash = Poseidon.poseidon4;
 
@@ -56,9 +57,8 @@ describe("Zeto based fungible token with anonymity and encryption", function ()
     const tx3 = await registry.connect(deployer).register(Charlie.ethAddress, Charlie.babyJubPublicKey as [BigNumberish, BigNumberish]);
     await tx3.wait();
 
-    const result = await loadCircuits('anon_enc');
-    circuit = result.circuit;
-    provingKey = result.provingKeyFile;
+    circuit = await loadCircuit('anon_enc');
+    ({ provingKeyFile: provingKey } = loadProvingKeys('anon_enc'));
   });
 
   it("mint to Alice and transfer UTXOs honestly to Bob should succeed", async function () {

diff --git a/solidity/test/zeto_anon_enc_nullifier.ts b/solidity/test/zeto_anon_enc_nullifier.ts
@@ -15,15 +15,16 @@
 // limitations under the License.
 
 import { ethers, ignition } from 'hardhat';
-import { ContractTransactionReceipt, Signer, BigNumberish, AddressLike } from 'ethers';
+import { ContractTransactionReceipt, Signer, BigNumberish } from 'ethers';
 import { expect } from 'chai';
-import { loadCircuits, poseidonDecrypt, encodeProof } from "zeto-js";
+import { loadCircuit, poseidonDecrypt, encodeProof } from "zeto-js";
 import { groth16 } from 'snarkjs';
 import { genRandomSalt, genEcdhSharedKey, stringifyBigInts } from 'maci-crypto';
 import { Merkletree, InMemoryDB, str2Bytes } from '@iden3/js-merkletree';
 import RegistryModule from '../ignition/modules/registry';
 import zetoModule from '../ignition/modules/zeto_anon_enc_nullifier';
 import { UTXO, User, newUser, newUTXO, newNullifier, doMint, ZERO_UTXO, parseUTXOEvents } from './lib/utils';
+import { loadProvingKeys } from './utils';
 
 describe("Zeto based fungible token with anonymity using nullifiers and encryption", function () {
   let deployer: Signer;
@@ -56,9 +57,8 @@ describe("Zeto based fungible token with anonymity using nullifiers and encrypti
     const tx3 = await registry.connect(deployer).register(Charlie.ethAddress, Charlie.babyJubPublicKey as [BigNumberish, BigNumberish]);
     await tx3.wait();
 
-    const result = await loadCircuits('anon_enc_nullifier');
-    circuit = result.circuit;
-    provingKey = result.provingKeyFile;
+    circuit = await loadCircuit('anon_enc_nullifier');
+    ({ provingKeyFile: provingKey } = loadProvingKeys('anon_enc_nullifier'));
 
     const storage1 = new InMemoryDB(str2Bytes(""))
     smtAlice = new Merkletree(storage1, true, 64);

diff --git a/solidity/test/zeto_anon_nullifier.ts b/solidity/test/zeto_anon_nullifier.ts
@@ -17,12 +17,13 @@
 import { ethers, ignition } from 'hardhat';
 import { ContractTransactionReceipt, Signer, BigNumberish, AddressLike } from 'ethers';
 import { expect } from 'chai';
-import { loadCircuits, Poseidon, encodeProof } from "zeto-js";
+import { loadCircuit, Poseidon, encodeProof } from "zeto-js";
 import { groth16 } from 'snarkjs';
 import { Merkletree, InMemoryDB, str2Bytes } from '@iden3/js-merkletree';
 import RegistryModule from '../ignition/modules/registry';
 import zetoModule from '../ignition/modules/zeto_anon_nullifier';
 import { UTXO, User, newUser, newUTXO, newNullifier, doMint, ZERO_UTXO, parseUTXOEvents } from './lib/utils';
+import { loadProvingKeys } from './utils';
 
 describe("Zeto based fungible token with anonymity using nullifiers without encryption", function () {
   let deployer: Signer;
@@ -55,9 +56,8 @@ describe("Zeto based fungible token with anonymity using nullifiers without encr
     const tx3 = await registry.connect(deployer).register(Charlie.ethAddress, Charlie.babyJubPublicKey as [BigNumberish, BigNumberish]);
     await tx3.wait();
 
-    const result = await loadCircuits('anon_nullifier');
-    circuit = result.circuit;
-    provingKey = result.provingKeyFile;
+    circuit = await loadCircuit('anon_nullifier');
+    ({ provingKeyFile: provingKey } = loadProvingKeys('anon_nullifier'));
 
     const storage1 = new InMemoryDB(str2Bytes(""))
     smtAlice = new Merkletree(storage1, true, 64);

diff --git a/solidity/test/zeto_nf_anon.ts b/solidity/test/zeto_nf_anon.ts
@@ -17,13 +17,13 @@
 import { ethers, ignition } from 'hardhat';
 import { Signer, BigNumberish, AddressLike } from 'ethers';
 import { expect } from 'chai';
-import { loadCircuits, hashTokenUri, encodeProof } from "zeto-js";
+import { loadCircuit, hashTokenUri, encodeProof } from "zeto-js";
 import { groth16 } from 'snarkjs';
 import { formatPrivKeyForBabyJub, stringifyBigInts } from 'maci-crypto';
 import { User, UTXO, newUser, newAssetUTXO, doMint } from './lib/utils';
-
 import RegistryModule from '../ignition/modules/registry';
 import zetoModule from '../ignition/modules/zeto_nf_anon';
+import { loadProvingKeys } from './utils';
 
 describe("Zeto based non-fungible token with anonymity without encryption or nullifiers", function () {
   let deployer: Signer;
@@ -52,9 +52,8 @@ describe("Zeto based non-fungible token with anonymity without encryption or nul
     const tx3 = await registry.connect(deployer).register(Charlie.ethAddress, Charlie.babyJubPublicKey as [BigNumberish, BigNumberish]);
     await tx3.wait();
 
-    const result = await loadCircuits('nf_anon');
-    circuit = result.circuit;
-    provingKey = result.provingKeyFile;
+    circuit = await loadCircuit('nf_anon');
+    ({ provingKeyFile: provingKey } = loadProvingKeys('nf_anon'));
   });
 
   it("mint to Alice and transfer UTXOs honestly to Bob should succeed", async function () {

diff --git a/solidity/test/zeto_nf_anon_nullifier.ts b/solidity/test/zeto_nf_anon_nullifier.ts
@@ -17,12 +17,13 @@
 import { ethers, ignition } from 'hardhat';
 import { ContractTransactionReceipt, Signer, BigNumberish, AddressLike } from 'ethers';
 import { expect } from 'chai';
-import { loadCircuits, Poseidon, encodeProof, hashTokenUri } from "zeto-js";
+import { loadCircuit, Poseidon, encodeProof, hashTokenUri } from "zeto-js";
 import { groth16 } from 'snarkjs';
 import { Merkletree, InMemoryDB, str2Bytes } from '@iden3/js-merkletree';
 import RegistryModule from '../ignition/modules/registry';
 import zetoModule from '../ignition/modules/zeto_nf_anon_nullifier';
 import { UTXO, User, newUser, newAssetUTXO, newAssetNullifier, doMint, parseUTXOEvents } from './lib/utils';
+import { loadProvingKeys } from './utils';
 
 describe("Zeto based non-fungible token with anonymity using nullifiers without encryption", function () {
   let deployer: Signer;
@@ -52,9 +53,8 @@ describe("Zeto based non-fungible token with anonymity using nullifiers without
     const tx3 = await registry.connect(deployer).register(Charlie.ethAddress, Charlie.babyJubPublicKey as [BigNumberish, BigNumberish]);
     await tx3.wait();
 
-    const result = await loadCircuits('nf_anon_nullifier');
-    circuit = result.circuit;
-    provingKey = result.provingKeyFile;
+    circuit = await loadCircuit('nf_anon_nullifier');
+    ({ provingKeyFile: provingKey } = loadProvingKeys('nf_anon_nullifier'));
 
     const storage1 = new InMemoryDB(str2Bytes(""))
     smtAlice = new Merkletree(storage1, true, 64);

diff --git a/solidity/test/zkDvP.ts b/solidity/test/zkDvP.ts
@@ -15,17 +15,17 @@
 // limitations under the License.
 
 import { ethers, ignition } from 'hardhat';
-import { Signer, BigNumberish, AddressLike, encodeBytes32String, ZeroAddress, ZeroHash } from 'ethers';
+import { Signer, BigNumberish, encodeBytes32String, ZeroHash } from 'ethers';
 import { expect } from 'chai';
-import { loadCircuits, getProofHash } from "zeto-js";
+import { loadCircuit, getProofHash } from "zeto-js";
 import RegistryModule from '../ignition/modules/registry';
 import zetoAnonModule from '../ignition/modules/zeto_anon';
 import zetoNFAnonModule from '../ignition/modules/zeto_nf_anon';
 import zkDvPModule from '../ignition/modules/zkDvP';
 import zetoAnonTests from './zeto_anon';
 import zetoNFAnonTests from './zeto_nf_anon';
-
 import { UTXO, User, newUser, newUTXO, doMint, newAssetUTXO, ZERO_UTXO, parseUTXOEvents } from './lib/utils';
+import { loadProvingKeys } from './utils';
 
 describe("DvP flows between fungible and non-fungible tokens based on Zeto with anonymity without encryption or nullifiers", function () {
   // users interacting with each other in the DvP transactions
@@ -182,7 +182,8 @@ describe("DvP flows between fungible and non-fungible tokens based on Zeto with
     const utxo2 = newUTXO(100, Bob);
 
     // 1.2 Alice generates the proof for the trade proposal
-    const { circuit: circuit1, provingKeyFile: provingKey1 } = await loadCircuits('anon');
+    const circuit1 = await loadCircuit('anon');
+    const { provingKeyFile: provingKey1 } = loadProvingKeys('anon');
     const proof1 = await zetoAnonTests.prepareProof(circuit1, provingKey1, Alice, [_utxo1, ZERO_UTXO], [utxo2, ZERO_UTXO], [Bob, {}]);
     const hash1 = getProofHash(proof1.encodedProof);
 
@@ -197,7 +198,8 @@ describe("DvP flows between fungible and non-fungible tokens based on Zeto with
     const utxo4 = newAssetUTXO(202, "http://ipfs.io/file-hash-1", Alice);
 
     // 2.2 Bob generates the proof for accepting the trade
-    const { circuit: circuit2, provingKeyFile: provingKey2 } = await loadCircuits('nf_anon');
+    const circuit2 = await loadCircuit('nf_anon');
+    const { provingKeyFile: provingKey2 } = loadProvingKeys('nf_anon');
     const proof2 = await zetoNFAnonTests.prepareProof(circuit2, provingKey2, Bob, utxo3, utxo4, Alice);
     const hash2 = getProofHash(proof2.encodedProof);
 

diff --git a/zkp/Makefile b/zkp/Makefile
@@ -1,12 +1,12 @@
-excluded_circuits := circuits/check-nullifiers.circom
-circuits := $(filter-out $(excluded_circuits),$(wildcard circuits/*.circom))
+circuits := $(wildcard circuits/*.circom)
 keys := $(patsubst circuits/%.circom,proving-keys/%-vkey.json,$(circuits))
 ptau_files := $(addsuffix .ptau,$(addprefix ptau/powersOfTau28_hez_final_,11 12 13 14 15 16))
 
 ptau_size__anon := 12
 ptau_size__anon_enc := 13
 ptau_size__anon_nullifier := 16
 ptau_size__anon_enc_nullifier := 16
+ptau_size__check_nullifiers := 11
 ptau_size__nf_anon := 11
 ptau_size__nf_anon_nullifier := 15
 

diff --git a/zkp/circuits/check-nullifiers.circom → zkp/circuits/check_nullifiers.circom b/zkp/circuits/check-nullifiers.circom → zkp/circuits/check_nullifiers.circom
diff --git a/zkp/js/index.js b/zkp/js/index.js
@@ -14,33 +14,30 @@
 // See the License for the specific language governing permissions and
 // limitations under the License.
 
-const path = require('path');
-const { readFileSync } = require('fs');
-const Poseidon = require('poseidon-lite');
-const { newSalt, poseidonDecrypt, encodeProof, getProofHash, hashTokenUri } = require('./lib/util.js');
+const path = require("path");
+const { readFileSync } = require("fs");
+const Poseidon = require("poseidon-lite");
+const {
+  newSalt,
+  poseidonDecrypt,
+  encodeProof,
+  getProofHash,
+  hashTokenUri,
+} = require("./lib/util.js");
 
-async function loadCircuits(type) {
+function loadCircuit(type) {
   if (!type) {
-    type = '3';
+    throw new Error('The circuit name must be provided');
   }
   const WitnessCalculator = require(`./lib/${type}_js/witness_calculator.js`);
-  const buffer = readFileSync(path.join(__dirname, `./lib/${type}_js/${type}.wasm`));
-  const circuit = await WitnessCalculator(buffer);
-  const PROVING_KEYS_ROOT = process.env.PROVING_KEYS_ROOT;
-  if (!PROVING_KEYS_ROOT) {
-    throw new Error('PROVING_KEYS_ROOT env var is not set');
-  }
-  const provingKeyFile = path.join(PROVING_KEYS_ROOT, `${type}.zkey`);
-  const verificationKey = JSON.parse(new TextDecoder().decode(readFileSync(path.join(PROVING_KEYS_ROOT, `${type}-vkey.json`))));
-  return {
-    circuit,
-    provingKeyFile,
-    verificationKey,
-  };
+  const buffer = readFileSync(
+    path.join(__dirname, `./lib/${type}_js/${type}.wasm`)
+  );
+  return WitnessCalculator(buffer);
 }
 
 module.exports = {
-  loadCircuits,
+  loadCircuit,
   Poseidon,
   newSalt,
   hashTokenUri,

diff --git a/...check-nullifiers_js/check-nullifiers.wasm → ...check_nullifiers_js/check_nullifiers.wasm b/...check-nullifiers_js/check-nullifiers.wasm → ...check_nullifiers_js/check_nullifiers.wasm
diff --git a/...b/check-nullifiers_js/generate_witness.js → ...b/check_nullifiers_js/generate_witness.js b/...b/check-nullifiers_js/generate_witness.js → ...b/check_nullifiers_js/generate_witness.js
diff --git a/...check-nullifiers_js/witness_calculator.js → ...check_nullifiers_js/witness_calculator.js b/...check-nullifiers_js/witness_calculator.js → ...check_nullifiers_js/witness_calculator.js
diff --git a/zkp/js/test/anon.js b/zkp/js/test/anon.js
@@ -17,7 +17,8 @@
 const { expect } = require('chai');
 const { groth16 } = require('snarkjs');
 const { genKeypair, formatPrivKeyForBabyJub, stringifyBigInts } = require('maci-crypto');
-const { Poseidon, newSalt, loadCircuits } = require('../index.js');
+const { Poseidon, newSalt, loadCircuit } = require('../index.js');
+const { loadProvingKeys } = require('./utils.js');
 
 const ZERO_PUBKEY = [0, 0];
 const poseidonHash = Poseidon.poseidon4;
@@ -29,10 +30,8 @@ describe('main circuit tests for Zeto fungible tokens with anonymity without enc
   const receiver = {};
 
   before(async () => {
-    const result = await loadCircuits('anon');
-    circuit = result.circuit;
-    provingKeyFile = result.provingKeyFile;
-    verificationKey = result.verificationKey;
+    circuit = await loadCircuit('anon');
+    ({ provingKeyFile, verificationKey } = loadProvingKeys('anon'));
 
     let keypair = genKeypair();
     sender.privKey = keypair.privKey;

diff --git a/zkp/js/test/anon_enc.js b/zkp/js/test/anon_enc.js
@@ -17,7 +17,8 @@
 const { expect } = require('chai');
 const { groth16 } = require('snarkjs');
 const { genRandomSalt, genKeypair, genEcdhSharedKey, formatPrivKeyForBabyJub, stringifyBigInts } = require('maci-crypto');
-const { Poseidon, newSalt, poseidonDecrypt, loadCircuits } = require('../index.js');
+const { Poseidon, newSalt, poseidonDecrypt, loadCircuit } = require('../index.js');
+const { loadProvingKeys } = require('./utils.js');
 
 const ZERO_PUBKEY = [0, 0];
 const poseidonHash = Poseidon.poseidon4;
@@ -29,10 +30,8 @@ describe('main circuit tests for Zeto fungible tokens with anonymity with encryp
   const receiver = {};
 
   before(async () => {
-    const result = await loadCircuits('anon_enc');
-    circuit = result.circuit;
-    provingKeyFile = result.provingKeyFile;
-    verificationKey = result.verificationKey;
+    circuit = await loadCircuit('anon_enc');
+    ({ provingKeyFile, verificationKey } = loadProvingKeys('anon_enc'));
 
     let keypair = genKeypair();
     sender.privKey = keypair.privKey;

diff --git a/zkp/js/test/anon_enc_nullifier.js b/zkp/js/test/anon_enc_nullifier.js
@@ -18,8 +18,8 @@ const { expect } = require('chai');
 const { groth16 } = require('snarkjs');
 const { genRandomSalt, genKeypair, genEcdhSharedKey, formatPrivKeyForBabyJub, stringifyBigInts } = require('maci-crypto');
 const { Merkletree, InMemoryDB, str2Bytes, ZERO_HASH } = require('@iden3/js-merkletree');
-
-const { Poseidon, newSalt, poseidonDecrypt, loadCircuits } = require('../index.js');
+const { Poseidon, newSalt, poseidonDecrypt, loadCircuit } = require('../index.js');
+const { loadProvingKeys } = require('./utils.js');
 
 const SMT_HEIGHT = 64;
 const poseidonHash = Poseidon.poseidon4;
@@ -33,10 +33,8 @@ describe('main circuit tests for Zeto fungible tokens with encryption and anonym
   let senderPrivateKey;
 
   before(async () => {
-    const result = await loadCircuits('anon_enc_nullifier');
-    circuit = result.circuit;
-    provingKeyFile = result.provingKeyFile;
-    verificationKey = result.verificationKey;
+    circuit = await loadCircuit('anon_enc_nullifier');
+    ({ provingKeyFile, verificationKey } = loadProvingKeys('anon_enc_nullifier'));
 
     let keypair = genKeypair();
     Alice.privKey = keypair.privKey;