Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: make nullifier not leak identity between polls #1974

Merged
merged 1 commit into from
Dec 23, 2024
Merged

feat: make nullifier not leak identity between polls #1974

merged 1 commit into from
Dec 23, 2024

Conversation

ctrlc03
Copy link
Collaborator

@ctrlc03 ctrlc03 commented Dec 20, 2024
edited
Loading

Description

Currently, the nullifier leaks user identity between polls, as it's the poseidon hash of the user original private key. By adding the poll Id as a public input, we can check inside the circuit that nullifier = poseidon(privateKey, pollId), thus resulting in completely different nullifiers per each poll, and also keeping the use of the nullifier to prevent double signup.

Confirmation

@vercel Vercel
Copy link

vercel bot commented Dec 20, 2024
edited
Loading

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name Status Preview Updated (UTC)
maci-website ✅ Ready (Inspect) Visit Preview Dec 20, 2024 10:48pm

@ctrlc03 ctrlc03 self-assigned this Dec 20, 2024
github-advanced-security[bot]
github-advanced-security bot found potential problems Dec 20, 2024
View reviewed changes
packages/contracts/contracts/PollFactory.sol Dismissed Show dismissed Hide dismissed
packages/contracts/contracts/PollFactory.sol Dismissed Show dismissed Hide dismissed
@ctrlc03 ctrlc03 force-pushed the feat/anon-nullifier branch from e810365 to f1bd6df Compare December 20, 2024 16:40
kittybest
kittybest approved these changes Dec 20, 2024
View reviewed changes
Copy link
Collaborator

@kittybest kittybest left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks! But would the identity be leaked if we only hash the private key? I think the poseidon function is not reversible?

@ctrlc03
Copy link
Collaborator Author

ctrlc03 commented Dec 20, 2024

Thanks! But would the identity be leaked if we only hash the private key? I think the poseidon function is not reversible?

The issue is that if you register to 5 polls, each poll will have the same nullifier (which is, well was, the hash of the original private key signed up to the maci contract), so even if you use different poll keys and different addresses, others might observe that one user is the same and has x keys on x polls. Adding the poll Id makes it a completely new value which does not leak you joining other polls

@ctrlc03 ctrlc03 force-pushed the feat/anon-nullifier branch from f1bd6df to 5fdafaf Compare December 20, 2024 22:46
0xmad
0xmad approved these changes Dec 22, 2024
View reviewed changes
Copy link
Collaborator

@0xmad 0xmad left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@ctrlc03 thanks!

@ctrlc03 ctrlc03 merged commit c9e7efc into dev Dec 23, 2024
22 checks passed
@ctrlc03 ctrlc03 deleted the feat/anon-nullifier branch December 23, 2024 10:07
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@0xmad 0xmad 0xmad approved these changes

@kittybest kittybest kittybest approved these changes

@crisgarner crisgarner Awaiting requested review from crisgarner crisgarner is a code owner

Assignees

@ctrlc03 ctrlc03

Labels
None yet
Projects
MACI
Status: Done
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@ctrlc03 @kittybest @0xmad