Skip to content

Commit

Permalink
fix: various bugfixes
Browse files Browse the repository at this point in the history
  • Loading branch information
@Westlad
Westlad committed Sep 8, 2023
1 parent 534b879 commit 5348801
Show file tree
Hide file tree
Showing 7 changed files with 62 additions and 38 deletions.
26 changes: 16 additions & 10 deletions nightfall-deployer/circuits/burn.circom
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,7 @@ pragma circom 2.1.2;

include "./common/utils/calculate_keys.circom";
include "./common/utils/array_uint32_to_bits.circom";
include "./common/utils/is_token_id_zero.circom";
include "./common/verifiers/verify_duplicates.circom";
include "./common/verifiers/commitments/verify_commitments_optional.circom";
include "./common/verifiers/nullifiers/verify_nullifiers.circom";
Expand Down Expand Up @@ -80,9 +81,12 @@ template Burn(N,C) {
value === 0;

// Check that tokenId is zero
var isZero = isTokenIdZero()(tokenId);
isZero === 1;

var tokenIdBits[256] = ArrayUint32ToBits(8)(tokenId);
var tokenIdNum = Bits2Num(256)(tokenIdBits);
tokenIdNum === 0;
// var tokenIdNum = Bits2Num(256)(tokenIdBits);
// tokenIdNum === 0;

// Check that the recipient address is zero
// assert(recipientAddress == 0);
Expand All @@ -94,32 +98,34 @@ template Burn(N,C) {
n1 === 0;

// Convert the nullifiers values to numbers and calculate its sum
var nullifiersSum = 0;
for(var i = 0; i < N; i++) {
nullifiersSum += nullifiersValues[i];
var nullifierValueBits[254] = Num2Bits(254)(nullifiersValues[i]);
nullifierValueBits[253] === 0;
nullifierValueBits[252] === 0;
}
var feeNullifiersSum = 0;
for(var i = 1; i < N; i++) {
feeNullifiersSum += nullifiersValues[i];
}

// Convert the commitment values to numbers and calculate its sum
var commitmentsSum = 0;
for(var i = 0; i < C; i++) {
commitmentsSum += commitmentsValues[i];
var commitmentValueBits[254] = Num2Bits(254)(commitmentsValues[i]);
commitmentValueBits[253] === 0;
commitmentValueBits[252] === 0;
}

signal nullifiedFees <-- feeNullifiersSum;
// Constrain the fees so that new 'fees' can't be added from an L2 commitment
nullifiedFees === fee + commitmentsValues[1];
// constrain the value
nullifiersValues[0] === valuePrivate + commitmentsValues[0];

// Check that value doesn't overflow
var valuePrivateBits[254] = Num2Bits(254)(valuePrivate);
valuePrivateBits[253] === 0;
valuePrivateBits[252] === 0;

// Check that the value holds
nullifiersSum === commitmentsSum + fee + valuePrivate;


// Calculate the nullifierKeys and the zkpPublicKeys from the root key
var nullifierKeys, zkpPublicKeys[2];
(nullifierKeys, zkpPublicKeys) = CalculateKeys()(rootKey);
Expand Down
19 changes: 19 additions & 0 deletions nightfall-deployer/circuits/common/utils/is_token_id_zero.circom
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,19 @@
pragma circom 2.1.2;

include "../../../node_modules/circomlib/circuits/comparators.circom";
include "../../../node_modules/circomlib/circuits/gates.circom";

template isTokenIdZero() {
signal input tokenId[8];
signal output isZero;

signal a0 <== IsZero()(tokenId[0]);
signal a1 <== IsZero()(tokenId[1]);
signal a2 <== IsZero()(tokenId[2]);
signal a3 <== IsZero()(tokenId[3]);
signal a4 <== IsZero()(tokenId[4]);
signal a5 <== IsZero()(tokenId[5]);
signal a6 <== IsZero()(tokenId[6]);
signal a7 <== IsZero()(tokenId[7]);
isZero <== AND()(AND()(AND()(a0, a1), AND()(a2, a3)), AND()(AND()(a4, a5), AND()(a6, a7)));
}
8 changes: 4 additions & 4 deletions nightfall-deployer/circuits/deposit.circom
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,7 @@ pragma circom 2.1.2;
include "./common/verifiers/verify_duplicates.circom";
include "./common/verifiers/commitments/verify_commitments.circom";
include "./common/utils/array_uint32_to_bits.circom";
include "./common/utils/is_token_id_zero.circom";
include "../node_modules/circomlib/circuits/comparators.circom";
include "../node_modules/circomlib/circuits/gates.circom";

Expand Down Expand Up @@ -58,8 +59,6 @@ template Deposit(N,C) {
signal a1 <== IsZero()(ercAddress);
a1 === 0;

var tokenIdBits[256] = ArrayUint32ToBits(8)(tokenId);
var tokenIdNum = Bits2Num(256)(tokenIdBits);
//Check that combination id and value matches the token type
//ERC20 -> Value > 0 and Id == 0
//ERC721 -> Value == 0
Expand All @@ -70,9 +69,9 @@ template Deposit(N,C) {
signal r1 <== XOR()(b1, b2);
r1 === 0;

// assert((tokenType == 0 && tokenIdNum == 0) || tokenType != 0);
// assert((tokenType == 0 && tokenId == 0) || tokenType != 0);
signal c1 <== IsZero()(tokenType);
signal c2 <== IsZero()(tokenIdNum);
signal c2 <== isTokenIdZero()(tokenId);
signal r2 <== OR()(AND()(c1, c2), NOT()(c1));
r2 === 1;

Expand All @@ -96,6 +95,7 @@ template Deposit(N,C) {
commitmentsSum + fee === value;

// Calculate the token Id remainder without the 4 top bytes
var tokenIdBits[256] = ArrayUint32ToBits(8)(tokenId);
component idRemainder = Bits2Num(224);
for(var i = 0; i < 224; i++) {
idRemainder.in[i] <== tokenIdBits[i];
Expand Down
16 changes: 9 additions & 7 deletions nightfall-deployer/circuits/depositfee.circom
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,7 @@ include "./common/verifiers/commitments/verify_commitments_optional.circom";
include "./common/verifiers/commitments/verify_commitments.circom";
include "./common/verifiers/nullifiers/verify_nullifiers_optional.circom";
include "./common/utils/array_uint32_to_bits.circom";
include "./common/utils/is_token_id_zero.circom";
include "../node_modules/circomlib/circuits/comparators.circom";
include "../node_modules/circomlib/circuits/gates.circom";

Expand Down Expand Up @@ -71,8 +72,6 @@ template DepositFee(N,C) {
signal a1 <== IsZero()(ercAddress);
a1 === 0;

var tokenIdBits[256] = ArrayUint32ToBits(8)(tokenId);
var tokenIdNum = Bits2Num(256)(tokenIdBits);
//Check that combination id and value matches the token type
//ERC20 -> Value > 0 and Id == 0
//ERC721 -> Value == 0
Expand All @@ -83,9 +82,9 @@ template DepositFee(N,C) {
signal r <== XOR()(b1, b2);
r === 0;

// assert((tokenType == 0 && tokenIdNum == 0) || tokenType != 0);
// assert((tokenType == 0 && tokenId == 0) || tokenType != 0);
signal c1 <== IsZero()(tokenType);
signal c2 <== IsZero()(tokenIdNum);
signal c2 <== isTokenIdZero()(tokenId);
signal s <== OR()(AND()(c1, c2), NOT()(c1));
s === 1;

Expand Down Expand Up @@ -114,10 +113,8 @@ template DepositFee(N,C) {
nullifierValueBits[252] === 0;
}

// Check that the commitments sum is equal to the value
commitmentsSum + fee === value + nullifiersSum;

// Calculate the token Id remainder without the 4 top bytes
var tokenIdBits[256] = ArrayUint32ToBits(8)(tokenId);
component idRemainder = Bits2Num(224);
for(var i = 0; i < 224; i++) {
idRemainder.in[i] <== tokenIdBits[i];
Expand All @@ -144,6 +141,11 @@ template DepositFee(N,C) {
nullifiersValues, nullifiersSalts, paths, orders);
checkNullifier === 1;

// check that fees are conserved
commitmentsValues[1] + fee === nullifiersSum;
// check non-fees are conserved
nullifiersValues[0] === value;

// Verify the fee change
// assert(commitmentsValues[1] == 0 || (
// zkpPublicKeys[0] == recipientPublicKey[1][0] && zkpPublicKeys[1] == recipientPublicKey[1][1]));
Expand Down
12 changes: 7 additions & 5 deletions nightfall-deployer/circuits/tokenise.circom
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,7 @@ pragma circom 2.1.2;

include "./common/utils/calculate_keys.circom";
include "./common/utils/array_uint32_to_bits.circom";
include "./common/utils/is_token_id_zero.circom";
include "./common/verifiers/verify_duplicates.circom";
include "./common/verifiers/commitments/verify_commitments_optional.circom";
include "./common/verifiers/commitments/verify_commitments.circom";
Expand Down Expand Up @@ -80,9 +81,8 @@ template Tokenise(N,C) {
value === 0;

// Check that tokenId is zero
var tokenIdBits[256] = ArrayUint32ToBits(8)(tokenId);
var tokenIdNum = Bits2Num(256)(tokenIdBits);
tokenIdNum === 0;
var isZero = isTokenIdZero()(tokenId);
isZero === 1;

// Check that the recipient address is zero
recipientAddress === 0;
Expand Down Expand Up @@ -115,8 +115,10 @@ template Tokenise(N,C) {
valuePrivateBits[253] === 0;
valuePrivateBits[252] === 0;

// Check that the value holds
nullifiersSum + valuePrivate === commitmentsSum + fee;
// Check that fees are conserved
nullifiersSum === fee + commitmentsValues[1];
// check that the non-fees are conserved
valuePrivate === commitmentsValues[0];

// Calculate the nullifierKeys and the zkpPublicKeys from the root key
var nullifierKeys, zkpPublicKeys[2];
Expand Down
6 changes: 3 additions & 3 deletions nightfall-deployer/circuits/transform.circom
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,7 @@ pragma circom 2.1.0;

include "./common/utils/calculate_keys.circom";
include "./common/utils/array_uint32_to_bits.circom";
include "./common/utils/is_token_id_zero.circom";
include "./common/verifiers/verify_duplicates.circom";
include "./common/verifiers/commitments/verify_commitments.circom";
include "./common/verifiers/commitments/verify_commitments_optional.circom";
Expand Down Expand Up @@ -88,9 +89,8 @@ template Transform(N,C) {
value === 0;

// Check that tokenId is zero
var tokenIdBits[256] = ArrayUint32ToBits(8)(tokenId);
var tokenIdNum = Bits2Num(256)(tokenIdBits);
tokenIdNum === 0;
var isZero = isTokenIdZero()(tokenId);
isZero === 1;

// Check that the recipient address is zero
// assert(recipientAddress == 0);
Expand Down
13 changes: 4 additions & 9 deletions nightfall-deployer/circuits/withdraw.circom
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,7 @@ pragma circom 2.1.2;

include "./common/utils/calculate_keys.circom";
include "./common/utils/array_uint32_to_bits.circom";
include "./common/utils/is_token_id_zero.circom";
include "./common/verifiers/verify_duplicates.circom";
include "./common/verifiers/commitments/verify_commitments_generic.circom";
include "./common/verifiers/nullifiers/verify_nullifiers.circom";
Expand Down Expand Up @@ -71,9 +72,6 @@ template Withdraw(N,C) {
signal a1 <== IsZero()(ercAddress);
a1 === 0;

var tokenIdBits[256] = ArrayUint32ToBits(8)(tokenId);
var tokenIdNum = Bits2Num(256)(tokenIdBits);

//Check that combination id and value matches the token type
//ERC20 -> Value > 0 and Id == 0
//ERC721 -> Value == 0
Expand All @@ -84,9 +82,9 @@ template Withdraw(N,C) {
signal r <== XOR()(b1, b2);
r === 0;

// assert((tokenType == 0 && tokenIdNum == 0) || tokenType != 0);
// assert((tokenType == 0 && tokenId == 0) || tokenType != 0);
signal c1 <== IsZero()(tokenType);
signal c2 <== IsZero()(tokenIdNum);
signal c2 <== isTokenIdZero()(tokenId);
signal s <== OR()(AND()(c1, c2), NOT()(c1));
s === 1;

Expand Down Expand Up @@ -117,12 +115,9 @@ template Withdraw(N,C) {
commitmentValueBits[253] === 0;
commitmentValueBits[252] === 0;
}


// Check that the value holds
// nullifiersSum === commitmentsSum + fee + value;

// Calculate the token Id remainder without the 4 top bytes
var tokenIdBits[256] = ArrayUint32ToBits(8)(tokenId);
component idRemainder = Bits2Num(224);
for(var i = 0; i < 224; i++) {
idRemainder.in[i] <== tokenIdBits[i];
Expand Down

0 comments on commit 5348801

Please sign in to comment.