Modify NullifierDerivationCircuit to use a commitment to the note

Fixes #2764.

crates/core/component/shielded-pool/src/nullifier_derivation.rs

@@ -14,8 +14,9 @@ use penumbra_proto::{core::crypto::v1alpha1 as pb, DomainType, TypeUrl};
 use penumbra_tct as tct;
 use rand::{CryptoRng, Rng};
 use rand_core::OsRng;
+use tct::StateCommitment;
 
-use crate::{note, Note, Rseed};
+use crate::{Note, Rseed};
 use penumbra_asset::Value;
 use penumbra_keys::keys::{NullifierKey, NullifierKeyVar, SeedPhrase, SpendKey};
 use penumbra_proof_params::{ParameterSetup, VerifyingKeyExt, GROTH16_PROOF_LENGTH_BYTES};
@@ -29,8 +30,8 @@ pub struct NullifierDerivationCircuit {
     nk: NullifierKey,
 
     // Public inputs
-    /// The spent note.
-    note: Note,
+    /// A commitment to the spent note.
+    note_commitment: StateCommitment,
     /// nullifier of the spent note.
     pub nullifier: Nullifier,
     /// the position of the spent note.
@@ -40,13 +41,13 @@ pub struct NullifierDerivationCircuit {
 impl NullifierDerivationCircuit {
     pub fn new(
         nk: NullifierKey,
-        note: Note,
+        note_commitment: StateCommitment,
         nullifier: Nullifier,
         position: tct::Position,
     ) -> Self {
         Self {
             nk,
-            note,
+            note_commitment,
             nullifier,
             position,
         }
@@ -60,12 +61,12 @@ impl ConstraintSynthesizer<Fq> for NullifierDerivationCircuit {
 
         // Public inputs
         let claimed_nullifier_var = NullifierVar::new_input(cs.clone(), || Ok(self.nullifier))?;
-        let note_var = note::NoteVar::new_input(cs.clone(), || Ok(self.note.clone()))?;
+        let note_commitment_var =
+            tct::r1cs::StateCommitmentVar::new_input(cs.clone(), || Ok(self.note_commitment))?;
         let position_var = tct::r1cs::PositionVar::new_input(cs, || Ok(self.position))?;
 
         // Nullifier integrity.
-        let note_commitment = note_var.commit()?;
-        let nullifier_var = NullifierVar::derive(&nk_var, &position_var, &note_commitment)?;
+        let nullifier_var = NullifierVar::derive(&nk_var, &position_var, &note_commitment_var)?;
         nullifier_var.conditional_enforce_equal(&claimed_nullifier_var, &Boolean::TRUE)?;
 
         Ok(())
@@ -95,7 +96,7 @@ impl ParameterSetup for NullifierDerivationCircuit {
         let position = state_commitment_proof.position();
 
         let circuit = NullifierDerivationCircuit {
-            note,
+            note_commitment,
             nk,
             nullifier,
             position,
@@ -120,8 +121,9 @@ impl NullifierDerivationProof {
         nk: NullifierKey,
         nullifier: Nullifier,
     ) -> anyhow::Result<Self> {
+        let note_commitment = note.commit();
         let circuit = NullifierDerivationCircuit {
-            note,
+            note_commitment,
             position,
             nk,
             nullifier,

crates/crypto/proof-params/benches/nullifier_derivation.rs

@@ -53,7 +53,7 @@ fn nullifier_derivation_proving_time(c: &mut Criterion) {
     });
 
     // Also print out the number of constraints.
-    let circuit = NullifierDerivationCircuit::new(nk, note, nullifier, position);
+    let circuit = NullifierDerivationCircuit::new(nk, note.commit(), nullifier, position);
 
     let cs = ConstraintSystem::new_ref();
     cs.set_optimization_goal(OptimizationGoal::Constraints);

crates/crypto/proof-params/src/gen/delegator_vote_id.rs

@@ -1,3 +1,3 @@
 
-pub const PROVING_KEY_ID: &'static str = "groth16pk19qnlqtlp8nqyl66ldnp27t2trxlg84cdv75lxqrzhxcs4le2suuqk5p9yj";
-pub const VERIFICATION_KEY_ID: &'static str = "groth16vk1thu4u27d3dlghg5v8tengvyfdms52h8j4sz6ay6jdt6a5gw9yatq7pglg6";
+pub const PROVING_KEY_ID: &'static str = "groth16pk17uyzm3cj84urmea5z843whflevp7erx69v2dakhd88e36menp99qn8wztj";
+pub const VERIFICATION_KEY_ID: &'static str = "groth16vk1xqa4crlq4a9q40cdsrseqlkkva3tzx7t4edw34vkcyuad4et4rhsqxfn47";

crates/crypto/proof-params/src/gen/nullifier_derivation_id.rs

@@ -1,3 +1,3 @@
 
-pub const PROVING_KEY_ID: &'static str = "groth16pk1p4a2zvzh7zd97gje52pwaqzkeq4eycjcfhglet8uqdgu98ychszqa8esar";
-pub const VERIFICATION_KEY_ID: &'static str = "groth16vk18fu05kw0txthmlzsgnquccj8qv2cg0mjrcpd4h7x229lrr8jgt3s3xckg2";
+pub const PROVING_KEY_ID: &'static str = "groth16pk1lzcgjp3lz4ptyl9drt5vgl82ap3qvqplrruhhag45txgay2ucngqasrrqt";
+pub const VERIFICATION_KEY_ID: &'static str = "groth16vk1y9ejtm3qj2a24565r88cvnmjvpzdsuf58uzqkfp69h4h46hfql5sd6qpus";

crates/crypto/proof-params/src/gen/output_id.rs

@@ -1,3 +1,3 @@
 
-pub const PROVING_KEY_ID: &'static str = "groth16pk1ld4sgepq4zgzq2xtra0w9f220vewzqx7khydv5f0cnkdkvamq23slxak2z";
-pub const VERIFICATION_KEY_ID: &'static str = "groth16vk1gdtedse33rukvefxtu2c28yjlvzfcuwtq6rtvqntqeretrd8qzrsh8dedl";
+pub const PROVING_KEY_ID: &'static str = "groth16pk1hs5uwldrz3avfjn0ex0qzgtf4t64s8rrw2k0retkxkhqsgflz74qnjn0lq";
+pub const VERIFICATION_KEY_ID: &'static str = "groth16vk1fuuqv9p2wy4wjcq66fe3huvt5vulgxysc6xtdaqgqjxug3g3atzqxrk460";

crates/crypto/proof-params/src/gen/spend_id.rs

@@ -1,3 +1,3 @@
 
-pub const PROVING_KEY_ID: &'static str = "groth16pk1tllgthc0c0hhe69tevcnjkcetgkydphwpd3w9yt422fsnr3qg87qjfwumc";
-pub const VERIFICATION_KEY_ID: &'static str = "groth16vk10x60azhhp0dz34nv57e9tfgdlgzqewzhfm8eh9sl8h6pqaanzfqqmh6z0y";
+pub const PROVING_KEY_ID: &'static str = "groth16pk179lvlmntnj64a9p8ytqv4mynz8cdrehpfrzf4xcy9zz8cfyhe9psa0p6yf";
+pub const VERIFICATION_KEY_ID: &'static str = "groth16vk1g2v4fz69vm8gs62j8z7hdrf2205fd7adrwyrm0jwnw47u2u8k03s2nv5lh";

crates/crypto/proof-params/src/gen/swap_id.rs

@@ -1,3 +1,3 @@
 
-pub const PROVING_KEY_ID: &'static str = "groth16pk1vc44v3zakhr09fyfpsaj84d0kayvuf7a20p5xt6k3e83d5pc0f6qkzuecv";
-pub const VERIFICATION_KEY_ID: &'static str = "groth16vk1fxjyac3nd59lq9fqunyx75eynznhmey2rn6cdf4m0kugtz3vwwnq7u8kn2";
+pub const PROVING_KEY_ID: &'static str = "groth16pk1lgux6hp2tnygnh76qvuqwlpuqwx8kf3cpmn5gwzsh5qa9704rq9q5ap9ag";
+pub const VERIFICATION_KEY_ID: &'static str = "groth16vk1pwswseazuvwcq7zrenrzeg4qun0ncsesc8s8ad9p8a2ppc62d5esduegem";

crates/crypto/proof-params/src/gen/swapclaim_id.rs

@@ -1,3 +1,3 @@
 
-pub const PROVING_KEY_ID: &'static str = "groth16pk1y4zu0k8sf53wafxjqrzr5vkvaa9yhysa8h5phn0gppdw4zr0fcws5qnz0e";
-pub const VERIFICATION_KEY_ID: &'static str = "groth16vk1t4398swuv4488a6xdn7fuwf8nu7rmndkpauumv4vg34cmp9ntpvqdh4f6r";
+pub const PROVING_KEY_ID: &'static str = "groth16pk178r9m0pvdvld8r4yxqs9yduurlls7yxnjprpq8m3msm2vfajmluqvg5f4r";
+pub const VERIFICATION_KEY_ID: &'static str = "groth16vk1zmjtqjaqwcthcq95z55ljy9a6v5ujahd5e5fhhhlcw7aq6wyjn6sa7kgak";

crates/crypto/proof-params/src/gen/undelegateclaim_id.rs

@@ -1,3 +1,3 @@
 
-pub const PROVING_KEY_ID: &'static str = "groth16pk17dqcr9u5p67t4vp07yeu9s467k7w96tvnqfl569czrdynfrfw54qzg2y6d";
-pub const VERIFICATION_KEY_ID: &'static str = "groth16vk1slta3ts2q20az5nr6rm7f2udmwm00dkzat3dtlj0krwye0rmxnkqqvqpz7";
+pub const PROVING_KEY_ID: &'static str = "groth16pk1v2mt05m5g57ma6sa5nujnw7rfqsgwdl89fhayvahp2a4l33n38js6qj406";
+pub const VERIFICATION_KEY_ID: &'static str = "groth16vk1mx6txvyg6n45aa0jxu6fvnt5ymcs827g4c4kez3gc0w9fhsyf9qqhdeppm";