From f4454409114f36dc84ce0704e238e670b88808d5 Mon Sep 17 00:00:00 2001 From: Akilesh Tangella Date: Sat, 23 Oct 2021 20:53:57 +0100 Subject: [PATCH 1/4] labelling circom inputs public/private --- circuits/anchor/merkleTree.circom | 12 +++---- circuits/anchor/withdraw.circom | 26 +++++++-------- circuits/bridge/manyMerkleTree.circom | 22 ++++++------- circuits/bridge/withdraw.circom | 34 +++++++++---------- circuits/poseidon/hasher.circom | 10 +++--- circuits/poseidon/poseidonHashT3.circom | 2 +- circuits/poseidon/poseidonHashT4.circom | 2 +- circuits/poseidon/poseidonHashT5.circom | 2 +- circuits/poseidon/poseidonHashT6.circom | 2 +- circuits/semaphore/hasherPoseidon.circom | 4 +-- circuits/semaphore/semaphore-base.circom | 42 ++++++++++++------------ circuits/semaphore/tree.circom | 22 ++++++------- circuits/set/membership.circom | 4 +-- circuits/test/anchor_withdraw_30.circom | 3 +- 14 files changed, 94 insertions(+), 93 deletions(-) diff --git a/circuits/anchor/merkleTree.circom b/circuits/anchor/merkleTree.circom index 12d2f40c4..83ce8abb2 100644 --- a/circuits/anchor/merkleTree.circom +++ b/circuits/anchor/merkleTree.circom @@ -5,8 +5,8 @@ include "../poseidon/hasher.circom"; // if s == 0 returns [in[0], in[1]] // if s == 1 returns [in[1], in[0]] template DualMux() { - signal input in[2]; - signal input s; + signal input in[2]; // private + signal input s; // private signal output out[2]; s * (1 - s) === 0; @@ -17,10 +17,10 @@ template DualMux() { // Verifies that merkle proof is correct for given merkle root and a leaf // pathIndices input is an array of 0/1 selectors telling whether given pathElement is on the left or right side of merkle path template MerkleTreeChecker(levels) { - signal input leaf; - signal input root; - signal input pathElements[levels]; - signal input pathIndices[levels]; + signal input leaf; // private + signal input root; // private + signal input pathElements[levels]; // private + signal input pathIndices[levels]; // private component selectors[levels]; component hashers[levels]; diff --git a/circuits/anchor/withdraw.circom b/circuits/anchor/withdraw.circom index 368cbfd0c..bfd43c0dd 100644 --- a/circuits/anchor/withdraw.circom +++ b/circuits/anchor/withdraw.circom @@ -4,9 +4,9 @@ include "merkleTree.circom"; // computes Poseidon(chainID, nullifier, secret) template CommitmentHasher() { - signal input nullifier; - signal input secret; - signal output commitment; + signal input nullifier; // private + signal input secret; // private + signal output commitment; signal output nullifierHash; component commitmentHasher = HashLeftRight(); @@ -23,16 +23,16 @@ template CommitmentHasher() { // Verifies that commitment that corresponds to given secret and nullifier is included in the merkle tree of deposits template Withdraw(levels) { - signal input root; - signal input nullifierHash; - signal input recipient; // not taking part in any computations - signal input relayer; // not taking part in any computations - signal input fee; // not taking part in any computations - signal input refund; // not taking part in any computations - signal input nullifier; - signal input secret; - signal input pathElements[levels]; - signal input pathIndices[levels]; + signal input root; //public + signal input nullifierHash; // public + signal input recipient; // public // not taking part in any computations + signal input relayer; // public // not taking part in any computations + signal input fee; // public // not taking part in any computations + signal input refund; // public // not taking part in any computations + signal input nullifier; // private + signal input secret; // private + signal input pathElements[levels]; // private + signal input pathIndices[levels]; // private component hasher = CommitmentHasher(); hasher.nullifier <== nullifier; diff --git a/circuits/bridge/manyMerkleTree.circom b/circuits/bridge/manyMerkleTree.circom index 407853407..7b0330bac 100644 --- a/circuits/bridge/manyMerkleTree.circom +++ b/circuits/bridge/manyMerkleTree.circom @@ -12,9 +12,9 @@ include "../poseidon/hasher.circom"; // anything else should be 0. The prove can't lie by adding a zero into the diffs set // because we constrain those to match all elements in the set respectively. template SetMembership(length) { - signal input element; - signal input set[length]; - signal input diffs[length]; + signal input element; // private + signal input set[length]; // private + signal input diffs[length]; // private signal product[length + 1]; product[0] <== element; @@ -29,9 +29,9 @@ template SetMembership(length) { // if s == 0 returns [in[0], in[1]] // if s == 1 returns [in[1], in[0]] template DualMux() { - signal input in[2]; - signal input s; - signal output out[2]; + signal input in[2]; // private + signal input s; // private + signal output out[2]; s * (1 - s) === 0; out[0] <== (in[1] - in[0])*s + in[0]; @@ -41,11 +41,11 @@ template DualMux() { // Verifies that merkle proof is correct for given merkle root and a leaf // pathIndices input is an array of 0/1 selectors telling whether given pathElement is on the left or right side of merkle path template ManyMerkleTreeChecker(levels, length) { - signal input leaf; - signal input pathElements[levels]; - signal input pathIndices[levels]; - signal input roots[length]; - signal input diffs[length]; + signal input leaf; // private + signal input pathElements[levels]; // private + signal input pathIndices[levels]; // private + signal input roots[length]; // private + signal input diffs[length]; // private component selectors[levels]; component hashers[levels]; diff --git a/circuits/bridge/withdraw.circom b/circuits/bridge/withdraw.circom index a4d385935..e16ec6462 100644 --- a/circuits/bridge/withdraw.circom +++ b/circuits/bridge/withdraw.circom @@ -4,10 +4,10 @@ include "manyMerkleTree.circom"; // computes Poseidon(chainID, nullifier, secret) template CommitmentHasher() { - signal input chainID; - signal input nullifier; - signal input secret; - signal output commitment; + signal input chainID; // private + signal input nullifier; // private + signal input secret; // private + signal output commitment; signal output nullifierHash; component poseidon3Hasher = Hasher3(); @@ -25,27 +25,27 @@ template CommitmentHasher() { // Verifies that commitment that corresponds to given secret and nullifier is included in the merkle tree of deposits template Withdraw(levels, length) { - signal input nullifierHash; - signal input recipient; // not taking part in any computations - signal input relayer; // not taking part in any computations - signal input fee; // not taking part in any computations - signal input refund; // not taking part in any computations + signal input nullifierHash; // public + signal input recipient; // public // not taking part in any computations + signal input relayer; // public // not taking part in any computations + signal input fee; // public // not taking part in any computations + signal input refund; // public // not taking part in any computations // chainID fixes a withdrawal proof to the destination since // this will be taken as a public input from the smart contract. - signal input chainID; + signal input chainID; // public // the set of roots to prove membership within, provided // as a public input from the smart contract. - signal input roots[length]; - signal input refreshCommitment; // not taking part in any computations + signal input roots[length]; // public + signal input refreshCommitment; // public // not taking part in any computations - signal input nullifier; - signal input secret; - signal input pathElements[levels]; - signal input pathIndices[levels]; + signal input nullifier; // private + signal input secret; // private + signal input pathElements[levels]; // private + signal input pathIndices[levels]; // private // the differences of the root one is proving against and // all the roots provided as a public input in the `roots` signal. - signal input diffs[length]; + signal input diffs[length]; // private component hasher = CommitmentHasher(); hasher.chainID <== chainID; diff --git a/circuits/poseidon/hasher.circom b/circuits/poseidon/hasher.circom index 0751ca07f..410aab904 100644 --- a/circuits/poseidon/hasher.circom +++ b/circuits/poseidon/hasher.circom @@ -7,7 +7,7 @@ include "./poseidonHashT6.circom"; template Hasher3() { var length = 3; - signal input in[length]; + signal input in[length]; // private signal output hash; component hasher = PoseidonHashT4(); @@ -21,7 +21,7 @@ template Hasher3() { template Hasher4() { var length = 4; - signal input in[length]; + signal input in[length]; // private signal output hash; component hasher = PoseidonHashT5(); @@ -35,7 +35,7 @@ template Hasher4() { template Hasher5() { var length = 5; - signal input in[length]; + signal input in[length]; // private signal output hash; component hasher = PoseidonHashT6(); @@ -48,8 +48,8 @@ template Hasher5() { } template HashLeftRight() { - signal input left; - signal input right; + signal input left; // private + signal input right; // private signal output hash; diff --git a/circuits/poseidon/poseidonHashT3.circom b/circuits/poseidon/poseidonHashT3.circom index c10641729..d32b6fce7 100644 --- a/circuits/poseidon/poseidonHashT3.circom +++ b/circuits/poseidon/poseidonHashT3.circom @@ -4,7 +4,7 @@ include "../../node_modules/circomlib/circuits/poseidon.circom"; template PoseidonHashT3() { var nInputs = 2; - signal input inputs[nInputs]; + signal input inputs[nInputs]; // private signal output out; component hasher = Poseidon(nInputs); diff --git a/circuits/poseidon/poseidonHashT4.circom b/circuits/poseidon/poseidonHashT4.circom index 042361d62..b1936bc4e 100644 --- a/circuits/poseidon/poseidonHashT4.circom +++ b/circuits/poseidon/poseidonHashT4.circom @@ -4,7 +4,7 @@ include "../../node_modules/circomlib/circuits/poseidon.circom"; template PoseidonHashT4() { var nInputs = 3; - signal input inputs[nInputs]; + signal input inputs[nInputs]; // private signal output out; component hasher = Poseidon(nInputs); diff --git a/circuits/poseidon/poseidonHashT5.circom b/circuits/poseidon/poseidonHashT5.circom index df9dfe603..8c9f52f68 100644 --- a/circuits/poseidon/poseidonHashT5.circom +++ b/circuits/poseidon/poseidonHashT5.circom @@ -4,7 +4,7 @@ include "../../node_modules/circomlib/circuits/poseidon.circom"; template PoseidonHashT5() { var nInputs = 4; - signal input inputs[nInputs]; + signal input inputs[nInputs]; // private signal output out; component hasher = Poseidon(nInputs); diff --git a/circuits/poseidon/poseidonHashT6.circom b/circuits/poseidon/poseidonHashT6.circom index 700fe354c..79d3aeb4e 100644 --- a/circuits/poseidon/poseidonHashT6.circom +++ b/circuits/poseidon/poseidonHashT6.circom @@ -4,7 +4,7 @@ include "../../node_modules/circomlib/circuits/poseidon.circom"; template PoseidonHashT6() { var nInputs = 5; - signal input inputs[nInputs]; + signal input inputs[nInputs]; // private signal output out; component hasher = Poseidon(nInputs); diff --git a/circuits/semaphore/hasherPoseidon.circom b/circuits/semaphore/hasherPoseidon.circom index e8adec1c4..99a09e8ef 100644 --- a/circuits/semaphore/hasherPoseidon.circom +++ b/circuits/semaphore/hasherPoseidon.circom @@ -2,7 +2,7 @@ pragma circom 2.0.0; template PoseidonHashT6() { var nInputs = 5; - signal input inputs[nInputs]; + signal input inputs[nInputs]; // private signal output out; component hasher = Poseidon(nInputs); @@ -14,7 +14,7 @@ template PoseidonHashT6() { template Hasher5() { var length = 5; - signal input in[length]; + signal input in[length]; // private signal output hash; component hasher = PoseidonHashT6(); diff --git a/circuits/semaphore/semaphore-base.circom b/circuits/semaphore/semaphore-base.circom index 531103098..582f6c6b8 100644 --- a/circuits/semaphore/semaphore-base.circom +++ b/circuits/semaphore/semaphore-base.circom @@ -6,8 +6,8 @@ include "./tree.circom"; template CalculateSecret() { - signal input identity_nullifier; - signal input identity_trapdoor; + signal input identity_nullifier; // private + signal input identity_trapdoor; // private signal output out; @@ -18,7 +18,7 @@ template CalculateSecret() { } template CalculateIdentityCommitment() { - signal input secret_hash; + signal input secret_hash; // private signal output out; @@ -28,16 +28,16 @@ template CalculateIdentityCommitment() { } template CalculateNullifierHash() { - signal input external_nullifier; - signal input identity_nullifier; - signal input n_levels; + signal input external_nullifier; // private + signal input identity_nullifier; // private + signal input n_levels; // private signal output out; component hasher = Poseidon(3); - hasher.inputs[0] <== external_nullifier; - hasher.inputs[1] <== identity_nullifier; - hasher.inputs[2] <== n_levels; + hasher.inputs[0] <== external_nullifier; + hasher.inputs[1] <== identity_nullifier; + hasher.inputs[2] <== n_levels; out <== hasher.out; } @@ -51,9 +51,9 @@ template CalculateNullifierHash() { // anything else should be 0. The prove can't lie by adding a zero into the diffs set // because we constrain those to match all elements in the set respectively. template SetMembership(length) { - signal input element; - signal input set[length]; - signal input diffs[length]; + signal input element; // private + signal input set[length]; // private + signal input diffs[length]; // private signal product[length + 1]; product[0] <== element; @@ -71,17 +71,17 @@ template Semaphore(n_levels, length) { var LEAVES_PER_NODE = 5; var LEAVES_PER_PATH_LEVEL = LEAVES_PER_NODE - 1; - signal input nullifier_hash; - signal input signal_hash; - signal input external_nullifier; - signal input roots[length]; + signal input nullifier_hash; // public + signal input signal_hash; // public + signal input external_nullifier; // public + signal input roots[length]; // public - signal input identity_nullifier; - signal input identity_trapdoor; - signal input identity_path_index[n_levels]; - signal input path_elements[n_levels][LEAVES_PER_PATH_LEVEL]; - signal input diffs[length]; + signal input identity_nullifier; // private + signal input identity_trapdoor; // private + signal input identity_path_index[n_levels]; // private + signal input path_elements[n_levels][LEAVES_PER_PATH_LEVEL]; // private + signal input diffs[length]; // private component secret = CalculateSecret(); secret.identity_nullifier <== identity_nullifier; diff --git a/circuits/semaphore/tree.circom b/circuits/semaphore/tree.circom index 6d40c8729..ed5e34ece 100644 --- a/circuits/semaphore/tree.circom +++ b/circuits/semaphore/tree.circom @@ -4,7 +4,7 @@ include "./hasherPoseidon.circom"; include "../../node_modules/circomlib/circuits/mux1.circom"; template CalculateTotal(n) { - signal input nums[n]; + signal input nums[n]; // private signal output sum; signal sums[n]; @@ -19,9 +19,9 @@ template CalculateTotal(n) { template QuinSelector(choices) { - signal input in[choices]; - signal input index; - signal output out; + signal input in[choices]; // private + signal input index; // private + signal output out; component lessThan = LessThan(3); lessThan.in[0] <== index; @@ -45,9 +45,9 @@ template Splicer(numItems) { var NUM_OUTPUT_ITEMS = numItems + 1; - signal input in[numItems]; - signal input leaf; - signal input index; + signal input in[numItems]; // private + signal input leaf; // private + signal input index; // private signal output out[NUM_OUTPUT_ITEMS]; component greaterThan[NUM_OUTPUT_ITEMS]; @@ -87,10 +87,10 @@ template QuinTreeInclusionProof(levels) { var LEAVES_PER_NODE = 5; var LEAVES_PER_PATH_LEVEL = LEAVES_PER_NODE - 1; - signal input leaf; - signal input path_index[levels]; - signal input path_elements[levels][LEAVES_PER_PATH_LEVEL]; - signal output root; + signal input leaf; // private + signal input path_index[levels]; // private + signal input path_elements[levels][LEAVES_PER_PATH_LEVEL]; // private + signal output root; var i; var j; diff --git a/circuits/set/membership.circom b/circuits/set/membership.circom index 479e0843f..cff667ba5 100644 --- a/circuits/set/membership.circom +++ b/circuits/set/membership.circom @@ -3,8 +3,8 @@ pragma circom 2.0.0; include "../../node_modules/circomlib/circuits/comparators.circom"; template SetMembership(length) { - signal input element; - signal input set[length]; + signal input element; // private + signal input set[length]; // private signal product[length + 1]; product[0] <== 1; diff --git a/circuits/test/anchor_withdraw_30.circom b/circuits/test/anchor_withdraw_30.circom index f1e4f2ce3..ad5c51b1d 100644 --- a/circuits/test/anchor_withdraw_30.circom +++ b/circuits/test/anchor_withdraw_30.circom @@ -2,4 +2,5 @@ pragma circom 2.0.0; include "../anchor/withdraw.circom"; -component main = Withdraw(30); \ No newline at end of file +component main = Withdraw(30); + From 4da8727e8631493c82db94b21da99cf9dd6c42ad Mon Sep 17 00:00:00 2001 From: Akilesh Tangella Date: Sun, 24 Oct 2021 11:55:38 +0100 Subject: [PATCH 2/4] add public inputs to circuits --- circuits/test/anchor_withdraw_30.circom | 3 ++- circuits/test/poseidon_bridge_2.circom | 4 +++- circuits/test/poseidon_bridge_3.circom | 3 ++- circuits/test/poseidon_bridge_4.circom | 3 ++- circuits/test/poseidon_bridge_5.circom | 3 ++- circuits/test/poseidon_bridge_6.circom | 3 ++- circuits/test/semaphore_bridge_2.circom | 3 ++- scripts/bash/compile_circom.sh | 2 +- 8 files changed, 16 insertions(+), 8 deletions(-) diff --git a/circuits/test/anchor_withdraw_30.circom b/circuits/test/anchor_withdraw_30.circom index ad5c51b1d..61cf9435d 100644 --- a/circuits/test/anchor_withdraw_30.circom +++ b/circuits/test/anchor_withdraw_30.circom @@ -2,5 +2,6 @@ pragma circom 2.0.0; include "../anchor/withdraw.circom"; -component main = Withdraw(30); +component main {public [root, nullifierHash, recipient, relayer, fee, refund]} = Withdraw(30); + diff --git a/circuits/test/poseidon_bridge_2.circom b/circuits/test/poseidon_bridge_2.circom index 9f09c903d..322e595e0 100644 --- a/circuits/test/poseidon_bridge_2.circom +++ b/circuits/test/poseidon_bridge_2.circom @@ -2,4 +2,6 @@ pragma circom 2.0.0; include "../bridge/withdraw.circom"; -component main = Withdraw(30, 2); +component main {public [nullifierHash, recipient, relayer, fee, + refund, chainID, roots, refreshCommitment]} = Withdraw(30, 2); + diff --git a/circuits/test/poseidon_bridge_3.circom b/circuits/test/poseidon_bridge_3.circom index b32d6012c..8ba35c361 100644 --- a/circuits/test/poseidon_bridge_3.circom +++ b/circuits/test/poseidon_bridge_3.circom @@ -2,4 +2,5 @@ pragma circom 2.0.0; include "../bridge/withdraw.circom"; -component main = Withdraw(30, 3); +component main {public [nullifierHash, recipient, relayer, fee, + refund, chainID, roots, refreshCommitment]} = Withdraw(30, 3); diff --git a/circuits/test/poseidon_bridge_4.circom b/circuits/test/poseidon_bridge_4.circom index 0663e6cd2..811f1c237 100644 --- a/circuits/test/poseidon_bridge_4.circom +++ b/circuits/test/poseidon_bridge_4.circom @@ -2,4 +2,5 @@ pragma circom 2.0.0; include "../bridge/withdraw.circom"; -component main = Withdraw(30, 4); +component main {public [nullifierHash, recipient, relayer, fee, + refund, chainID, roots, refreshCommitment]} = Withdraw(30, 4); diff --git a/circuits/test/poseidon_bridge_5.circom b/circuits/test/poseidon_bridge_5.circom index 1094d91f4..d7ac1f3cd 100644 --- a/circuits/test/poseidon_bridge_5.circom +++ b/circuits/test/poseidon_bridge_5.circom @@ -2,4 +2,5 @@ pragma circom 2.0.0; include "../bridge/withdraw.circom"; -component main = Withdraw(30, 5); +component main {public [nullifierHash, recipient, relayer, fee, + refund, chainID, roots, refreshCommitment]} = Withdraw(30, 5); diff --git a/circuits/test/poseidon_bridge_6.circom b/circuits/test/poseidon_bridge_6.circom index 4bf1d58ba..cdf257d64 100644 --- a/circuits/test/poseidon_bridge_6.circom +++ b/circuits/test/poseidon_bridge_6.circom @@ -2,4 +2,5 @@ pragma circom 2.0.0; include "../bridge/withdraw.circom"; -component main = Withdraw(30, 6); +component main {public [nullifierHash, recipient, relayer, fee, + refund, chainID, roots, refreshCommitment]} = Withdraw(30, 6); diff --git a/circuits/test/semaphore_bridge_2.circom b/circuits/test/semaphore_bridge_2.circom index 981bb2b5f..d105fe282 100644 --- a/circuits/test/semaphore_bridge_2.circom +++ b/circuits/test/semaphore_bridge_2.circom @@ -2,4 +2,5 @@ pragma circom 2.0.0; include "../semaphore/semaphore-base.circom"; -component main = Semaphore(20, 2); +component main {public [nullifier_hash, signal_hash, external_nullifier, roots]} = Semaphore(20, 2); + diff --git a/scripts/bash/compile_circom.sh b/scripts/bash/compile_circom.sh index 1c2ed333d..73ea21c85 100755 --- a/scripts/bash/compile_circom.sh +++ b/scripts/bash/compile_circom.sh @@ -51,7 +51,7 @@ compile bridge poseidon_preimage_3 ### echo "Compiling Set membership of length 5 circuit..." -compile bridge set_membership_5 +# compile bridge set_membership_5 ### # WEBB SEMPAHORES From a2374524f69ef882d5fa4835640e3d3d8471561e Mon Sep 17 00:00:00 2001 From: Drew Stone Date: Sun, 24 Oct 2021 12:23:34 +0100 Subject: [PATCH 3/4] Updates comments --- circuits/anchor/withdraw.circom | 20 +++++++------- circuits/bridge/withdraw.circom | 20 +++++++------- circuits/semaphore/semaphore-base.circom | 34 ++++++++++++------------ 3 files changed, 37 insertions(+), 37 deletions(-) diff --git a/circuits/anchor/withdraw.circom b/circuits/anchor/withdraw.circom index bfd43c0dd..5a2843ce0 100644 --- a/circuits/anchor/withdraw.circom +++ b/circuits/anchor/withdraw.circom @@ -23,16 +23,16 @@ template CommitmentHasher() { // Verifies that commitment that corresponds to given secret and nullifier is included in the merkle tree of deposits template Withdraw(levels) { - signal input root; //public - signal input nullifierHash; // public - signal input recipient; // public // not taking part in any computations - signal input relayer; // public // not taking part in any computations - signal input fee; // public // not taking part in any computations - signal input refund; // public // not taking part in any computations - signal input nullifier; // private - signal input secret; // private - signal input pathElements[levels]; // private - signal input pathIndices[levels]; // private + signal input root; // public + signal input nullifierHash; // public + signal input recipient; // public - not taking part in any computations + signal input relayer; // public - not taking part in any computations + signal input fee; // public - not taking part in any computations + signal input refund; // public - not taking part in any computations + signal input nullifier; // private + signal input secret; // private + signal input pathElements[levels]; // private + signal input pathIndices[levels]; // private component hasher = CommitmentHasher(); hasher.nullifier <== nullifier; diff --git a/circuits/bridge/withdraw.circom b/circuits/bridge/withdraw.circom index e16ec6462..26954442d 100644 --- a/circuits/bridge/withdraw.circom +++ b/circuits/bridge/withdraw.circom @@ -25,27 +25,27 @@ template CommitmentHasher() { // Verifies that commitment that corresponds to given secret and nullifier is included in the merkle tree of deposits template Withdraw(levels, length) { - signal input nullifierHash; // public - signal input recipient; // public // not taking part in any computations - signal input relayer; // public // not taking part in any computations - signal input fee; // public // not taking part in any computations - signal input refund; // public // not taking part in any computations + signal input nullifierHash; // public + signal input recipient; // public - not taking part in any computations + signal input relayer; // public - not taking part in any computations + signal input fee; // public - not taking part in any computations + signal input refund; // public - not taking part in any computations // chainID fixes a withdrawal proof to the destination since // this will be taken as a public input from the smart contract. signal input chainID; // public // the set of roots to prove membership within, provided // as a public input from the smart contract. - signal input roots[length]; // public - signal input refreshCommitment; // public // not taking part in any computations + signal input roots[length]; // public + signal input refreshCommitment; // public - not taking part in any computations signal input nullifier; // private signal input secret; // private - signal input pathElements[levels]; // private - signal input pathIndices[levels]; // private + signal input pathElements[levels]; // private + signal input pathIndices[levels]; // private // the differences of the root one is proving against and // all the roots provided as a public input in the `roots` signal. - signal input diffs[length]; // private + signal input diffs[length]; // private component hasher = CommitmentHasher(); hasher.chainID <== chainID; diff --git a/circuits/semaphore/semaphore-base.circom b/circuits/semaphore/semaphore-base.circom index 582f6c6b8..b9a6dac90 100644 --- a/circuits/semaphore/semaphore-base.circom +++ b/circuits/semaphore/semaphore-base.circom @@ -6,8 +6,8 @@ include "./tree.circom"; template CalculateSecret() { - signal input identity_nullifier; // private - signal input identity_trapdoor; // private + signal input identity_nullifier; // private + signal input identity_trapdoor; // private signal output out; @@ -18,7 +18,7 @@ template CalculateSecret() { } template CalculateIdentityCommitment() { - signal input secret_hash; // private + signal input secret_hash; // private signal output out; @@ -28,8 +28,8 @@ template CalculateIdentityCommitment() { } template CalculateNullifierHash() { - signal input external_nullifier; // private - signal input identity_nullifier; // private + signal input external_nullifier; // private + signal input identity_nullifier; // private signal input n_levels; // private signal output out; @@ -51,9 +51,9 @@ template CalculateNullifierHash() { // anything else should be 0. The prove can't lie by adding a zero into the diffs set // because we constrain those to match all elements in the set respectively. template SetMembership(length) { - signal input element; // private - signal input set[length]; // private - signal input diffs[length]; // private + signal input element; // private + signal input set[length]; // private + signal input diffs[length]; // private signal product[length + 1]; product[0] <== element; @@ -71,17 +71,17 @@ template Semaphore(n_levels, length) { var LEAVES_PER_NODE = 5; var LEAVES_PER_PATH_LEVEL = LEAVES_PER_NODE - 1; - signal input nullifier_hash; // public - signal input signal_hash; // public - signal input external_nullifier; // public - signal input roots[length]; // public + signal input nullifier_hash; // public + signal input signal_hash; // public + signal input external_nullifier; // public + signal input roots[length]; // public - signal input identity_nullifier; // private - signal input identity_trapdoor; // private - signal input identity_path_index[n_levels]; // private - signal input path_elements[n_levels][LEAVES_PER_PATH_LEVEL]; // private - signal input diffs[length]; // private + signal input identity_nullifier; // private + signal input identity_trapdoor; // private + signal input identity_path_index[n_levels]; // private + signal input path_elements[n_levels][LEAVES_PER_PATH_LEVEL]; // private + signal input diffs[length]; // private component secret = CalculateSecret(); secret.identity_nullifier <== identity_nullifier; From 69af55df5d36807278b8967ca8be9d2bdca2de82 Mon Sep 17 00:00:00 2001 From: Drew Stone Date: Sun, 24 Oct 2021 12:27:08 +0100 Subject: [PATCH 4/4] Remove comments for intermediate gadgdets --- circuits/anchor/merkleTree.circom | 12 ++++++------ circuits/anchor/withdraw.circom | 6 +++--- circuits/bridge/manyMerkleTree.circom | 20 ++++++++++---------- circuits/bridge/withdraw.circom | 12 ++++++------ circuits/poseidon/hasher.circom | 10 +++++----- circuits/poseidon/poseidonHashT3.circom | 2 +- circuits/poseidon/poseidonHashT4.circom | 2 +- circuits/poseidon/poseidonHashT5.circom | 2 +- circuits/poseidon/poseidonHashT6.circom | 2 +- circuits/semaphore/hasherPoseidon.circom | 4 ++-- circuits/semaphore/semaphore-base.circom | 16 ++++++++-------- circuits/semaphore/tree.circom | 18 +++++++++--------- circuits/set/membership.circom | 4 ++-- 13 files changed, 55 insertions(+), 55 deletions(-) diff --git a/circuits/anchor/merkleTree.circom b/circuits/anchor/merkleTree.circom index 83ce8abb2..12d2f40c4 100644 --- a/circuits/anchor/merkleTree.circom +++ b/circuits/anchor/merkleTree.circom @@ -5,8 +5,8 @@ include "../poseidon/hasher.circom"; // if s == 0 returns [in[0], in[1]] // if s == 1 returns [in[1], in[0]] template DualMux() { - signal input in[2]; // private - signal input s; // private + signal input in[2]; + signal input s; signal output out[2]; s * (1 - s) === 0; @@ -17,10 +17,10 @@ template DualMux() { // Verifies that merkle proof is correct for given merkle root and a leaf // pathIndices input is an array of 0/1 selectors telling whether given pathElement is on the left or right side of merkle path template MerkleTreeChecker(levels) { - signal input leaf; // private - signal input root; // private - signal input pathElements[levels]; // private - signal input pathIndices[levels]; // private + signal input leaf; + signal input root; + signal input pathElements[levels]; + signal input pathIndices[levels]; component selectors[levels]; component hashers[levels]; diff --git a/circuits/anchor/withdraw.circom b/circuits/anchor/withdraw.circom index 5a2843ce0..bf5645423 100644 --- a/circuits/anchor/withdraw.circom +++ b/circuits/anchor/withdraw.circom @@ -4,9 +4,9 @@ include "merkleTree.circom"; // computes Poseidon(chainID, nullifier, secret) template CommitmentHasher() { - signal input nullifier; // private - signal input secret; // private - signal output commitment; + signal input nullifier; + signal input secret; + signal output commitment; signal output nullifierHash; component commitmentHasher = HashLeftRight(); diff --git a/circuits/bridge/manyMerkleTree.circom b/circuits/bridge/manyMerkleTree.circom index 7b0330bac..8b69f6b0f 100644 --- a/circuits/bridge/manyMerkleTree.circom +++ b/circuits/bridge/manyMerkleTree.circom @@ -12,9 +12,9 @@ include "../poseidon/hasher.circom"; // anything else should be 0. The prove can't lie by adding a zero into the diffs set // because we constrain those to match all elements in the set respectively. template SetMembership(length) { - signal input element; // private - signal input set[length]; // private - signal input diffs[length]; // private + signal input element; + signal input set[length]; + signal input diffs[length]; signal product[length + 1]; product[0] <== element; @@ -29,8 +29,8 @@ template SetMembership(length) { // if s == 0 returns [in[0], in[1]] // if s == 1 returns [in[1], in[0]] template DualMux() { - signal input in[2]; // private - signal input s; // private + signal input in[2]; + signal input s; signal output out[2]; s * (1 - s) === 0; @@ -41,11 +41,11 @@ template DualMux() { // Verifies that merkle proof is correct for given merkle root and a leaf // pathIndices input is an array of 0/1 selectors telling whether given pathElement is on the left or right side of merkle path template ManyMerkleTreeChecker(levels, length) { - signal input leaf; // private - signal input pathElements[levels]; // private - signal input pathIndices[levels]; // private - signal input roots[length]; // private - signal input diffs[length]; // private + signal input leaf; + signal input pathElements[levels]; + signal input pathIndices[levels]; + signal input roots[length]; + signal input diffs[length]; component selectors[levels]; component hashers[levels]; diff --git a/circuits/bridge/withdraw.circom b/circuits/bridge/withdraw.circom index 26954442d..1fe26bf48 100644 --- a/circuits/bridge/withdraw.circom +++ b/circuits/bridge/withdraw.circom @@ -4,9 +4,9 @@ include "manyMerkleTree.circom"; // computes Poseidon(chainID, nullifier, secret) template CommitmentHasher() { - signal input chainID; // private - signal input nullifier; // private - signal input secret; // private + signal input chainID; + signal input nullifier; + signal input secret; signal output commitment; signal output nullifierHash; @@ -33,14 +33,14 @@ template Withdraw(levels, length) { // chainID fixes a withdrawal proof to the destination since // this will be taken as a public input from the smart contract. - signal input chainID; // public + signal input chainID; // public // the set of roots to prove membership within, provided // as a public input from the smart contract. signal input roots[length]; // public signal input refreshCommitment; // public - not taking part in any computations - signal input nullifier; // private - signal input secret; // private + signal input nullifier; // private + signal input secret; // private signal input pathElements[levels]; // private signal input pathIndices[levels]; // private // the differences of the root one is proving against and diff --git a/circuits/poseidon/hasher.circom b/circuits/poseidon/hasher.circom index 410aab904..0751ca07f 100644 --- a/circuits/poseidon/hasher.circom +++ b/circuits/poseidon/hasher.circom @@ -7,7 +7,7 @@ include "./poseidonHashT6.circom"; template Hasher3() { var length = 3; - signal input in[length]; // private + signal input in[length]; signal output hash; component hasher = PoseidonHashT4(); @@ -21,7 +21,7 @@ template Hasher3() { template Hasher4() { var length = 4; - signal input in[length]; // private + signal input in[length]; signal output hash; component hasher = PoseidonHashT5(); @@ -35,7 +35,7 @@ template Hasher4() { template Hasher5() { var length = 5; - signal input in[length]; // private + signal input in[length]; signal output hash; component hasher = PoseidonHashT6(); @@ -48,8 +48,8 @@ template Hasher5() { } template HashLeftRight() { - signal input left; // private - signal input right; // private + signal input left; + signal input right; signal output hash; diff --git a/circuits/poseidon/poseidonHashT3.circom b/circuits/poseidon/poseidonHashT3.circom index d32b6fce7..c10641729 100644 --- a/circuits/poseidon/poseidonHashT3.circom +++ b/circuits/poseidon/poseidonHashT3.circom @@ -4,7 +4,7 @@ include "../../node_modules/circomlib/circuits/poseidon.circom"; template PoseidonHashT3() { var nInputs = 2; - signal input inputs[nInputs]; // private + signal input inputs[nInputs]; signal output out; component hasher = Poseidon(nInputs); diff --git a/circuits/poseidon/poseidonHashT4.circom b/circuits/poseidon/poseidonHashT4.circom index b1936bc4e..042361d62 100644 --- a/circuits/poseidon/poseidonHashT4.circom +++ b/circuits/poseidon/poseidonHashT4.circom @@ -4,7 +4,7 @@ include "../../node_modules/circomlib/circuits/poseidon.circom"; template PoseidonHashT4() { var nInputs = 3; - signal input inputs[nInputs]; // private + signal input inputs[nInputs]; signal output out; component hasher = Poseidon(nInputs); diff --git a/circuits/poseidon/poseidonHashT5.circom b/circuits/poseidon/poseidonHashT5.circom index 8c9f52f68..df9dfe603 100644 --- a/circuits/poseidon/poseidonHashT5.circom +++ b/circuits/poseidon/poseidonHashT5.circom @@ -4,7 +4,7 @@ include "../../node_modules/circomlib/circuits/poseidon.circom"; template PoseidonHashT5() { var nInputs = 4; - signal input inputs[nInputs]; // private + signal input inputs[nInputs]; signal output out; component hasher = Poseidon(nInputs); diff --git a/circuits/poseidon/poseidonHashT6.circom b/circuits/poseidon/poseidonHashT6.circom index 79d3aeb4e..700fe354c 100644 --- a/circuits/poseidon/poseidonHashT6.circom +++ b/circuits/poseidon/poseidonHashT6.circom @@ -4,7 +4,7 @@ include "../../node_modules/circomlib/circuits/poseidon.circom"; template PoseidonHashT6() { var nInputs = 5; - signal input inputs[nInputs]; // private + signal input inputs[nInputs]; signal output out; component hasher = Poseidon(nInputs); diff --git a/circuits/semaphore/hasherPoseidon.circom b/circuits/semaphore/hasherPoseidon.circom index 99a09e8ef..e8adec1c4 100644 --- a/circuits/semaphore/hasherPoseidon.circom +++ b/circuits/semaphore/hasherPoseidon.circom @@ -2,7 +2,7 @@ pragma circom 2.0.0; template PoseidonHashT6() { var nInputs = 5; - signal input inputs[nInputs]; // private + signal input inputs[nInputs]; signal output out; component hasher = Poseidon(nInputs); @@ -14,7 +14,7 @@ template PoseidonHashT6() { template Hasher5() { var length = 5; - signal input in[length]; // private + signal input in[length]; signal output hash; component hasher = PoseidonHashT6(); diff --git a/circuits/semaphore/semaphore-base.circom b/circuits/semaphore/semaphore-base.circom index b9a6dac90..cd6f4d688 100644 --- a/circuits/semaphore/semaphore-base.circom +++ b/circuits/semaphore/semaphore-base.circom @@ -6,8 +6,8 @@ include "./tree.circom"; template CalculateSecret() { - signal input identity_nullifier; // private - signal input identity_trapdoor; // private + signal input identity_nullifier; + signal input identity_trapdoor; signal output out; @@ -18,7 +18,7 @@ template CalculateSecret() { } template CalculateIdentityCommitment() { - signal input secret_hash; // private + signal input secret_hash; signal output out; @@ -28,8 +28,8 @@ template CalculateIdentityCommitment() { } template CalculateNullifierHash() { - signal input external_nullifier; // private - signal input identity_nullifier; // private + signal input external_nullifier; + signal input identity_nullifier; signal input n_levels; // private signal output out; @@ -51,9 +51,9 @@ template CalculateNullifierHash() { // anything else should be 0. The prove can't lie by adding a zero into the diffs set // because we constrain those to match all elements in the set respectively. template SetMembership(length) { - signal input element; // private - signal input set[length]; // private - signal input diffs[length]; // private + signal input element; + signal input set[length]; + signal input diffs[length]; signal product[length + 1]; product[0] <== element; diff --git a/circuits/semaphore/tree.circom b/circuits/semaphore/tree.circom index ed5e34ece..f54b40c47 100644 --- a/circuits/semaphore/tree.circom +++ b/circuits/semaphore/tree.circom @@ -4,7 +4,7 @@ include "./hasherPoseidon.circom"; include "../../node_modules/circomlib/circuits/mux1.circom"; template CalculateTotal(n) { - signal input nums[n]; // private + signal input nums[n]; signal output sum; signal sums[n]; @@ -19,8 +19,8 @@ template CalculateTotal(n) { template QuinSelector(choices) { - signal input in[choices]; // private - signal input index; // private + signal input in[choices]; + signal input index; signal output out; component lessThan = LessThan(3); @@ -45,9 +45,9 @@ template Splicer(numItems) { var NUM_OUTPUT_ITEMS = numItems + 1; - signal input in[numItems]; // private - signal input leaf; // private - signal input index; // private + signal input in[numItems]; + signal input leaf; + signal input index; signal output out[NUM_OUTPUT_ITEMS]; component greaterThan[NUM_OUTPUT_ITEMS]; @@ -87,9 +87,9 @@ template QuinTreeInclusionProof(levels) { var LEAVES_PER_NODE = 5; var LEAVES_PER_PATH_LEVEL = LEAVES_PER_NODE - 1; - signal input leaf; // private - signal input path_index[levels]; // private - signal input path_elements[levels][LEAVES_PER_PATH_LEVEL]; // private + signal input leaf; + signal input path_index[levels]; + signal input path_elements[levels][LEAVES_PER_PATH_LEVEL]; signal output root; var i; diff --git a/circuits/set/membership.circom b/circuits/set/membership.circom index cff667ba5..479e0843f 100644 --- a/circuits/set/membership.circom +++ b/circuits/set/membership.circom @@ -3,8 +3,8 @@ pragma circom 2.0.0; include "../../node_modules/circomlib/circuits/comparators.circom"; template SetMembership(length) { - signal input element; // private - signal input set[length]; // private + signal input element; + signal input set[length]; signal product[length + 1]; product[0] <== 1;