initial

2025-06-18 11:19:30 -04:00 · 2019-07-09 16:05:30 +03:00 · 2019-07-09 16:05:30 +03:00 · 12cc76f3b1
commit 12cc76f3b1
18 changed files with 41757 additions and 0 deletions
--- a/circuits/merkleTree.circom
+++ b/circuits/merkleTree.circom
@ -0,0 +1,70 @@
+include "../node_modules/circomlib/circuits/bitify.circom";
+include "../node_modules/circomlib/circuits/mimcsponge.circom";
+
+template HashLeftRight(rounds) {
+    signal input left;
+    signal input right;
+
+    signal output hash;
+
+    component hasher = MiMCSponge(2, rounds, 1);
+    hasher.ins[0] <== left;
+    hasher.ins[1] <== right;
+    hasher.k <== 0;
+
+    hash <== hasher.outs[0];
+}
+
+template Selector() {
+    signal input inputElement;
+    signal input pathElement;
+    signal input pathIndex;
+
+    signal output left;
+    signal output right;
+
+    signal leftSelector1;
+    signal leftSelector2;
+    signal rightSelector1;
+    signal rightSelector2;
+
+    pathIndex * (1-pathIndex) === 0
+
+    leftSelector1 <== (1 - pathIndex) * inputElement;
+    leftSelector2 <== (pathIndex) * pathElement;
+    rightSelector1 <== (pathIndex) * inputElement;
+    rightSelector2 <== (1 - pathIndex) * pathElement;
+
+    left <== leftSelector1 + leftSelector2;
+    right <== rightSelector1 + rightSelector2;
+}
+
+template MerkleTree(levels, rounds) {
+    signal input leaf;
+    signal private input pathElements[levels];
+    signal private input pathIndex[levels];
+
+    signal output root;
+
+    component selectors[levels];
+    component hashers[levels];
+
+    for (var i = 0; i < levels; i++) {
+        selectors[i] = Selector();
+        hashers[i] = HashLeftRight(rounds);
+
+        selectors[i].pathElement <== pathElements[i];
+        selectors[i].pathIndex <== pathIndex[i];
+
+        hashers[i].left <== selectors[i].left;
+        hashers[i].right <== selectors[i].right;
+    }
+
+    selectors[0].inputElement <== leaf;
+
+    for (var i = 1; i < levels; i++) {
+        selectors[i].inputElement <== hashers[i-1].hash;
+    }
+
+    root <== hashers[levels - 1].hash;
+}
--- a/circuits/withdraw.circom
+++ b/circuits/withdraw.circom
@ -0,0 +1,49 @@
+include "../node_modules/circomlib/circuits/bitify.circom";
+include "../node_modules/circomlib/circuits/pedersen.circom";
+include "merkleTree.circom";
+
+template CommitmentHasher() {
+    signal input nullifier;
+    signal private input secret;
+
+    signal output hash;
+
+    component commitment = Pedersen(512);
+    component nullifierBits = Num2Bits(256);
+    component secretBits = Num2Bits(256);
+    nullifierBits.in <== nullifier;
+    secretBits.in <== secret;
+    for (var i = 0; i < 256; i++) {
+        commitment.in[i] <== nullifierBits.out[i];
+        commitment.in[i + 256] <== secretBits.out[i];
+    }
+
+    hash <== commitment.out[0];
+}
+
+template Withdraw(levels, rounds) {
+    signal input root;
+    signal input nullifier;
+    signal input receiver; // not taking part in any computations
+    signal input fee; // not taking part in any computations
+    signal private input secret;
+    signal private input pathElements[levels];
+    signal private input pathIndex[levels];
+
+    component hasher = CommitmentHasher();
+    hasher.nullifier <== nullifier;
+    hasher.secret <== secret;
+
+    component tree = MerkleTree(levels, rounds);
+    tree.leaf <== hasher.hash;
+    tree.pathElements <== pathElements;
+    tree.pathIndex <== pathIndex;
+
+    root === tree.root;
+
+    // TODO: Check if we need some kind of explicit constraints or something
+    fee === fee;
+    receiver === receiver;
+}
+
+component main = Withdraw(16, 220);