Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add Value Commitment operator #125

Open
wants to merge 4 commits into
base: develop
Choose a base branch
from
Open

Add Value Commitment operator #125

Show file tree
Hide file tree
Changes from 2 commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
41c4451
Add ValueCommitment modifier operator
OBrezhniev Feb 23, 2024
5d36799
Merge branch 'develop' into feature/valueCommitment
OBrezhniev Feb 26, 2024
9511cce
Merge branch 'develop' into feature/valueCommitment
OBrezhniev Apr 17, 2024
9483263
Unit tests for ValueCommitment
OBrezhniev May 1, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
5 changes: 3 additions & 2 deletions circuits/lib/linked/linkId.circom
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,11 +1,12 @@
pragma circom 2.1.5;

include "../../../node_modules/circomlib/circuits/poseidon.circom";
include "../../../node_modules/circomlib/circuits/comparators.circom";
include "../../../node_modules/circomlib/circuits/mux1.circom";
volodymyr-basiuk marked this conversation as resolved.
Show resolved Hide resolved
include "../../../node_modules/circomlib/circuits/poseidon.circom";

template LinkID() {
signal input claimHash;
signal input linkNonce;
signal input linkNonce; // private random nonce to make the commitment unique and secure

signal output out;

Expand Down
4 changes: 3 additions & 1 deletion circuits/lib/query/modifiers.circom
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,7 @@ include "../../../node_modules/circomlib/circuits/mux4.circom";
/*
Modifier/computation operators:
16 - selective disclosure (16 = 10000 binary)
17 - value commitment (17 = 10001 binary)
*/

// modifierValidatorOutputSelector validates modifier operation and selects output value
Expand All @@ -24,7 +25,8 @@ template modifierValidatorOutputSelector() {
modifierOpValid.s <== [opBits[0], opBits[1], opBits[2], opBits[3]];
modifierOpValid.c <== [
1, // valid operator: 16 - selective disclosure (16-16 = index 0)
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
1, // valid operator: 17 - value commitment (17-1 = index 1)
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
];

ForceEqualIfEnabled()(
Expand Down
8 changes: 7 additions & 1 deletion circuits/lib/query/processQueryWithModifiers.circom
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,7 @@ pragma circom 2.1.1;
include "../../../node_modules/circomlib/circuits/comparators.circom";
include "query.circom";
include "modifiers.circom";
include "valueCommitment.circom";
include "../utils/claimUtils.circom";
include "../utils/arraySizeValidator.circom";

Expand All @@ -18,6 +19,7 @@ template ProcessQueryWithModifiers(claimLevels, maxValueArraySize){
signal input operator;
signal input value[maxValueArraySize];
signal input valueArraySize;
signal input commitNonce;

signal input issuerClaim[8];
signal input merklized;
Expand Down Expand Up @@ -101,6 +103,9 @@ template ProcessQueryWithModifiers(claimLevels, maxValueArraySize){
// selective disclosure
// no need to calc anything, fieldValue is just passed as an output

// value commitment
signal valueCommitment <== ValueCommitment()(fieldValue, commitNonce);

/////////////////////////////////////////////////////////////////
// Modifier Operator Validation & Output Preparation
/////////////////////////////////////////////////////////////////
Expand All @@ -110,7 +115,8 @@ template ProcessQueryWithModifiers(claimLevels, maxValueArraySize){
operator <== operator,
modifierOutputs <== [
fieldValue, // 16 - selective disclosure (16-16 = index 0)
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 // 17-31 - not used
valueCommitment, // 17 - value commitment (17-16 = index 1)
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 // 18-31 - not used
]
);
}
1 change: 1 addition & 0 deletions circuits/lib/query/query.circom
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -23,6 +23,7 @@ include "comparators.circom";
11 - exist
Modifier/computation operators:
16 - selective disclosure (16 = 10000 binary)
17 - value commitment (17 = 10001 binary)
*/

// Query template works only with Query operators (0-15), for the rest returns 0
Expand Down
27 changes: 27 additions & 0 deletions circuits/lib/query/valueCommitment.circom
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,27 @@
pragma circom 2.1.1;

include "../../../node_modules/circomlib/circuits/mux1.circom";
include "../../../node_modules/circomlib/circuits/comparators.circom";
include "../../../node_modules/circomlib/circuits/poseidon.circom";

/**
Value commitment circuit allows to commit to a specific value and then
reveal it later or use such a commitment in another circuits to prove that
multiple circuits work with the same value without revealing it.
*/

template ValueCommitment() {
signal input value;
signal input commitNonce; // private random nonce to make the commitment unique and secure

signal output out;

signal isNonceZero <== IsZero()(commitNonce);

signal commit <== Poseidon(2)([value, commitNonce]);
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks like I can receive the same commitment if I have another field with the same value and provide the same commitment outside. (I want to prove that I have the same date of birth in the different creds, but I can hack and prove that some another date that I have in other credential is equal to expected, but it is not the same meaning.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It's not a hack. Maybe user wants to prove to verifier that on his day of birth there was a sun eclipse. It's ok.
We don't have a way to check meaning of fields and we shouldn't. User needs to check what verifier asks from him - does it make sense.


out <== Mux1()(
[commit, 0],
isNonceZero
);
}
4 changes: 3 additions & 1 deletion circuits/linked/multiQuery.circom
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -26,6 +26,7 @@ template LinkedMultiQuery(N, claimLevels, maxValueArraySize) {
signal input operator[N];
signal input value[N][maxValueArraySize];
signal input valueArraySize[N];
signal input commitNonce[N];

// Outputs
signal output linkID;
Expand Down Expand Up @@ -68,7 +69,7 @@ template LinkedMultiQuery(N, claimLevels, maxValueArraySize) {
/////////////////////////////////////////////////////////////////
for (var i=0; i<N; i++) {
operatorNotNoop[i] <== NOT()(IsZero()(operator[i]));

// output value only if modifier operation was selected
operatorOutput[i] <== ProcessQueryWithModifiers(claimLevels, maxValueArraySize)(
operatorNotNoop[i], // enabled
Expand All @@ -82,6 +83,7 @@ template LinkedMultiQuery(N, claimLevels, maxValueArraySize) {
operator[i],
value[i],
valueArraySize[i],
commitNonce[i],
issuerClaim,
merklized,
merklize.out
Expand Down
2 changes: 2 additions & 0 deletions circuits/offchain/credentialAtomicQueryV3OffChain.circom
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -51,6 +51,7 @@ template credentialAtomicQueryV3OffChain(issuerLevels, claimLevels, maxValueArra
signal input operator;
signal input value[maxValueArraySize];
signal input valueArraySize;
signal input commitNonce;
signal input issuerClaim[8];

// MTP specific
Expand Down Expand Up @@ -224,6 +225,7 @@ template credentialAtomicQueryV3OffChain(issuerLevels, claimLevels, maxValueArra
operator,
value,
valueArraySize,
commitNonce,
issuerClaim,
merklized,
merklize.out
Expand Down
2 changes: 2 additions & 0 deletions circuits/onchain/credentialAtomicQueryV3OnChain.circom
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -118,6 +118,7 @@ template credentialAtomicQueryV3OnChain(issuerLevels, claimLevels, maxValueArray
signal input operator;
signal input value[maxValueArraySize];
signal input valueArraySize;
signal input commitNonce;

// MTP specific
signal input issuerClaimMtp[issuerLevels];
Expand Down Expand Up @@ -232,6 +233,7 @@ template credentialAtomicQueryV3OnChain(issuerLevels, claimLevels, maxValueArray
operator <== operator,
value <== value,
valueArraySize <== valueArraySize,
commitNonce <== commitNonce,
issuerClaim <== issuerClaim,
issuerClaimMtp <== issuerClaimMtp,
issuerClaimClaimsTreeRoot <== issuerClaimClaimsTreeRoot,
Expand Down
Loading