worldcoin · dcbuild3r · Sep 27, 2023 · Sep 7, 2023 · Sep 11, 2023 · Sep 11, 2023
diff --git a/src/DeletionTreeVerifier.sol b/src/DeletionTreeVerifier.sol
diff --git a/src/InsertionTreeVerifier.sol b/src/InsertionTreeVerifier.sol
diff --git a/src/SemaphoreVerifier.sol b/src/SemaphoreVerifier.sol
diff --git a/src/WorldIDIdentityManagerImplV1.sol b/src/WorldIDIdentityManagerImplV1.sol
diff --git a/src/WorldIDIdentityManagerImplV2.sol b/src/WorldIDIdentityManagerImplV2.sol
@@ -86,13 +86,9 @@ contract WorldIDIdentityManagerImplV2 is WorldIDIdentityManagerImplV1 {
     ///        described by `preRoot`. Must be an element of the field `Kr`.
     ///
     /// @custom:reverts Unauthorized If the message sender is not authorised to add identities.
-    /// @custom:reverts InvalidCommitment If one or more of the provided commitments is invalid.
     /// @custom:reverts NotLatestRoot If the provided `preRoot` is not the latest root.
     /// @custom:reverts ProofValidationFailure If `deletionProof` cannot be verified using the
     ///                 provided inputs.
-    /// @custom:reverts UnreducedElement If any of the `preRoot`, `postRoot` and
-    ///                 `identityCommitments` is not an element of the field `Kr`. It describes the
-    ///                 type and value of the unreduced element.
     /// @custom:reverts VerifierLookupTable.NoSuchVerifier If the batch sizes doesn't match a known
     ///                 verifier.
     /// @custom:reverts VerifierLookupTable.BatchTooLarge If the batch size exceeds the maximum
@@ -114,24 +110,14 @@ contract WorldIDIdentityManagerImplV2 is WorldIDIdentityManagerImplV1 {
 
         // No matter what, the inputs can result in a hash that is not an element of the scalar
         // field in which we're operating. We reduce it into the field before handing it to the
-        // verifier. All other elements are reduced in the circuit.
+        // verifier. All other elements that are passed as calldata are reduced in the circuit.
         uint256 reducedElement = uint256(inputHash) % SNARK_SCALAR_FIELD;
 
         // We need to look up the correct verifier before we can verify.
         ITreeVerifier deletionVerifier = batchDeletionVerifiers.getVerifierFor(batchSize);
 
         // With that, we can properly try and verify.
-        try deletionVerifier.verifyProof(
-            [deletionProof[0], deletionProof[1]],
-            [[deletionProof[2], deletionProof[3]], [deletionProof[4], deletionProof[5]]],
-            [deletionProof[6], deletionProof[7]],
-            [reducedElement]
-        ) returns (bool verifierResult) {
-            // If the proof did not verify, we revert with a failure.
-            if (!verifierResult) {
-                revert ProofValidationFailure();
-            }
-
+        try deletionVerifier.verifyProof(deletionProof, [reducedElement]) {
             // If it did verify, we need to update the contract's state. We set the currently valid
             // root to the root after the insertions.
             _latestRoot = postRoot;

diff --git a/src/interfaces/ISemaphoreVerifier.sol b/src/interfaces/ISemaphoreVerifier.sol
@@ -0,0 +1,18 @@
+// SPDX-License-Identifier: MIT
+pragma solidity ^0.8.21;
+
+/// @title Tree Verifier Interface
+/// @author Worldcoin
+/// @notice An interface representing a merkle tree verifier.
+interface ISemaphoreVerifier {
+    /// @notice Verify an uncompressed Groth16 proof.
+    /// @notice Reverts with InvalidProof if the proof is invalid or
+    /// with PublicInputNotInField the public input is not reduced.
+    /// @notice There is no return value. If the function does not revert, the
+    /// proof was succesfully verified.
+    /// @param proof the points (A, B, C) in EIP-197 format matching the output
+    /// of compressProof.
+    /// @param input the public input field elements in the scalar field Fr.
+    /// Elements must be reduced.
+    function verifyProof(uint256[8] calldata proof, uint256[4] calldata input) external view;
+}
diff --git a/src/interfaces/ITreeVerifier.sol b/src/interfaces/ITreeVerifier.sol
@@ -5,22 +5,14 @@ pragma solidity ^0.8.21;
 /// @author Worldcoin
 /// @notice An interface representing a merkle tree verifier.
 interface ITreeVerifier {
-    /// @notice Verifies the provided proof data for the provided public inputs.
-    /// @dev It is highly recommended that the implementation is restricted to `view` if possible.
-    ///
-    /// @param a The first G1Point of the proof (ar).
-    /// @param b The G2Point for the proof (bs).
-    /// @param c The second G1Point of the proof (kr).
-    /// @param input The public inputs to the function, reduced such that it is a member of the
-    ///              field `Fr` where `r` is `SNARK_SCALAR_FIELD`.
-    ///
-    /// @return result True if the proof verifies successfully, false otherwise.
-    /// @custom:reverts string If the proof elements are not < `PRIME_Q` or if the `input` is not
-    ///                 less than `SNARK_SCALAR_FIELD`.
-    function verifyProof(
-        uint256[2] memory a,
-        uint256[2][2] memory b,
-        uint256[2] memory c,
-        uint256[1] memory input
-    ) external returns (bool result);
+    /// @notice Verify an uncompressed Groth16 proof.
+    /// @notice Reverts with InvalidProof if the proof is invalid or
+    /// with PublicInputNotInField the public input is not reduced.
+    /// @notice There is no return value. If the function does not revert, the
+    /// proof was succesfully verified.
+    /// @param proof the points (A, B, C) in EIP-197 format matching the output
+    /// of compressProof.
+    /// @param input the public input field elements in the scalar field Fr.
+    /// Elements must be reduced.
+    function verifyProof(uint256[8] calldata proof, uint256[1] calldata input) external;
 }