diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 08c1914..74ba982 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -4,7 +4,7 @@ name: release on: push: tags: - - 'v*.*.*' + - "v*.*.*" env: ZETO_VER: ${{ github.ref_name }} @@ -93,7 +93,7 @@ jobs: - name: Release Zeto Version uses: ncipollo/release-action@v1 with: - allowUpdates: 'true' + allowUpdates: "true" artifacts: zeto-wasm-and-proving-keys/*.tar.gz tag: ${{ env.ZETO_VER }} env: diff --git a/.gitignore b/.gitignore index 2608ec2..e43b0f9 100644 --- a/.gitignore +++ b/.gitignore @@ -1,2 +1 @@ .DS_Store -.vscode \ No newline at end of file diff --git a/.vscode/settings.json b/.vscode/settings.json new file mode 100644 index 0000000..87b5da0 --- /dev/null +++ b/.vscode/settings.json @@ -0,0 +1,6 @@ +{ + "yaml.format.singleQuote": false, + "prettier.enable": true, + "prettier.jsxSingleQuote": false, + "yaml.format.enable": true +} \ No newline at end of file diff --git a/go-sdk/go.mod b/go-sdk/go.mod index e40de85..0926df0 100644 --- a/go-sdk/go.mod +++ b/go-sdk/go.mod @@ -31,9 +31,9 @@ require ( github.com/pkg/errors v0.9.1 // indirect github.com/rogpeppe/go-internal v1.12.0 // indirect github.com/santhosh-tekuri/jsonschema/v5 v5.3.1 // indirect - golang.org/x/sync v0.8.0 // indirect - golang.org/x/term v0.25.0 // indirect - golang.org/x/text v0.19.0 // indirect + golang.org/x/sync v0.9.0 // indirect + golang.org/x/term v0.26.0 // indirect + golang.org/x/text v0.20.0 // indirect gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 // indirect ) @@ -46,8 +46,8 @@ require ( github.com/iden3/go-rapidsnark/types v0.0.2 // indirect github.com/iden3/go-rapidsnark/witness/v2 v2.0.0 github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect - golang.org/x/crypto v0.28.0 // indirect - golang.org/x/sys v0.26.0 // indirect + golang.org/x/crypto v0.29.0 // indirect + golang.org/x/sys v0.27.0 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect gorm.io/driver/postgres v1.5.9 gorm.io/driver/sqlite v1.5.6 diff --git a/go-sdk/go.sum b/go-sdk/go.sum index d979ca1..ea78754 100644 --- a/go-sdk/go.sum +++ b/go-sdk/go.sum @@ -88,21 +88,21 @@ github.com/stretchr/testify v1.9.0 h1:HtqpIVDClZ4nwg75+f6Lvsy/wHu+3BoSGCbBAcpTsT github.com/stretchr/testify v1.9.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY= github.com/x-cray/logrus-prefixed-formatter v0.5.2 h1:00txxvfBM9muc0jiLIEAkAcIMJzfthRT6usrui8uGmg= github.com/x-cray/logrus-prefixed-formatter v0.5.2/go.mod h1:2duySbKsL6M18s5GU7VPsoEPHyzalCE06qoARUCeBBE= -golang.org/x/crypto v0.28.0 h1:GBDwsMXVQi34v5CCYUm2jkJvu4cbtru2U4TN2PSyQnw= -golang.org/x/crypto v0.28.0/go.mod h1:rmgy+3RHxRZMyY0jjAJShp2zgEdOqj2AO7U0pYmeQ7U= +golang.org/x/crypto v0.29.0 h1:L5SG1JTTXupVV3n6sUqMTeWbjAyfPwoda2DLX8J8FrQ= +golang.org/x/crypto v0.29.0/go.mod h1:+F4F4N5hv6v38hfeYwTdx20oUvLLc+QfrE9Ax9HtgRg= golang.org/x/net v0.21.0 h1:AQyQV4dYCvJ7vGmJyKki9+PBdyvhkSd8EIx/qb0AYv4= golang.org/x/net v0.21.0/go.mod h1:bIjVDfnllIU7BJ2DNgfnXvpSvtn8VRwhlsaeUTyUS44= -golang.org/x/sync v0.8.0 h1:3NFvSEYkUoMifnESzZl15y791HH1qU2xm6eCJU5ZPXQ= -golang.org/x/sync v0.8.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= +golang.org/x/sync v0.9.0 h1:fEo0HyrW1GIgZdpbhCRO0PkJajUS5H9IFUztCgEo2jQ= +golang.org/x/sync v0.9.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.26.0 h1:KHjCJyddX0LoSTb3J+vWpupP9p0oznkqVk/IfjymZbo= -golang.org/x/sys v0.26.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= -golang.org/x/term v0.25.0 h1:WtHI/ltw4NvSUig5KARz9h521QvRC8RmF/cuYqifU24= -golang.org/x/term v0.25.0/go.mod h1:RPyXicDX+6vLxogjjRxjgD2TKtmAO6NZBsBRfrOLu7M= -golang.org/x/text v0.19.0 h1:kTxAhCbGbxhK0IwgSKiMO5awPoDQ0RpfiVYBfK860YM= -golang.org/x/text v0.19.0/go.mod h1:BuEKDfySbSR4drPmRPG/7iBdf8hvFMuRexcpahXilzY= +golang.org/x/sys v0.27.0 h1:wBqf8DvsY9Y/2P8gAfPDEYNuS30J4lPHJxXSb/nJZ+s= +golang.org/x/sys v0.27.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= +golang.org/x/term v0.26.0 h1:WEQa6V3Gja/BhNxg540hBip/kkaYtRg3cxg4oXSw4AU= +golang.org/x/term v0.26.0/go.mod h1:Si5m1o57C5nBNQo5z1iq+XDijt21BDBDp2bK0QI8e3E= +golang.org/x/text v0.20.0 h1:gK/Kv2otX8gz+wn7Rmb3vT96ZwuoxnQlY+HlJVj7Qug= +golang.org/x/text v0.20.0/go.mod h1:D4IsuqiFMhST5bX19pQ9ikHC2GsaKyk/oF+pn3ducp4= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q= diff --git a/solidity/contracts/lib/interfaces/izeto_base.sol b/solidity/contracts/lib/interfaces/izeto_base.sol index 65e3042..d9d37bb 100644 --- a/solidity/contracts/lib/interfaces/izeto_base.sol +++ b/solidity/contracts/lib/interfaces/izeto_base.sol @@ -17,4 +17,11 @@ pragma solidity ^0.8.20; interface IZetoBase { event UTXOMint(uint256[] outputs, address indexed submitter, bytes data); + event UTXOWithdraw( + uint256 amount, + uint256[] inputs, + uint256 output, + address indexed submitter, + bytes data + ); } diff --git a/solidity/contracts/lib/verifier_anon.sol b/solidity/contracts/lib/verifier_anon.sol index 4e12182..5a4352e 100644 --- a/solidity/contracts/lib/verifier_anon.sol +++ b/solidity/contracts/lib/verifier_anon.sol @@ -43,20 +43,20 @@ contract Groth16Verifier_Anon { uint256 constant deltay2 = 8495653923123431417604973247489272438418190587263600148770280649306958101930; - uint256 constant IC0x = 7880570501616954033449249705612423743947917217762227169455996425895409308069; - uint256 constant IC0y = 16037977379262161215838992441602151816132528427823476849251965711850026771282; + uint256 constant IC0x = 1902294708609438766644796849204928803663740221366415953958959671322392851564; + uint256 constant IC0y = 12303706229402770227626541861677666866256980943367923556129762158140843548287; - uint256 constant IC1x = 3191333703052089419021769453082884793399932129266866020831740455289118800142; - uint256 constant IC1y = 21477517066616503414140155997000632350001710942549881728779592511429573079111; + uint256 constant IC1x = 6203750222123167001680138260485388290509753949796409294680745274528939225218; + uint256 constant IC1y = 14273694985744114904153451898553819231835595683225898188370999467603823889120; - uint256 constant IC2x = 16885208475016452114858926052206861980729516929087584811016509445387840675455; - uint256 constant IC2y = 5147245545557756973634019997703333615725927836480197246708868784411191230479; + uint256 constant IC2x = 13851857796635439596347101558854032349005376871103497746213823704338073021460; + uint256 constant IC2y = 7967526762804365938696698938751824648449736305244161041844814326643079898090; - uint256 constant IC3x = 15835356586191668496840124419874303619120998155857419776899384064363221991587; - uint256 constant IC3y = 20908242415588131257102523967622376586606149730424652535302995251912262933338; + uint256 constant IC3x = 12245690231014470786603136099602124408674587253367196875598058296083705481696; + uint256 constant IC3y = 11623815329524890470474756993864782999204409209062428531060410020655296376735; - uint256 constant IC4x = 9093574318834908512463783917068049424411720596282920493474417518947185056343; - uint256 constant IC4y = 11075523168674705447560739102902207168994349904089316239065508553166880667632; + uint256 constant IC4x = 12465556430374686644611513936282716496357430439429402691697005880009555085162; + uint256 constant IC4y = 19628482398819988298416397224449752871272762208876492653622728381407269132622; // Memory data @@ -178,8 +178,6 @@ contract Groth16Verifier_Anon { checkField(calldataload(add(_pubSignals, 96))) - checkField(calldataload(add(_pubSignals, 128))) - // Validate all evaluations let isValid := checkPairing(_pA, _pB, _pC, _pubSignals, pMem) diff --git a/solidity/contracts/lib/verifier_anon_batch.sol b/solidity/contracts/lib/verifier_anon_batch.sol index f9edb88..b9f7bbd 100644 --- a/solidity/contracts/lib/verifier_anon_batch.sol +++ b/solidity/contracts/lib/verifier_anon_batch.sol @@ -43,68 +43,68 @@ contract Groth16Verifier_AnonBatch { uint256 constant deltay2 = 8495653923123431417604973247489272438418190587263600148770280649306958101930; - uint256 constant IC0x = 7350704524928688275292840025124065423740063008800895120525087407994752877201; - uint256 constant IC0y = 2799126510591142173363017397720516529394924864315551143867807018421626690119; + uint256 constant IC0x = 14401916694900248086984454610617645117186037810025870355725588875905411527905; + uint256 constant IC0y = 21823139981972768925181597835606667363291590735926744185425609626967895836641; - uint256 constant IC1x = 15114426819216201179872908092779017267381626760685787377067219151816946668652; - uint256 constant IC1y = 14838074688889382104234389353861310342101008292329117062017984254049923814567; + uint256 constant IC1x = 18152399282716158169629531201439344161063103224251361362440246670930516009303; + uint256 constant IC1y = 6080278265173093538537246863599160169974109935068305121259074193384775431363; - uint256 constant IC2x = 730339637320572287782154794373845462390183137415643273893913142940971480827; - uint256 constant IC2y = 19985499776670900046058141562265498153194098786416301295749136204157143223257; + uint256 constant IC2x = 8297218266848061835807071945554336477046207943620428501160290285825071517363; + uint256 constant IC2y = 15656222378314004248176477825191755476212778291146638786091437963148762568128; - uint256 constant IC3x = 9288139911866100824798052123452797946689070588016735822932030258103315149401; - uint256 constant IC3y = 16977250707758369783496569651353493853376997801050995881185421156748434466112; + uint256 constant IC3x = 3047434740237115324297422001872346293290441872228378409771516453051049454159; + uint256 constant IC3y = 10541096522864074461757896295030226941094097575004052502097468583817879074093; - uint256 constant IC4x = 21510548625929410705790577208028337997806497327590548181858615339378132408637; - uint256 constant IC4y = 3128887610074880752216864118368626601909966489390261420893039641632285348662; + uint256 constant IC4x = 18415204963750428001366853480098284329225951295307528124155234247674301562276; + uint256 constant IC4y = 18206845444283706289783054066424364156383540489856915668759698699066029015528; - uint256 constant IC5x = 2361488310513536785687009709084938913997548752815455418762779361014568173520; - uint256 constant IC5y = 13064109709118668398319496370144322446834954821774816697768219563719250168349; + uint256 constant IC5x = 5848632330022221449217083844906849578988699882267611916943101169293886327152; + uint256 constant IC5y = 8525192717750394881723959129538639054882628564239664911410730246619999848599; - uint256 constant IC6x = 21741423469437839061841808146523619080128207788113423296935124975483247508524; - uint256 constant IC6y = 18529865771178923498390020744089890179100271666005560576880042925185095150796; + uint256 constant IC6x = 18737933721565426341245741788052591666191809520781288299820522320094073877002; + uint256 constant IC6y = 17893060166280487897808816982590615297284643156483941137846260492062460760617; - uint256 constant IC7x = 11716063437444665329534450300340853360047012717360647680536852931180756322691; - uint256 constant IC7y = 13954938730266059993129237217568930694055393902398630589007640179821232776471; + uint256 constant IC7x = 19098445952237615276849115001752018549598132495817554411626726814628060269826; + uint256 constant IC7y = 12055887832584514874540928561552980046792594771344397625875810924512944008940; - uint256 constant IC8x = 18539559570765334761569967454539119188781496123683317380886819179820750135048; - uint256 constant IC8y = 1483429005281923495773016521713883280913961201691552702249885389478804186825; + uint256 constant IC8x = 14049087315628302176692100175044083505908130478745651601589669404557285071536; + uint256 constant IC8y = 11760483736571233695765389297508375430401740670321979310551162352220705482170; - uint256 constant IC9x = 20285495211995559572269870221492706959016981268896437450344735235620123723655; - uint256 constant IC9y = 6752334852699479365814827613653118536864386885890891616534513343873157237627; + uint256 constant IC9x = 13933845163646305706487746770461738555628647435735733692423741028126085769120; + uint256 constant IC9y = 5906072330325167864469019724869377799273255560000238774314064772801265008600; - uint256 constant IC10x = 499733066798987642797898596902737884227228799269010229470629826857301398382; - uint256 constant IC10y = 15539873607166155350908234290005251689258814640931878010822879323585218295253; + uint256 constant IC10x = 13705817542782816555899655377219516947625498453397622184137502850319776285664; + uint256 constant IC10y = 9042948681425040255034970979470429950080719583285309041655605511548953117983; - uint256 constant IC11x = 14930084334244027775740030172875333009547849405540674149093528597500172682264; - uint256 constant IC11y = 16031096719063780066038712493256021950493445187501019225557322455675638312312; + uint256 constant IC11x = 21219849026857904949098640161461967736586495130286899335070690044195456905584; + uint256 constant IC11y = 9738292818521877248157023071103026883633012472866114286481112790569861434809; - uint256 constant IC12x = 6930962007199462838250740922397839173312453564335400737449304292728948783789; - uint256 constant IC12y = 16346148217738032915228412851186792388219205265009907670473983861216251226700; + uint256 constant IC12x = 16821584442373432772708439871996312879436027142106307298789026044142912059297; + uint256 constant IC12y = 18179456728684141852474805451524977640053894307290781083105544127773978083590; - uint256 constant IC13x = 9287437502652310030364103755261068142532329727588192042484528210346407028717; - uint256 constant IC13y = 10794968646463009884004236152576271915074358785469677937139140234440868974660; + uint256 constant IC13x = 18644980581060530311357977147481430713902817828375295403067823676395599257852; + uint256 constant IC13y = 4274710606613794907868577617888070748913495219029409238664182414438828140774; - uint256 constant IC14x = 8642192551833486309442810432407204382142862801515472400962676449719624895869; - uint256 constant IC14y = 4332840556069660127909924749213870708387611051261894964111742875494185381254; + uint256 constant IC14x = 1670061012290661486355607450319597799823993362799528125098867249745378187092; + uint256 constant IC14y = 17357067744661529049119254714176244266487122291167133704079413719073749738908; - uint256 constant IC15x = 14067924916167871162655244922817653716539707386728077576851376753722366021529; - uint256 constant IC15y = 14550114442576756814639260074491842266739552217696789898458344525407905929187; + uint256 constant IC15x = 20214070364826093890785202955205369405718408221128285777814067171054281417142; + uint256 constant IC15y = 6676623764796503794882178144016983490948422057538987148553778809368627351866; - uint256 constant IC16x = 857685849844171065596763211033783999825532174706327764798436830629594817956; - uint256 constant IC16y = 1806650528151069748359044935863429380424562852004122550972004167352156895294; + uint256 constant IC16x = 19188803159885638492346037355574861082584717060749055884680169327249938506224; + uint256 constant IC16y = 14635030226769140385410527971428459895270353563660740462654337932363700995073; - uint256 constant IC17x = 6579597513808886576406099469755577551041805432889990719580240981271077896359; - uint256 constant IC17y = 710420057294757587910020146667270882809600269535553928956263589284791937083; + uint256 constant IC17x = 1032439080446701812081769707385444592210021579802000978244234134167421120896; + uint256 constant IC17y = 20080022736872634490249028574119868255366821827646688359584040403863693869436; - uint256 constant IC18x = 11601578039573676772840572687707180388906572122494709390061757932977931982868; - uint256 constant IC18y = 7211311325685441076944820285599089955580368690880374995924683333150557101184; + uint256 constant IC18x = 6320239074134649680926373071446503578744317667951777657870688787798460814779; + uint256 constant IC18y = 4076247364427329948398771036551813672936759695367436275660900533153237218613; - uint256 constant IC19x = 20231546290866664701331485462044304003843557412739655597831229162580880981510; - uint256 constant IC19y = 876382137719899827148465359455799570987326687830025736167684593436185681270; + uint256 constant IC19x = 18319045025948706149806565908584079240069485862781923810594761414646236403507; + uint256 constant IC19y = 1443810282819553906570438933381282835687988434540658729326313586117183414978; - uint256 constant IC20x = 14850885628527218757662473212989221130196138052975444666446471458588122224774; - uint256 constant IC20y = 12708590969663513735666954823403671843557581713214725762521430223488205347685; + uint256 constant IC20x = 17616701033046011221658156058153126401552902469497703215789359069808206367708; + uint256 constant IC20y = 7948235851932996085506931557727991080994605820774849180821643683325993620091; // Memory data @@ -290,8 +290,6 @@ contract Groth16Verifier_AnonBatch { checkField(calldataload(add(_pubSignals, 608))) - checkField(calldataload(add(_pubSignals, 640))) - // Validate all evaluations let isValid := checkPairing(_pA, _pB, _pC, _pubSignals, pMem) diff --git a/solidity/contracts/lib/verifier_anon_enc.sol b/solidity/contracts/lib/verifier_anon_enc.sol index f1549b9..f7a2c88 100644 --- a/solidity/contracts/lib/verifier_anon_enc.sol +++ b/solidity/contracts/lib/verifier_anon_enc.sol @@ -43,53 +43,53 @@ contract Groth16Verifier_AnonEnc { uint256 constant deltay2 = 8495653923123431417604973247489272438418190587263600148770280649306958101930; - uint256 constant IC0x = 6276747569518122807210603303722154550190651061721865706917646303280375103675; - uint256 constant IC0y = 3727017199715490133457649802467220829259654841289127784357651002510660300662; + uint256 constant IC0x = 15030214739401137192003823731657777449791311764422437899883414794994910536777; + uint256 constant IC0y = 2985215208025135977904571916489522998142109618770063756901168286087357439057; - uint256 constant IC1x = 2320527881302970161082983597536012922352300864623236649934960001038519624274; - uint256 constant IC1y = 1916963794430692395652802477938622188603047992000097692795283307464856076371; + uint256 constant IC1x = 13781386184789695642037624685639646860172747031837212681764863508045714411815; + uint256 constant IC1y = 17071570340192799172000627033733757691776265126250162550386438527807483060208; - uint256 constant IC2x = 21596058299450284113535943657960726299563312370130332740900316107840716803296; - uint256 constant IC2y = 21365592615504281125064071438234105307087619234962631636728527507631860669567; + uint256 constant IC2x = 9726809282258735670596637770693394344029133945012465178630200480691165523273; + uint256 constant IC2y = 7302038865404864659290604521096190622083227016241716111467691841178401847616; - uint256 constant IC3x = 14285920220116798400391653727392610849014881108527555041872854836164662603112; - uint256 constant IC3y = 261892684425132757450359737228059903462096592906801079581933381899139644107; + uint256 constant IC3x = 10380886305787658261080428949731145114949352518790106171690560701090568235851; + uint256 constant IC3y = 9159174387117675393341284784489519249198203165599686862238064455491426468925; - uint256 constant IC4x = 1228717852198586389738440313344465005287288949548026556772807808074412020129; - uint256 constant IC4y = 19831713320116870701080957390591062454582575980268596444755997820082215594485; + uint256 constant IC4x = 14900106649738320382178766033375522329832479160958462624877120137513390570047; + uint256 constant IC4y = 14123723224323607584582281518344475825141584212602796633634595001403769493064; - uint256 constant IC5x = 8841767838175437599580623045698684022427377467875042096794082047548538173540; - uint256 constant IC5y = 20679680073199890089986129173790327637929547496247458879281664968283076431330; + uint256 constant IC5x = 19807341105417576715446019077004758227815930264958519061075609174905699760251; + uint256 constant IC5y = 12463090198859326169477111396312479594257404229763726320900882640528896933753; - uint256 constant IC6x = 5984994798987278036249563929239451875392161634272639360573774251855181459504; - uint256 constant IC6y = 6352796936852746690868771135448281060570046348664670061308691736554667627239; + uint256 constant IC6x = 21586161037925048599183419147645404497733054933305874980330255597723274735637; + uint256 constant IC6y = 1271936060461584804548525978627736838233777974644859846508796051998609836034; - uint256 constant IC7x = 3307402749716845704900160697938878641617423504456112289854922516395827936088; - uint256 constant IC7y = 11944686875184615500424742019351647158127603206033626393275187778966883129154; + uint256 constant IC7x = 4335948493028935103522766066169455368635875140319545758801385783354561139913; + uint256 constant IC7y = 12986088609624619784328163742783123783898457840838274755613821692405113098603; - uint256 constant IC8x = 2167921800594244881987478854261700831004688173023551862311979398289627529911; - uint256 constant IC8y = 18441559285570498355196553746289779298216978632355533226296682479854720307446; + uint256 constant IC8x = 9710187508856516940996220846173733968640755876900070777067814016964306526526; + uint256 constant IC8y = 10514040217549601097013480769071334693060337137921051380551448054172042949642; - uint256 constant IC9x = 16194321557743310559882244072096113269378784289973883900975657339479218893661; - uint256 constant IC9y = 9333607209403690316028599718414380942123291933558377264317727220665888906177; + uint256 constant IC9x = 15036704422032611906049139300550723348649062019526956622652015861634896452769; + uint256 constant IC9y = 8741680172320556538410703530770523781795676307015332673220188196434408415449; - uint256 constant IC10x = 11763124843314694770674029098143898163207296445403434564003811916181443467789; - uint256 constant IC10y = 11474851338724165438098625917090736344985119247607432644045515084847727286859; + uint256 constant IC10x = 17119072413823170885635232472157484849890119113673304877708789547595043502501; + uint256 constant IC10y = 4738806178879764062788777297750053583726132600743108138740236433543388536131; - uint256 constant IC11x = 20463590317096967539062765296429567237451547047819217836607641222184840552616; - uint256 constant IC11y = 2374511497993789249592935909204108111572883083995974837409751730785943684801; + uint256 constant IC11x = 11282503423494540494584858305868406078506046571663755510393106661047557194888; + uint256 constant IC11y = 7256160648331513325581155388846639014239613379898179750045424787475513842761; - uint256 constant IC12x = 5360663496332086683030085775791171810863893422349391971737013590847118848888; - uint256 constant IC12y = 15003051648210065137352969604932411331891058385601013483678409194432651898564; + uint256 constant IC12x = 2440746297677226167325054412353219363197829774157304732991500883537284217927; + uint256 constant IC12y = 20616627635535943477624497728501402694683837498353366167723161696578567328584; - uint256 constant IC13x = 6455547517508404886843312050700037601528719512561840012594420335873310644520; - uint256 constant IC13y = 1823215784134382847282142111721942971793109047310681636547858005025540202130; + uint256 constant IC13x = 15470589698197974705358560976761222633978695673538036794995516478249488622067; + uint256 constant IC13y = 9891760547749816368835653600263926537220721512271943145699416196216186011250; - uint256 constant IC14x = 10994488460669351888245632232772517959469681851792249573047590885520521915372; - uint256 constant IC14y = 15460968625607687477209267072611263891412189843116393205164417979232034151014; + uint256 constant IC14x = 2706520807812969576361115121867302327159116606543075813412805893138174440915; + uint256 constant IC14y = 12375578243023856991189832252934833938702352550757080722534817241978251904511; - uint256 constant IC15x = 4566012578812710100605468161791687026100464852252694042067067033174318782352; - uint256 constant IC15y = 13395233754819832486048215919199827219876877519148023975528122435249203009174; + uint256 constant IC15x = 19072021057908642807224142806808137567983907399946520090660197755334963919953; + uint256 constant IC15y = 9407556490237218013292109128436248032923513006916152823719652101464010087144; // Memory data @@ -255,8 +255,6 @@ contract Groth16Verifier_AnonEnc { checkField(calldataload(add(_pubSignals, 448))) - checkField(calldataload(add(_pubSignals, 480))) - // Validate all evaluations let isValid := checkPairing(_pA, _pB, _pC, _pubSignals, pMem) diff --git a/solidity/contracts/lib/verifier_anon_enc_batch.sol b/solidity/contracts/lib/verifier_anon_enc_batch.sol index a11f44b..6822e92 100644 --- a/solidity/contracts/lib/verifier_anon_enc_batch.sol +++ b/solidity/contracts/lib/verifier_anon_enc_batch.sol @@ -43,197 +43,197 @@ contract Groth16Verifier_AnonEncBatch { uint256 constant deltay2 = 8495653923123431417604973247489272438418190587263600148770280649306958101930; - uint256 constant IC0x = 11440393942871974514866869127272798177910063098495161064380617913947836707883; - uint256 constant IC0y = 133186548537922933703816851228186559672737402151435687458413732717456356699; + uint256 constant IC0x = 18580313005843130750897171718145080482235072131569730259957978577748570559649; + uint256 constant IC0y = 11008887417210438536585448513758116701594184516218266767200382038698657764221; - uint256 constant IC1x = 21373502176400161146006095202392315245434857405673246292304981642513085314126; - uint256 constant IC1y = 5973954329693434352436139985867871181759296344186415170634863590214156315249; + uint256 constant IC1x = 10395455187749871152883464021307305039211351581687979783405361207037728300193; + uint256 constant IC1y = 11600915897800791538290922796324375639045246774375030019235967800001631056081; - uint256 constant IC2x = 12019982747471100639634052399766418050683537218547481676294176787917881186607; - uint256 constant IC2y = 6405218792291212317907081159284014400722968772889118220663168950295447220705; + uint256 constant IC2x = 19012918149126703267663593445808175619480893261454622174940060826375314872156; + uint256 constant IC2y = 17292336586116381783624259876837450266737198173900937538650199584511449644435; - uint256 constant IC3x = 21541101932056629567381357223394008276342942119132930855282215690662139162650; - uint256 constant IC3y = 2271680116783907835750785191482937543677602522528953806278114962346139021582; + uint256 constant IC3x = 4019137029405419097267801088312523285238891636115679173603315739468427252747; + uint256 constant IC3y = 15809545958206039472783912362667444249113343409085595869382050690665993502050; - uint256 constant IC4x = 846331695052133801075541266442844556008871193706530866288171629930034596396; - uint256 constant IC4y = 4671805763816924754378540315344588906110138930562619888525186553727651894671; + uint256 constant IC4x = 14872887748100989828841255841897557661988963843773440593461687004862289568357; + uint256 constant IC4y = 707264018499155351153144909653994994003834790710696804648109563993025943366; - uint256 constant IC5x = 15862626577644729681546548720212355443270891570787917457090900376528365907086; - uint256 constant IC5y = 9430270885582061272669262029645569297998413282783538758784652807562041710438; + uint256 constant IC5x = 16514496054640308404323890294088865968089714028777208291765274441332074171864; + uint256 constant IC5y = 12769219872332104583750516550260785834899303444511175589424170196695435680484; - uint256 constant IC6x = 20364249990587186388777009860293192582601009345886932525111517332970281035952; - uint256 constant IC6y = 1334839598218736363793400104054202408205710585818802803620178832624743447850; + uint256 constant IC6x = 13905557825606788993678073885934030632306346259739236330021528211041430955807; + uint256 constant IC6y = 19723644376451716571992106547505336259465112950673654358978326957992400044064; - uint256 constant IC7x = 12417757356672597564383775211044365887294796389246614359706817666990934075472; - uint256 constant IC7y = 11622602145382847018929095868878319532905122146499153532367406851678378002641; + uint256 constant IC7x = 8264179395231575277465933874879987694885169362396639992636472287793251648110; + uint256 constant IC7y = 12443896788758655422719991504651147026633647705033180775565654824821165943059; - uint256 constant IC8x = 14699923273545238120167631232296601962479972604389646857920202246888502080052; - uint256 constant IC8y = 14113362150999156476310073110539209986750711174991138574097387215312366569174; + uint256 constant IC8x = 8485997154444365276896303456998622212811060075371960245510349137643960424870; + uint256 constant IC8y = 18971147756928463123988104069945090628663771220036193309677633655768176076195; - uint256 constant IC9x = 8439229104977825388669923085680058133619691762568298479043167614828429982095; - uint256 constant IC9y = 18240117404538846169532854195037548821907165749996481825180835374832517741368; + uint256 constant IC9x = 869560992511000659737335884703209813934230477310115975214517656512595861513; + uint256 constant IC9y = 9440747965374440518266156764920008655009007660780695002896691660548324902543; - uint256 constant IC10x = 11470068336482550075073943174397386972643000630660996382156267717482343276882; - uint256 constant IC10y = 20866452478089653295612124088992944102461995428176614117027783837067597969494; + uint256 constant IC10x = 10075513747277939401510923250892109501000746804932194878164209575250161086192; + uint256 constant IC10y = 19463677239853278508101060261048204446854474135414502347125196265634997978764; - uint256 constant IC11x = 5791701211966382660399104629271827990912735697930109332538539212590763373881; - uint256 constant IC11y = 153318489220773001009409735672747935918849189063837110094732063052591331798; + uint256 constant IC11x = 18142247304487015474279350674984581244759430901903684804824817386897842183762; + uint256 constant IC11y = 16815230776141141852416945385119180374500213595674994163238538349964439222987; - uint256 constant IC12x = 16898606392771231052990567544051778925910589899871105246361034023158641157159; - uint256 constant IC12y = 3631355825733666009904874214578874855423710278467279916288619855474525466184; + uint256 constant IC12x = 11173485235242420725718659527560300597035854993339606351659335933202050850095; + uint256 constant IC12y = 3125389301302239565023836651248446337674097036446323994003684725538892424465; - uint256 constant IC13x = 10247329403841905396872124340913483963292585745607093613365322600357457687457; - uint256 constant IC13y = 18057379678526830268883725029519547573327109531784984832234011504205340806389; + uint256 constant IC13x = 5788036546752129523637322954624353970609666772643743143540775085934828808105; + uint256 constant IC13y = 12277669483316224305786225647398134683815519587025778198432062773479356824943; - uint256 constant IC14x = 9355678805354983609419201612177172575228638269901476278048006979878502187870; - uint256 constant IC14y = 16692888418935032480811326079443835813838711826121682467276641845580020694985; + uint256 constant IC14x = 18692434997265253699869020953988292539050476952423685004923557500376133891742; + uint256 constant IC14y = 342551473749691784471223997799655831725308362523273866230277014675082573920; - uint256 constant IC15x = 19470575851572592678964883715648962849258649150864531049938150618719229740643; - uint256 constant IC15y = 16087485769910776554782414147987056180184775349044797807400276313528404284475; + uint256 constant IC15x = 3084040488617678634451034700902142302706785800905803615641290997372934039629; + uint256 constant IC15y = 10352212961548725454680748878102714505537073915328544331973751367411853517968; - uint256 constant IC16x = 16927358836358577381649034111095642293434944349737262725338110349295469171890; - uint256 constant IC16y = 5633252844575746793504011224909489108395169921046386508695373017595756224798; + uint256 constant IC16x = 8815590700156507188706372103260708008503819884595719208068957182594452382706; + uint256 constant IC16y = 14307813698620902210202388952960096592994921369112382398769010587673674870895; - uint256 constant IC17x = 466385751153760267057088342819394273436492253355181488147745146987443561174; - uint256 constant IC17y = 10636681079806759477335090130399848626160046066427253831641198982014030636852; + uint256 constant IC17x = 19682561076054123708343034072843126868926418055716702330253403823575454770590; + uint256 constant IC17y = 18202466752687940422307455551927513340705521678216830096984410951222811772372; - uint256 constant IC18x = 1306160653778651739731417814007205094611179956111728369166488625644167470841; - uint256 constant IC18y = 7444879550181354110118157729417180300292135282670273926600932204849101017044; + uint256 constant IC18x = 18079786686719226777418719106451592827293061587859022084550603811634293825186; + uint256 constant IC18y = 16750707160442793558759266863875270266277084671857633225929130812325912806581; - uint256 constant IC19x = 1678115445428524411417890376810656256573782434876435263457891777353135617689; - uint256 constant IC19y = 18338814368959235131132148903471841522279798213196427195770744376229225984812; + uint256 constant IC19x = 7839704593259956918939767683000068050930985837516647710445231902435800918759; + uint256 constant IC19y = 891599776938399280676377598206746048465280324223262253957040578750254407865; - uint256 constant IC20x = 13475518625343317374653261886464125169531008269785394794386292166343992054809; - uint256 constant IC20y = 5932940654476357527753202165699205095329934257088828727832277287208370120937; + uint256 constant IC20x = 13445491457521330603121496349061226145494025993330948749299051234657497510253; + uint256 constant IC20y = 10848448834616010506430415115856238655344059072832369239747154158784165380574; - uint256 constant IC21x = 7921347123864641135079572825878900108520077374695289581231865590896941725406; - uint256 constant IC21y = 13630426985012118038457039705336667119766200581198072395526813535328659645427; + uint256 constant IC21x = 3034026451356886975121848548035566962951364895066675787683728668537065084913; + uint256 constant IC21y = 18115850563760447810677720398359362283046191905462848606359835630677403370860; - uint256 constant IC22x = 12444411055588360895738441441608818038189443178213456739056930867891670695793; - uint256 constant IC22y = 19844505351898837377485008404126311544873570189001934549491240425304683893761; + uint256 constant IC22x = 18290750884832548296973183452882808030816922576455927178515381877994640281090; + uint256 constant IC22y = 14100083568683442600810755492817047713951946261147225265199706432643775440434; - uint256 constant IC23x = 21749054833910211486879296937411559584455172477774736168887294488892823110789; - uint256 constant IC23y = 20733838143804177645847095182210650193921032035097913695993813013494796554878; + uint256 constant IC23x = 11960161265227847978578800186220836932179471295357657053427141622013030927719; + uint256 constant IC23y = 14193496910420947149336822166949074211001309021624854090710003301669740014614; - uint256 constant IC24x = 9416811339787510459121579505336239446177100930643837924054193303528446775946; - uint256 constant IC24y = 7496529505075181120033781430526436950403023957543412141861124587382165460116; + uint256 constant IC24x = 7779798651792299800720258938406055167179480947180721391877922814033001105201; + uint256 constant IC24y = 17376322472933947095338187051436508851173303005179012866936647440368262750618; - uint256 constant IC25x = 2521037654749916061705436196328419692378725242316483482537605406140966371785; - uint256 constant IC25y = 7481355955219106431418764349901209151469635161458088173530010275965718936685; + uint256 constant IC25x = 3888850493135703018846205869686083045811093602466434460731653424931761326221; + uint256 constant IC25y = 6269537785789749249629168156706952756212254395547088941173798585144723331476; - uint256 constant IC26x = 6159877667151052542275925153356898955756904311468966193307411548252975180841; - uint256 constant IC26y = 16957951729568467905949534948317393115956705369972511767296223548702535081265; + uint256 constant IC26x = 2624068077607055390692560935955875069652950189114572026383801229012281774312; + uint256 constant IC26y = 19336408024454147351672765601958115241727634745063647520918252448629844714864; - uint256 constant IC27x = 15895763439275966699350516503752383386910876897737925080464955955128432705111; - uint256 constant IC27y = 19175140840659322458007940683412165219686476779035525370589132195070063770866; + uint256 constant IC27x = 573279682226446286836562627953090350715956932874026047431522511730787917246; + uint256 constant IC27y = 14230584629774323911176258089456481563945539046203627005053099682053589731814; - uint256 constant IC28x = 12781043689434879144913554102394763693323529473062298868310352629331148459735; - uint256 constant IC28y = 6283658702263955451222955098326287456301140412421667344161433264750419443719; + uint256 constant IC28x = 4511570098943154775995495148771492291351043024536238686913034352965916533125; + uint256 constant IC28y = 2340031054291940797267154240028305737245337594820544906593280764149065244825; - uint256 constant IC29x = 2650177799351619826805750223838543610631746513548033885306673977535830512438; - uint256 constant IC29y = 11132853976141241068020587349960899145809492234214887160916201017351325157988; + uint256 constant IC29x = 4244298795288442828475342316585381618978030590322384652198362345941312928633; + uint256 constant IC29y = 9438334411692417939374968865080847314521367958416311859692108859103781907941; - uint256 constant IC30x = 18736799734640059151631443676921126568985757613276002385521759325513804802626; - uint256 constant IC30y = 13415376103030171487081928512271085772013030109823863742751982671727582658980; + uint256 constant IC30x = 17737337973100087486003606060674946694260132465844404962845799719962917758973; + uint256 constant IC30y = 7438304997446447325381090274100267847876769794265566934283357638123761255667; - uint256 constant IC31x = 21557286671905088889566402390265061739199292656885684789444524077382701944387; - uint256 constant IC31y = 21231741331124027945182785630154125653093132422383614600901529412439218627922; + uint256 constant IC31x = 5073846234920030162386412921623356988171236970692204160050544014274745465059; + uint256 constant IC31y = 14677270458799791786755022443638092287691886421830047066112814404323133288440; - uint256 constant IC32x = 12940528791904943075774630271648139819183770363825384598751929176612396816309; - uint256 constant IC32y = 11715714066859572983732294401113791297224107355127784357906283556606876697313; + uint256 constant IC32x = 2649033681819263291861473051971051186343759522480686104149113115044924128944; + uint256 constant IC32y = 368561605425021272655590601170158268253924682190949619461929724301292551015; - uint256 constant IC33x = 15336252354396723554713307983151576076480035697833410433905456356379362289152; - uint256 constant IC33y = 14285566909120907110744857231861482433624025779532059993332654722933225940108; + uint256 constant IC33x = 2733062167495935733708948948866685430872554261586995026969550966429718566022; + uint256 constant IC33y = 6411816009368917331257762188881602672445994519737090781581495901122113461081; - uint256 constant IC34x = 5884577964744879110464156647383403939257839388735429724437551422558173872878; - uint256 constant IC34y = 5958469892694001137576744420567992763085818335022123188788525319869299417926; + uint256 constant IC34x = 20250160139583654384387041345707174206762761262409783484616912329425844084625; + uint256 constant IC34y = 19016558756523986455860206302819973524969128216062592778785213073674762867523; - uint256 constant IC35x = 12672185381524358800675435215363054959069939703263610081597439227371768295908; - uint256 constant IC35y = 4991666983404014883734579567062205281670188976932731580697994319863342756299; + uint256 constant IC35x = 15894959450212660445607057078230066935166933771906424199978970131827817403090; + uint256 constant IC35y = 10045299443552736874341712125430822824696482027842940080732022345835796014058; - uint256 constant IC36x = 12479464787655150134135032355208700460404887585786595715857516484397392313829; - uint256 constant IC36y = 1018320791027450989526892580853893042106757239279085768037427870333029668144; + uint256 constant IC36x = 19067063999171834146975963353534064225201820362410195192049051511782751195044; + uint256 constant IC36y = 2506495847834216106513947518784734886166637826583036171765097900048189049388; - uint256 constant IC37x = 1710643914829437416138882539041939546506532462061817333836637216015869647662; - uint256 constant IC37y = 12758226704627400152672369569500323201628627877764341991772159440849241652318; + uint256 constant IC37x = 20048423250126485298790599458080889503743390991035522140783547095481863739847; + uint256 constant IC37y = 432499433100169474280343727517209507946637100968553874268405765061538477445; - uint256 constant IC38x = 20765423861987687018960117496746212962602364675866980462375997324206523750961; - uint256 constant IC38y = 16346792775445301799414964816645507499977984096536245002791954274903053139217; + uint256 constant IC38x = 4484001954171890993129130178754704164281480451053104064984831605862602260258; + uint256 constant IC38y = 7759398357222525722136480306881167291726062747218708405778490387263694708092; - uint256 constant IC39x = 769465146932722209788345881040630992027977262524965120307379443463936171679; - uint256 constant IC39y = 21443221478907556614563646521746551171599710041754345128056788823735122681237; + uint256 constant IC39x = 9879417966637100676391650403146342713449629632519434140235680754294946551949; + uint256 constant IC39y = 15451915567461765109128586274365779761014171030437692494597946077719634133869; - uint256 constant IC40x = 17934915773114640094089803521072902877108147466572877311941777900066340828562; - uint256 constant IC40y = 2089630803626128852847674177433115291541250343192228772428174089220616008628; + uint256 constant IC40x = 18015815737895485624311190888781881473280290704069209472984130604071174626458; + uint256 constant IC40y = 20571471454036622825620290594405505910463099932329480776779858769691471312936; - uint256 constant IC41x = 19069098312515111515913865066329616110413992526699008469047325420085649846405; - uint256 constant IC41y = 21815260540752989492591652481223879022266876419689747999044678166262558790856; + uint256 constant IC41x = 14112557685614179038383128489280480211113230260897628782350879610506723066296; + uint256 constant IC41y = 4625717768090043519906775978425574543701446953863907012515553618711405705039; - uint256 constant IC42x = 10809794399203216633674617798989033317170284850724966590352654005949446023921; - uint256 constant IC42y = 8433609511982756020036046061867269263905241468097428240413170301892914960646; + uint256 constant IC42x = 4983395328156700782015316268806625602806315033043189097352204763000436518560; + uint256 constant IC42y = 19482783890487649350151682111521490854662824643737828880902462296743530267628; - uint256 constant IC43x = 3652884951545472315780642784058908506025705241661109657711983058977740335518; - uint256 constant IC43y = 16718547234608374755814461499223334522439521447991730611938964364530421750378; + uint256 constant IC43x = 21633845127215409049488491876378438089702751885988973713465151949792257474714; + uint256 constant IC43y = 4371850726978329918834280756138306161054656307479387812738196935174831422645; - uint256 constant IC44x = 20399377428052555283592449607860423606769498358874252853329147197150739355907; - uint256 constant IC44y = 16556374609250855778134596484213736855732191729177044585168560291812583756028; + uint256 constant IC44x = 2548882568327324055111599210300480241321372701942701377576348328402662866139; + uint256 constant IC44y = 4524021331764945409786735318785913263007209055921801384420761006536725314685; - uint256 constant IC45x = 10708822128089989461610654435805634465615772424453005428200827077707345279891; - uint256 constant IC45y = 8986910629375303890530817347320539597845661305178427869950691804248585867467; + uint256 constant IC45x = 19659391908153913811596124442049624885170131973489352829333546344553135257510; + uint256 constant IC45y = 16656715280271362420772172624260010221348141492431711855276122544565474520702; - uint256 constant IC46x = 13749491805056691340349871073294477065213263357473867868125395711462162176129; - uint256 constant IC46y = 1250535023271277639774246389869019299402949021642971080092585731781818172935; + uint256 constant IC46x = 8896984418633548964127728431478188318864199890855270550143492636924721511210; + uint256 constant IC46y = 6919482284828007839477398069876856393249650014212985389404248094124722915240; - uint256 constant IC47x = 15639821013754284785460152597463271114837680345843427655802176975135241556176; - uint256 constant IC47y = 7497411966234756803281351283197275455100909191193475471732361426882334132439; + uint256 constant IC47x = 6518290439017095560691399852424249132778068085813366319163817711881824409791; + uint256 constant IC47y = 3284685835801965119116146561092439174219777476240058235867822621338673579331; - uint256 constant IC48x = 5247394744580383162319803883596549790767893837459941811796348428134340303425; - uint256 constant IC48y = 20494387416613468526541358070169052310945632991675833441592528596578971425367; + uint256 constant IC48x = 8033604856053776244250552744122408354496130970096388922815908609048973073414; + uint256 constant IC48y = 8336855926902257978469622445918692362344917252278601299635228486345513119588; - uint256 constant IC49x = 15954385881062613030007725744410323696099356779349117616497265076137016023734; - uint256 constant IC49y = 12667344345066946692620059164357275763295684555947058798684386937405656819211; + uint256 constant IC49x = 762719527935435450516891704363874770750583859888948178357853607647175574612; + uint256 constant IC49y = 8256041118766190616011652913286853532083118591061155675870667840754356402534; - uint256 constant IC50x = 18078434043538031119022650317809314372940509163736609186849977280253768224194; - uint256 constant IC50y = 3419971708207376779851386872531770594433226603112927364864376900733842905468; + uint256 constant IC50x = 16686189358510727991101848152813188162502396281005620677822213040498626183631; + uint256 constant IC50y = 13510853093329976521861634140640716845068141465351777749353954827649112591159; - uint256 constant IC51x = 3759145415901156720437452986698072719112520310450557525399263838265242391827; - uint256 constant IC51y = 6716939491258801222935133951532004171520559705891812293321372970851631796026; + uint256 constant IC51x = 20863154444170938062541635700383799267943965694931673908472103491360316658198; + uint256 constant IC51y = 8047896606703175255524543937848475341214773991450368177617603514417408284270; - uint256 constant IC52x = 7364733738232452043160914112067800746593905436783431339219885422871006017641; - uint256 constant IC52y = 5945701054852610437357795975805602116200656742603744603199271067047054100168; + uint256 constant IC52x = 4047537306843338107901229832168496874090806043500283381615935615881345211899; + uint256 constant IC52y = 12790093502738348919276084773794473095147923720873582923150684934895855964843; - uint256 constant IC53x = 10161087304339651665742850572903580167606445505587584113126003091680506085981; - uint256 constant IC53y = 3958986789563191997480973479407045271476123589250947494184240050711031105990; + uint256 constant IC53x = 7330815624523775722379710936527938383081945716002232059659696872814735920048; + uint256 constant IC53y = 11025097549787579052576667472578692374447143298962823741805882088598771978547; - uint256 constant IC54x = 2726263682344228078348252481826417366560238713527921895614086992257330158204; - uint256 constant IC54y = 997958397940019682815220974948716632066175974786808238577314576661045691960; + uint256 constant IC54x = 6231008058243754325016081071935251733134866552710735080928614245502954021040; + uint256 constant IC54y = 7318863159203743682119100550284270125004015068001103343401793604986091890654; - uint256 constant IC55x = 1926242511687472557058300862839601536946432099790245016559074402316241678910; - uint256 constant IC55y = 3319640688574460002522461016350749706380290607848043153947150634655864667434; + uint256 constant IC55x = 21158029041222423410043352319174457316558083678598576072929387420624163192416; + uint256 constant IC55y = 5531279798799451796652659709739245849351203722729011301214119743849653788069; - uint256 constant IC56x = 12522272332000206141418060323853365191717642829460663005642057685687066553527; - uint256 constant IC56y = 20568028321555624779555553726028836003373111729620748325061447026069428351834; + uint256 constant IC56x = 12014862035046951355101419994223969637282254292721192822372859423245150445446; + uint256 constant IC56y = 2311764065876764832527366306553093967932622817497205041098152431617162581353; - uint256 constant IC57x = 10283706090108198136650704995011662511751290065821609863052995267043952980988; - uint256 constant IC57y = 11632752132030441524555083263261623579731945265325046704298411976535588246882; + uint256 constant IC57x = 21695280614967710084389748570241416093602962398056849805774508816194950194787; + uint256 constant IC57y = 18191654181966122754741527150719336027917617691575071992794751979286395392305; - uint256 constant IC58x = 11750786146065218417141362677202420092073967551645504253517612595274898423357; - uint256 constant IC58y = 10851933161697204467076247982660120664809926930484917818774157530383622504538; + uint256 constant IC58x = 21047846330841419928502996231645927247655382607859750880249123377525227364150; + uint256 constant IC58y = 8402491704424326339367963738500912842656389498202887832115378169344708513916; - uint256 constant IC59x = 19025380440651297123274829482620960985789531251016373554555913573051339816420; - uint256 constant IC59y = 9133147662047865797501214799481608195872979317304905168224982706262707448693; + uint256 constant IC59x = 16344244402028661110837125795426397906771725930572024004274316943323997456523; + uint256 constant IC59y = 21727029327269051634516907877146408348576114856630675172891629001833243048204; - uint256 constant IC60x = 5782393520656463621751414457114290106735644642923732449998918283389037264095; - uint256 constant IC60y = 13620477319273803945249692179490042363671331459259852140866717956107673841753; + uint256 constant IC60x = 1519932788273488551267386972646448462828859765352364410394075676949554336196; + uint256 constant IC60y = 1979959948671052063532067178298821868327541781645157457232819226861627360091; - uint256 constant IC61x = 5607738112777235562463163473215785586728084839420819714984382481115129089347; - uint256 constant IC61y = 21512738346967511486013351746949884469437059175937970792978006018659680461155; + uint256 constant IC61x = 15851885538948597596279699719636980170694995391190241940432604960671958363820; + uint256 constant IC61y = 16395946444733592540419673435491743548984853080511400784779076941597452257989; - uint256 constant IC62x = 20464354001101222902864737492093113414317555530837891882792309935662575912331; - uint256 constant IC62y = 10326757472243180920583015806255654663741889238757369760315492840164334092336; + uint256 constant IC62x = 15892532567883815305704420388191894385518913231207078932648068055695706659905; + uint256 constant IC62y = 19847117276181937517962758799664161738662138368350262518470665046389125666410; - uint256 constant IC63x = 15709348470066437218193520187942944684132450447428583692826298750685054700181; - uint256 constant IC63y = 3213872110886145875919374026933926950123433489246192124387780111602051935165; + uint256 constant IC63x = 5666231684381871047335202691615462369540432942935744756615905034997241358593; + uint256 constant IC63y = 4517591676128014860099623345457663896060365914890087331336249141431435990057; // Memory data @@ -591,8 +591,6 @@ contract Groth16Verifier_AnonEncBatch { checkField(calldataload(add(_pubSignals, 1984))) - checkField(calldataload(add(_pubSignals, 2016))) - // Validate all evaluations let isValid := checkPairing(_pA, _pB, _pC, _pubSignals, pMem) diff --git a/solidity/contracts/lib/verifier_anon_enc_nullifier.sol b/solidity/contracts/lib/verifier_anon_enc_nullifier.sol index 22bf4b1..a612f9d 100644 --- a/solidity/contracts/lib/verifier_anon_enc_nullifier.sol +++ b/solidity/contracts/lib/verifier_anon_enc_nullifier.sol @@ -43,62 +43,62 @@ contract Groth16Verifier_AnonEncNullifier { uint256 constant deltay2 = 8495653923123431417604973247489272438418190587263600148770280649306958101930; - uint256 constant IC0x = 15773332710818000401403228889656689210332387304770773520232049448168161325701; - uint256 constant IC0y = 18681081837015129981466661911131589221423668520600851700311005068450691924221; + uint256 constant IC0x = 19876750659126084648781916267169952039898085452793506656455360629047775833084; + uint256 constant IC0y = 10157630826254470353592493547211159375103615251420332486004982741410889391859; - uint256 constant IC1x = 4261823687060649865010475628520793943542298792100939350352735576847660097791; - uint256 constant IC1y = 18564502704515238859321228827425826185311718382260385940718634768251782749601; + uint256 constant IC1x = 1006419871379194227645853228058342790633803257715100685836501427758792979718; + uint256 constant IC1y = 13679553887979892686379890265371954685898253143000822089264094714043237252505; - uint256 constant IC2x = 2546629369453778933747531190967458151648435674152255217145870600380435404333; - uint256 constant IC2y = 15810344736212138994097931033904647206446731552442117072590310275113646296107; + uint256 constant IC2x = 3715728704259722993638903237986848760512440720041106088435520362949498063590; + uint256 constant IC2y = 8391552203277376498738529495525939133072398798850813999514972446995794089460; - uint256 constant IC3x = 4763497726568703662529336242448130719053481022789217961681606277239505684481; - uint256 constant IC3y = 11207590578295540857938411952012388219083373533028457942270620766513530104279; + uint256 constant IC3x = 5031826911441025949291520009973483009524287753952139587396797636282286891244; + uint256 constant IC3y = 20579087454021924361114885033880187179171289198562214730578278826911706970910; - uint256 constant IC4x = 10480688194609241856860326136300750655427709140897005724757216937409932204006; - uint256 constant IC4y = 1795739739550238673045726681540468432857161048124438474105353434726595366292; + uint256 constant IC4x = 15815995414752784966273617997528858494841241711794753514570134184286924819262; + uint256 constant IC4y = 11375983276465989338201518952970544302185922017641036134919019359457487991111; - uint256 constant IC5x = 8498272780988849099892847742902282774603192444606769210656905391164793767117; - uint256 constant IC5y = 20431288654962695883598666811081690368227297793600973862547327913780037462800; + uint256 constant IC5x = 7518674256187085253307353359020854137408714360645900035693036183007512483329; + uint256 constant IC5y = 11995938012397982601418225280628342446621544366858946027840346934499404102632; - uint256 constant IC6x = 8735907723984035071194933650793185720756700927347269454942612698681915739294; - uint256 constant IC6y = 11143248332385158980691637302415511280772228259247564863682468157667121499262; + uint256 constant IC6x = 15267374712417307293040940994030902104959977118650909337663099566364626518072; + uint256 constant IC6y = 5530990323343555014269262862257996754924002498968209622354556585950187481843; - uint256 constant IC7x = 9487179344669453791107688785744897897728963718045776365029795893853322575563; - uint256 constant IC7y = 11994909537101594249022002959071958173713472035292980115545305088898921227238; + uint256 constant IC7x = 21023255143348233142500714355446951501540115801774857194977224041618458264188; + uint256 constant IC7y = 472927785540481717106345971778958190234217026786776559831791237013589093735; - uint256 constant IC8x = 19768983268337967496600114397326028973450777158854931801911127508546702825271; - uint256 constant IC8y = 7526453418333700747786300034669802940086864759669788958459227364398007655316; + uint256 constant IC8x = 17825919756494338352176536684358621929760494758008587254717725749503135478308; + uint256 constant IC8y = 17068224520116873027698813365878576588002459283548668758602176285663561662029; - uint256 constant IC9x = 19081117049423380572511130119677374584710481127510881189267358386414285651431; - uint256 constant IC9y = 8376617478540777146094598792616525743199541273869167056145908132069456457178; + uint256 constant IC9x = 9288340017635717823974105519466830937027590535672869512830371680650438882883; + uint256 constant IC9y = 13498219009840384105182320344308054758257473214160879680243446950578858396027; - uint256 constant IC10x = 8224686719734282667612130447363639758359078852413255215658929590906440465725; - uint256 constant IC10y = 1840928237675218500872004153746553319636987853789118938796875868969693615505; + uint256 constant IC10x = 10825805175323743955259462349719064635903791539136337995876363102780409208827; + uint256 constant IC10y = 1115504305836721936075079105116529305538449162664295634073062821015745088090; - uint256 constant IC11x = 19179421147045679055673519675549984469523481520372701090905083654363760125416; - uint256 constant IC11y = 4019056863193868934071715328814386859259511244752399649660459784715512402886; + uint256 constant IC11x = 11669813518107266838225949957024795758089449338058567689706264445951118380514; + uint256 constant IC11y = 19311572555190098865151809991755342479851287912918808422593052690140358084385; - uint256 constant IC12x = 19283842924967851578981102210456552567248953624525117226338780074149607425100; - uint256 constant IC12y = 2830276538555624729012629124920934591734040058585441306426469049994555956854; + uint256 constant IC12x = 21683312098808000171240657259566619722289832612554258742888436811569815040989; + uint256 constant IC12y = 13777530128943642245662042630547869743512576001282756663023877807803685507403; - uint256 constant IC13x = 6434496284281570137436839464623199967310790418269055391308264573652151904337; - uint256 constant IC13y = 4994072582147284150579106380100877515293863633477691677373801250191685805077; + uint256 constant IC13x = 20156597179843111967026721274386866765737696155720692112461739507711012810100; + uint256 constant IC13y = 10907371635030104915567475668490816721583549559437093210216617280595829192040; - uint256 constant IC14x = 17005576150174365373396061627407017624661092671999029894584471995897062462760; - uint256 constant IC14y = 4070130853909280977107684146778577247894774985430806232662631930368523536022; + uint256 constant IC14x = 4692594447702510658546900259188561388604882931717359330989201667570735328686; + uint256 constant IC14y = 1284708522029385151074943772571615337152095962882580914473267923470779211000; - uint256 constant IC15x = 5785866560315779135125479505635807135061106391211015829339432709326520595444; - uint256 constant IC15y = 4444051196367818652263003615523585637750477144596933432910955543243867664296; + uint256 constant IC15x = 4409581048357818185214443303715108952889625783089488762783573602156065109832; + uint256 constant IC15y = 11439409580504544242238613785228385917166255947401354456819136268098590113178; - uint256 constant IC16x = 8924362524826626171593437355743187643942578952165292888635888447793838524765; - uint256 constant IC16y = 20624208786702894201574008881850750594220878750113071411343221699297657171412; + uint256 constant IC16x = 10083443781280644917399985313779247136250342774052861677887555888187879416054; + uint256 constant IC16y = 20118894154839101543157744291472024541467090297460046537117806913364727496094; - uint256 constant IC17x = 6477532669648251475857068683747190421623622324126337548131863375767643569461; - uint256 constant IC17y = 11935132288887943539416555561464165069593669700028517406247497572625693496236; + uint256 constant IC17x = 557787694688969716784460976822327229535335668870777823826839775158554547824; + uint256 constant IC17y = 758367154990127281411051038369275611551408244159114882061221660753636478055; - uint256 constant IC18x = 11733799821122062171541616701737653409140086965845965239303635816197563207482; - uint256 constant IC18y = 14720771120719946659157058295715607317354022440685046136208947896838811551783; + uint256 constant IC18x = 4926367635472940276029209160780064453495162488033051992210935046978208551129; + uint256 constant IC18y = 17450687001922454375745873524743702054821633833645906243064145565845267231029; // Memory data @@ -276,8 +276,6 @@ contract Groth16Verifier_AnonEncNullifier { checkField(calldataload(add(_pubSignals, 544))) - checkField(calldataload(add(_pubSignals, 576))) - // Validate all evaluations let isValid := checkPairing(_pA, _pB, _pC, _pubSignals, pMem) diff --git a/solidity/contracts/lib/verifier_anon_enc_nullifier_batch.sol b/solidity/contracts/lib/verifier_anon_enc_nullifier_batch.sol index 1b6aa84..fddcc1a 100644 --- a/solidity/contracts/lib/verifier_anon_enc_nullifier_batch.sol +++ b/solidity/contracts/lib/verifier_anon_enc_nullifier_batch.sol @@ -43,230 +43,230 @@ contract Groth16Verifier_AnonEncNullifierBatch { uint256 constant deltay2 = 8495653923123431417604973247489272438418190587263600148770280649306958101930; - uint256 constant IC0x = 19217537801267694957539759070158122868484665020740676973199246417482535045007; - uint256 constant IC0y = 14890590645396320527758218281502776240200960822810877247964887728574237782523; + uint256 constant IC0x = 10857768194358538314597152045783934155334107736918368597696105768676212161377; + uint256 constant IC0y = 1551548171949368970925346068541575651000718431760521670490549085538687580360; - uint256 constant IC1x = 2458845034923237576954135524681777157141487752333304866768869522858381367555; - uint256 constant IC1y = 21453325368051334210667579978214279522151243737774317389691967386465464785486; + uint256 constant IC1x = 14588657582801639408937279843859231734880127737113089109447558940418853614779; + uint256 constant IC1y = 14270623203395264219426702964443203036050040299992199641698592426332349619398; - uint256 constant IC2x = 6917087986800490981289312000984454820473545909511387825804720073340917837872; - uint256 constant IC2y = 2898048348575271793382440411949747868545552883599648380785068384524633713063; + uint256 constant IC2x = 13135368820556110030460013304378046508535906620084175730907419358915557603829; + uint256 constant IC2y = 10112779695325998864588748108456082491374975818516659485960543973729520798853; - uint256 constant IC3x = 12345384099343369963411142527052659537174879997428200624260400052457757170640; - uint256 constant IC3y = 21504026578436853050202298942786091245532679869512974657320994825847309519790; + uint256 constant IC3x = 19797205441434515503986304133552067429488642533210813091677813273868948412520; + uint256 constant IC3y = 3668027752620361087268658844895342798986261333705883847303486025263132511301; - uint256 constant IC4x = 8295942885610917162774335321517534846659413408636714536059104766417496988687; - uint256 constant IC4y = 6368926361337954845564453906009074741951993711306962274700243539769754117866; + uint256 constant IC4x = 21650017326146781414301224076216321262138091509402450867783016337102877083321; + uint256 constant IC4y = 8899356409675534961567207862945674519692663785942434954291358650301375585303; - uint256 constant IC5x = 16314040942263602940727646498557453265983271018928011668882132884502482628021; - uint256 constant IC5y = 12813594401568803290655032437000055041705798378216479550965312581114851052908; + uint256 constant IC5x = 3652696515059300354063305269323201634257733026059378405626239779412185486961; + uint256 constant IC5y = 2797593968101997284996630534131979226227593880936820735371318427444796682785; - uint256 constant IC6x = 18703554633702962024743844656646257016769651037463609703447233021373021855847; - uint256 constant IC6y = 17063635812362309846157706920614507984428768691846294091793683855011540156925; + uint256 constant IC6x = 4623401628587947458139760485392513940092100820765002768337933595735657837833; + uint256 constant IC6y = 16915253145147865830493096188334466347397413059805656346869036690463147154550; - uint256 constant IC7x = 840372968238118238644593711350900108831857061727216855923803312917142738862; - uint256 constant IC7y = 19700941462624080545496854665489742034362182494169470380957145517027978876312; + uint256 constant IC7x = 12827823753552334302468725162427095261755116012708002987548340386275677726085; + uint256 constant IC7y = 11226221182181486224747039503561912896098503169458364652548743214848374550499; - uint256 constant IC8x = 21312516150647030030537136387049589816266738531033125554574448236414367632672; - uint256 constant IC8y = 2716867834079977575870552131130700773958633314407712682964810985964916830076; + uint256 constant IC8x = 20898559226326288889681623130919692456738317923548537960901153367615019268068; + uint256 constant IC8y = 9070428335740018739303508108600208831132580605773750965820052322977639251942; - uint256 constant IC9x = 4064843066946103379876227299278763710636345346922862457626244058971887111684; - uint256 constant IC9y = 18377284634938210928923790607893095531788275023095101404541713925997515838661; + uint256 constant IC9x = 8050097890914828889023932208013143535158869752052709859342955716385596549091; + uint256 constant IC9y = 8395274521796654408400797569281540296411653812274481691980427197767442464318; - uint256 constant IC10x = 6358987294878912302577825418865952112377794402728762166807736262055928962581; - uint256 constant IC10y = 3298290856073470069604079586155864226097477393533663864387515863558767943284; + uint256 constant IC10x = 13922997793745763139199091435552194624924338984276118041923137165159414489617; + uint256 constant IC10y = 17190760584181366214482348917958886830342960073788461163240752374739039367517; - uint256 constant IC11x = 6476756969881033416254545132002747825238989821869683035410765797195571077604; - uint256 constant IC11y = 8556104489766592854854647665076480460454491377088200406873587420779663178793; + uint256 constant IC11x = 18573754346782716206331566335772815584107457268594228676417638475501883398507; + uint256 constant IC11y = 1276355044880646498395596779226345053506691615508461180965615150342596093068; - uint256 constant IC12x = 21604235171203640567425754182130744234178874507423755278922305676842742843355; - uint256 constant IC12y = 10019749963276411427163563602488490499882481121214999757469160360964302290204; + uint256 constant IC12x = 2673539901155835498016297649459370405043711545721709136179600384236599195441; + uint256 constant IC12y = 7435538874647432820547059117218831049516194963447372699909663787606234244210; - uint256 constant IC13x = 4187548419108484620829850058776572334742111454307714273136133270391063262690; - uint256 constant IC13y = 8803535773688355710704662331874792080312880250113405726628363303362404210442; + uint256 constant IC13x = 7082087086596593606152406967047300386957049695099683464929745927413924013410; + uint256 constant IC13y = 17313354662137902697255717796862264594146831120263509969356399881355284453245; - uint256 constant IC14x = 2724351901936809885614843514953009165676898457017440586615215550329523429130; - uint256 constant IC14y = 3368198594829198216248681522021512854394824385929923522583668760257697634106; + uint256 constant IC14x = 9623241897418550147311653622048916771059084716645080539170198888417905276790; + uint256 constant IC14y = 6797487823008499289482673886125102026103721769980091111118342554070587284088; - uint256 constant IC15x = 7378101059384478788462514573762863508787606558656596446392749157424064991942; - uint256 constant IC15y = 20365236435755744362605904963444568085097472381165115361346069794340503862197; + uint256 constant IC15x = 8479487671543071115911363252047909495674631323589272460154209800083349869257; + uint256 constant IC15y = 3612450141982960000430513805106849867756778088060194804718707745310286896961; - uint256 constant IC16x = 12790442221582748012451695720414604697801006998784779782845049003170818060402; - uint256 constant IC16y = 17603456025706177607512042782490147335916336584240042971857535331833823950042; + uint256 constant IC16x = 6821902694575917726729513891819547198582660125414204630215019272992397765102; + uint256 constant IC16y = 5712334086296308915849533840724578183836005055892623925736836078857306527169; - uint256 constant IC17x = 3851842572866308712169846424919702445894635560335596440046845671710687956873; - uint256 constant IC17y = 12575879180998918402386482413203350105509847147526490174314817605412191061272; + uint256 constant IC17x = 20826828608964023659231985349704436132063025732865231636933188732724229411855; + uint256 constant IC17y = 17839122737466360433763412953014067139047648522719765671392834780267424003504; - uint256 constant IC18x = 8849435654982866896647119963125322358030272956082548156086095981537278402215; - uint256 constant IC18y = 8034939600018738334841503124976442110938047409001051764237872353304629439573; + uint256 constant IC18x = 12026046725093986521936681237367505500667270440561607456913754947526555344433; + uint256 constant IC18y = 11134702436012104753714718437244204696034069597893357529274808560586487041683; - uint256 constant IC19x = 18098810952343365559798635927128628598335631103437358237740844025722222351622; - uint256 constant IC19y = 16516180718424763548403377389225345087624883654095186741396600620463428312767; + uint256 constant IC19x = 4574280582890764783558975466068406949012517836616841998486334632675529966967; + uint256 constant IC19y = 15846592310503827291280402888069123046276816810230296947693855874210634897291; - uint256 constant IC20x = 6579364091033795363462966653813241981708732427900703745748034276632608355973; - uint256 constant IC20y = 14794965607927550649559984092472123446636534647123626827149760345662038545010; + uint256 constant IC20x = 552068498342887768812099869866536959489327984824118802930850366451374910761; + uint256 constant IC20y = 12129711921583486092060444306009295536785476561521077885641863153904968550057; - uint256 constant IC21x = 3001451431393088702170324146257904202930168436525194360056543452632359790122; - uint256 constant IC21y = 12501351513042157063508255457220643676836352019579114665236573188863643453886; + uint256 constant IC21x = 35176914906762006216694931727792728048628009777033065069148278568613590699; + uint256 constant IC21y = 18058778029527063862776255317455122603612362893636939924117082347476024248811; - uint256 constant IC22x = 11942247410949004404416485453875658924229030720592874191561708421687629514577; - uint256 constant IC22y = 1421248357425203037573163623680169679950216475163430615222441389511611293589; + uint256 constant IC22x = 16196397870560278701563331844896598282045038093084429632905028254807690392187; + uint256 constant IC22y = 21657460375281031799499817367875046770454748835682409424465614212808894469745; - uint256 constant IC23x = 5924552212616721590180004751104062729971995774011665978090652907729492407690; - uint256 constant IC23y = 17648544619305644385179861819278423699351610190370302302782680895192029612411; + uint256 constant IC23x = 13646067610627278801288663785392091700343280238288674876662200573900835215907; + uint256 constant IC23y = 1881671896769581884207942674093567432802826560154982588372887460508857893515; - uint256 constant IC24x = 3852410005009552403509723499950390111200939181225189955073499776801882057859; - uint256 constant IC24y = 6146695597909031860519291933903293536528249979898513663021242312319464941810; + uint256 constant IC24x = 5614009327966828687083870199045704608356331042583753955359206092835397597027; + uint256 constant IC24y = 15372892361541144090465249992591722178863954946071772938944180664654818828543; - uint256 constant IC25x = 9247616232285400811073826135240721400561648775034940006093158219534855129985; - uint256 constant IC25y = 2640261489836069291278916115064522602809250287607948726708988444431435707457; + uint256 constant IC25x = 1498929179339859981887512998084588849124227068666268013099808455877621963803; + uint256 constant IC25y = 7910331318425789254048095716253514723806783780379575570917432233706022188723; - uint256 constant IC26x = 7678048002991743186727896008179101418130527872753399751743968425005524398965; - uint256 constant IC26y = 3392574415890546585317056513324401263410990249247954196241198242445003365560; + uint256 constant IC26x = 217247954099122575458637857462854752748498952701241258357496332369230539160; + uint256 constant IC26y = 14058807406880304551223000306982972305142998725126948868850812104243479321324; - uint256 constant IC27x = 7741508021482922248975388162348352525531294316776044025278749458052049431092; - uint256 constant IC27y = 10061313902955383668088273855929795857089646056508670980726293954854402737420; + uint256 constant IC27x = 430355509801341810133435178938583521244278906564175006723457834948692078040; + uint256 constant IC27y = 18749893180686672959770986175122378529608535349191403734529092834350171038470; - uint256 constant IC28x = 6562691754111202415666082753816979207691468080205131183924439567347912902869; - uint256 constant IC28y = 6344532931998717993276744252241201010738794788325943472038713989071390084516; + uint256 constant IC28x = 20785267342760452754508386421043572085700759236828338637645586954138110337447; + uint256 constant IC28y = 17232279810560518722565445717689236704547081191951847271658306446375995721765; - uint256 constant IC29x = 8705383044247372786727225245213936989481335408510379605597943655773592769897; - uint256 constant IC29y = 4633017540698505878365628680201009868479635214348267338676926045606388125469; + uint256 constant IC29x = 14828539470541775206907007647640991192374577253146751470945413595997758766438; + uint256 constant IC29y = 20636266116512194880537893502304745011905315899016958036003341230027114696328; - uint256 constant IC30x = 17964342555248266235202549979909032885652363928372682447189601453029594350713; - uint256 constant IC30y = 8291352501386608509191006020538912622590188422694048221796733835140743075846; + uint256 constant IC30x = 6362433393251530635726976347941818083881377807565015744753393676431197377728; + uint256 constant IC30y = 17290317586594588071616002431475986595423204832542336389505352030052018438973; - uint256 constant IC31x = 21273852284702995833408839626629633436749858568256501644701951962582811103262; - uint256 constant IC31y = 18953474452989593494992379158383489987955115902236814560897478376687604683021; + uint256 constant IC31x = 12031451174133590769007305909501328912833754463491657014430525810498287873101; + uint256 constant IC31y = 9671194948697245862875430655803499459356273204263654693271482110365056491506; - uint256 constant IC32x = 15999826966013580868113696432513390266704706616728089191411249704708154774986; - uint256 constant IC32y = 5675893162769614267097674220991526257258036763497879884263724290538034643054; + uint256 constant IC32x = 16021565867372018867507220019489876974441461100321703931347681941849592519477; + uint256 constant IC32y = 11736561699016988991253310519182109984518318839358799406257393145762572723826; - uint256 constant IC33x = 3053982756385888224231620837863918518883907052505512798602177492692753505528; - uint256 constant IC33y = 38547646871469253723790967403953954342325053602252665195841575248185579548; + uint256 constant IC33x = 8200654606945508236816804702951512164840224741324026288118071234406945136731; + uint256 constant IC33y = 1985033951745928578429658688753901785557359647359090081553586066550690860180; - uint256 constant IC34x = 12290750332906620508786394826438786658461811128724285564358419882473318286055; - uint256 constant IC34y = 20649236855344307101945108639728064898260245272725874780398298925947407720180; + uint256 constant IC34x = 1640774704000911509119308004239006555149330558130731176218730309685179306947; + uint256 constant IC34y = 9295140487943942057633431978771524530551049498124720002254359354125763405455; - uint256 constant IC35x = 21123277002588670947416467083386366326312832649485763973013785814255532697733; - uint256 constant IC35y = 16425986861789429560479145822445086165103201837072576944155696376984831394175; + uint256 constant IC35x = 17093734553773960402388466535220773941100757402335509298424866339239222145193; + uint256 constant IC35y = 3059128605117733304330480104065751810591575836619067951667044079660323911649; - uint256 constant IC36x = 14698906939955789456115142981511156655482438724705493194693611836575602047678; - uint256 constant IC36y = 975221092168539271608327236217704450964028529427964579813238090638259553377; + uint256 constant IC36x = 18264102007239643202358631369090727433461217483169515568065273107416880604399; + uint256 constant IC36y = 12143290151506783504782097020942989389269794589152906534195654995143102193270; - uint256 constant IC37x = 12985962913023133640351315427038039610315448708895624766001624807948877636047; - uint256 constant IC37y = 11734463998145696188744527813773539917622566641019599993641061593724680895935; + uint256 constant IC37x = 8428721104338932910144867986251826915414990412932978591034039042589214736930; + uint256 constant IC37y = 8855417831368285984534171368864290514645275716953702202644983517435735474062; - uint256 constant IC38x = 16077998580926314769184160977531197959561228848820808224824825019538872269812; - uint256 constant IC38y = 18051517238082980446564317606673452928213736670021543630324769387851605043481; + uint256 constant IC38x = 11932843103499370774214761436679587076111275171951602594808492814845035422933; + uint256 constant IC38y = 691857578701180269144433604942607236184389145123046325827801577397921814828; - uint256 constant IC39x = 5085977842284545822563309622556575720986115090525139685880730298447345055166; - uint256 constant IC39y = 15311248373785821204569961460772002221139957541676255135805267426000258183098; + uint256 constant IC39x = 18313922732421399366802902051074755744274071755751867844450868661465138174030; + uint256 constant IC39y = 20657589528611086334891836595390513437994430409102519679963972569081532760535; - uint256 constant IC40x = 20051155217605155286508416252077900886938393222358119831160001945498863388113; - uint256 constant IC40y = 17264960727921200755357029820669712450505626133576443715913677414615924541235; + uint256 constant IC40x = 5737591812836908688455167253789575767302444278194066173184070180744214280194; + uint256 constant IC40y = 18609635643670896696549784215672499025901018147627235066095455825418142825805; - uint256 constant IC41x = 648220535908114594443973984467321684783032250050570230192148754952591423800; - uint256 constant IC41y = 188877397589030783635473413404716191633392400171919152156873972393897459450; + uint256 constant IC41x = 20278278333579053464183574983237084138303103723212351493753958889049485376781; + uint256 constant IC41y = 17782657638359447051647592853506973349436993753299894190056310276416878165277; - uint256 constant IC42x = 19439662478625208054902315420607333969867046011068148467370996816524965653232; - uint256 constant IC42y = 2333640222842586397570878422839337046915190766331506141848065607790831798373; + uint256 constant IC42x = 8367059665181079186528582197123102588689602937981823625326270094149451536517; + uint256 constant IC42y = 13533135439018576382410911103119438381317655350188498259514354938167828351698; - uint256 constant IC43x = 5188766875169466268045643524405834185741243372869014932440825081276229198653; - uint256 constant IC43y = 2317853041616684816904015956385433643027447639206890165338816957405649038623; + uint256 constant IC43x = 10710324277604133223652870346494841115766125505412819627873931900562308648127; + uint256 constant IC43y = 835443959522164685535884730877434707142419429390233232546806052213058906537; - uint256 constant IC44x = 1458891349966087469903345439317648653744547511523311007393705623293780183769; - uint256 constant IC44y = 6666818570811324550227488402552271031329814753688251317599700512260023127154; + uint256 constant IC44x = 10190313297374595085128899183242823870538844395173957213930013273857126190157; + uint256 constant IC44y = 9590027764386155384343137359812160039270984799297083253615662211992466067377; - uint256 constant IC45x = 8533296678862895828338136497193360591760708003725926933253048343989340457424; - uint256 constant IC45y = 14266794324333419101000813404158573121491569817153679476936361551889805993654; + uint256 constant IC45x = 5127701003800509362092012987313242991181389443752275914963019881007076681969; + uint256 constant IC45y = 21106373523489636465875661704934704450713452883809222214575535712213772691988; - uint256 constant IC46x = 3400328967031464736674306624816381095619778236004942533658937507475094309512; - uint256 constant IC46y = 8730747781417225922242078398629922467737962158095382688689820097274561548979; + uint256 constant IC46x = 21251844251739602049905559999440001661933522877836787511459551029762795553768; + uint256 constant IC46y = 4461852991203369177281856775388032474308376098547954352881757483707243960492; - uint256 constant IC47x = 5901595094199181074567126796958274204681354255285842611531902927431839563045; - uint256 constant IC47y = 13729275504663757937866220834341628104143067447179879648229365011602613176935; + uint256 constant IC47x = 11112510306315834925133583455293546665790029576877121304743879820849112239574; + uint256 constant IC47y = 11385073960475161414263547617493580482987974358109056930913742796656451434113; - uint256 constant IC48x = 13487698366490852429804211493291156834624486082910984772199445696354126191885; - uint256 constant IC48y = 21820432862734873270317526132706662960324128442688220457497099344839239892164; + uint256 constant IC48x = 14085383499391738104124103009192017386763342402227477952765942319452177549841; + uint256 constant IC48y = 21767397946694622118459525312393256593264361917242986164985821123942842708682; - uint256 constant IC49x = 966314658444985962080073829511193349975328779552440119074483222790878019291; - uint256 constant IC49y = 7904258038244593708102681608752174098891875374638683520583075451222169910307; + uint256 constant IC49x = 4594697636626883683026684788149112839173818572790425888690620436487192708104; + uint256 constant IC49y = 15318942332787673498467322528948175113023800541832714852865266489463146211133; - uint256 constant IC50x = 13769688069719349639785981513026022567584600172718207771564162745119660680122; - uint256 constant IC50y = 8131498970452788922855730012266571576416986889997168860462922535207464272985; + uint256 constant IC50x = 12723642669487993809757271947593998575989448450414103364438128358594324043333; + uint256 constant IC50y = 14554518787962701054328592062886716589952687831488816105655759240233901302870; - uint256 constant IC51x = 9221027708572641094642198526145897693505390704440277544000014085275385777726; - uint256 constant IC51y = 13934559619024992734828462544673950804786185494248438646536254878035441136115; + uint256 constant IC51x = 85133179060454883037313071175049700673863144128662372957803647223282502560; + uint256 constant IC51y = 7871257133812178163028061310977450954057825614043212613572384171597345881128; - uint256 constant IC52x = 15156627858116432455754635593951997695631362081699255265656991022292960956121; - uint256 constant IC52y = 5247536538904900799072671874044308141855717831447159015450376550116893900879; + uint256 constant IC52x = 1342657553906280138243319647706200196355957216637027173395288566450412119894; + uint256 constant IC52y = 14674124676602567534949781813257913237191167030310725044592635024301338017658; - uint256 constant IC53x = 8128171284741297453475773678120264018027378030869583849845111087061883953194; - uint256 constant IC53y = 12000928049978373790088680332328420144989299979646264454602229582991230713492; + uint256 constant IC53x = 11861281655297301548410648207716081773199641162211247643314595471354164682905; + uint256 constant IC53y = 10196389138883482122944241909716121500057498190147552712869019860068933027273; - uint256 constant IC54x = 15079635714503317031973915832729692812962912856762722419745941123850965536791; - uint256 constant IC54y = 21219107267885063520580299025823809517880318906241324857750648574137733612340; + uint256 constant IC54x = 20200891942962698605638327267502185999986230571031250955158609431588859667173; + uint256 constant IC54y = 15153304292411539359389306889752308608688351646100972117483073029010234843666; - uint256 constant IC55x = 9494156304963239502207832089831077864467903896930269903800292651917427689444; - uint256 constant IC55y = 13732102823676963465083178968006676561506100136400103355523367591485264947612; + uint256 constant IC55x = 3590883669335716276950248120485084695435950245197150246643530675943031513483; + uint256 constant IC55y = 16672092824828957614577382062931587381317729597881385785055550039445041027146; - uint256 constant IC56x = 15725786826657159747239546675245355959463253032973650442448952039647852938718; - uint256 constant IC56y = 11086188316379646892279919031720947393848949611877519723340855927880098859389; + uint256 constant IC56x = 14219750280862389153715985369985099860318471642803942214385552911107098971211; + uint256 constant IC56y = 13179858453644073899197689284464507638874638448373864161818477257995991484531; - uint256 constant IC57x = 6022539567005437498329575316925887584040231525921806601357916463529311307212; - uint256 constant IC57y = 19179148285874051938849777846085488029038318448103930459513498581622496936069; + uint256 constant IC57x = 2701209449960840613693710200811849157832331602807774105695767757189295451757; + uint256 constant IC57y = 16563524509859497820218951279159349182350725682127037935404341768101963438434; - uint256 constant IC58x = 18071480336868436915359269781322510273691531539311458086889730984277721296864; - uint256 constant IC58y = 18966498307005607948781996622229320906038968390589129447132977189611127813651; + uint256 constant IC58x = 3414175684985968972672214275255792448199365968815072733136917287617864542852; + uint256 constant IC58y = 18622645504279859981648376664566050322654602232963522917682794185971463055131; - uint256 constant IC59x = 16017362686662403790539414408243747388402925985317246436474695569820871269465; - uint256 constant IC59y = 8500761837364009128331103353474525767169254015355264942031458205667202760951; + uint256 constant IC59x = 5673293766067799409374422371805460625346446472327627513935712864885777225287; + uint256 constant IC59y = 21411284026213166471174879361745290776967547374405635102315577625862119814871; - uint256 constant IC60x = 1937487277591680597529110893586460394469956696335093283874375245129173046751; - uint256 constant IC60y = 7101354064287115636210837776391536170534348803369963873194459103232701994769; + uint256 constant IC60x = 21670762707797115339505991245287266324440211832738175059503746008042627820556; + uint256 constant IC60y = 10738782034331094544003210285087846694198171390500938499428724984620267862854; - uint256 constant IC61x = 19366584965429936247820553821438585192984789634187034808964374250685234735626; - uint256 constant IC61y = 2693953064018529936351531397034115491874610594137483108544480330535304183798; + uint256 constant IC61x = 16953045628748754354885408433844807041994643381352716897698784182376689759459; + uint256 constant IC61y = 6127896289376683070914145422924841131147483845624765996364406481040321551725; - uint256 constant IC62x = 9796473696919008955827591474495225418750253704118837496743963336574921640578; - uint256 constant IC62y = 2548493387538352789957819301393219498749894435136915455294867987570211459363; + uint256 constant IC62x = 15246494027576980489494412837826402114800667628340474578756376600731624107218; + uint256 constant IC62y = 255405935613365874457852565358726414769491858464880299078895428295575114706; - uint256 constant IC63x = 20914181116691637628356239632260756140107819585830692547540251648627306876947; - uint256 constant IC63y = 18193055360643075682030719112290817667688065559588647625933701213543109219341; + uint256 constant IC63x = 18012406120443181819805009355966754224551722021941974548526420228517140194891; + uint256 constant IC63y = 16799708569974408624964150779541516312120665649287169320738241105678445380323; - uint256 constant IC64x = 7590544337925632858337703020484221426132530839408281128179449974509873136195; - uint256 constant IC64y = 11510422584723144323919923613436548509909070940413652504729783865359730971822; + uint256 constant IC64x = 21647434913457732586563647273051144915750412334997941554199119957585605712374; + uint256 constant IC64y = 5646169842102849206670097642242057986777917333159187763781591815797050803986; - uint256 constant IC65x = 4694595174920417145999318050692157482516422041538284671744267152197190184056; - uint256 constant IC65y = 14646520880631007007009774542720818216865704430422186739272391059676402537358; + uint256 constant IC65x = 522924794732206051621564424019162190357895804856558491692190006824849894426; + uint256 constant IC65y = 3050433128259487878626059638882986843232307377271585710516901209069139899018; - uint256 constant IC66x = 5750409931917473308612899156998709773165015643269441018229698554652110642175; - uint256 constant IC66y = 19034109253789514931417768471140326722247669287014078330926534975310228981090; + uint256 constant IC66x = 16537849522084305379050798390072027678664200652064613568035599455541956265245; + uint256 constant IC66y = 6662048905339906711492763641949270191885435595368572784997081617988378825137; - uint256 constant IC67x = 15390918806264582184650091883144908610359964197891913006598326586341853675304; - uint256 constant IC67y = 13439160594524324361897920652879947408058886302898107189111019940491972950354; + uint256 constant IC67x = 6178822760969956352675514899865740283160492055729766023642038991611137093796; + uint256 constant IC67y = 15134676395109059167957229544083854212732194608756055532042109219146005578213; - uint256 constant IC68x = 11271968681168106352400768936464218756552268568378701359612036307621530181332; - uint256 constant IC68y = 635767303573027732344745665074069540634679062776755065710280646241068994918; + uint256 constant IC68x = 9110260865396366363122826268971881047920724953450147780963448141385604828; + uint256 constant IC68y = 12242673337744675911914032061064487645223433319566451083780762770560625965732; - uint256 constant IC69x = 10736076526117844410735718604166158280597244449310755846026905268731124345826; - uint256 constant IC69y = 20807204501960218086586261763683268384925061601299143804857767694209430419479; + uint256 constant IC69x = 6631924558989196434821622222482564144367811724815895079161517254880811719547; + uint256 constant IC69y = 9846034906619316468424599028265876490291826573857225451304784074937609895380; - uint256 constant IC70x = 13901637602769916482888071949588465266686306988116494868759968742559995405307; - uint256 constant IC70y = 2496523045035897531774912715838836013115381118752269988037140812048932391857; + uint256 constant IC70x = 2325932629982250537434955175422325230158465669867162375580038042617489574870; + uint256 constant IC70y = 5147874583828750003443598102304571026663112923115364272095932612097636286923; - uint256 constant IC71x = 6367875846303037853932848737947083266057737936293301564611486871329920676947; - uint256 constant IC71y = 14252258147708194343097733785952582749473737908619421429097120842792104856742; + uint256 constant IC71x = 20149789673939601918295184825023111621280901637012365100685193426193505987152; + uint256 constant IC71y = 11754671591628066809903387963581104132832400142532711295607090645707718260695; - uint256 constant IC72x = 20955042125018245317266968455002992788063486264679944602284564158925998036281; - uint256 constant IC72y = 12079781019146299255718171718547557703530548470861277971724323693482661092037; + uint256 constant IC72x = 18964264984251050336799823200157838869346898911672597187477382541387416468035; + uint256 constant IC72y = 4083234469521201312249283379110780033129541751761913471439722345097281107410; - uint256 constant IC73x = 11241323371380716059386068725352546279646106877953502115885101918331471384288; - uint256 constant IC73y = 1703189593817285709253120674471927818433481193872510089328883692981651861981; + uint256 constant IC73x = 19949847240940917978757815435926998034234863215803788565747379602512769787073; + uint256 constant IC73y = 11206294668471770878404216340274277172266260874989200995267481701420802793360; - uint256 constant IC74x = 7288855629888996777040435802759971313675228158845935165000074201444128511193; - uint256 constant IC74y = 12505414715511075904897977739556530242040982357119163432484592429166870641050; + uint256 constant IC74x = 1011805970818307018195611211972942213948415886755698647509050510691230819769; + uint256 constant IC74y = 9621908650002304930897257804313486737271284104788733442484421825395527604389; // Memory data @@ -668,8 +668,6 @@ contract Groth16Verifier_AnonEncNullifierBatch { checkField(calldataload(add(_pubSignals, 2336))) - checkField(calldataload(add(_pubSignals, 2368))) - // Validate all evaluations let isValid := checkPairing(_pA, _pB, _pC, _pubSignals, pMem) diff --git a/solidity/contracts/lib/verifier_anon_enc_nullifier_kyc.sol b/solidity/contracts/lib/verifier_anon_enc_nullifier_kyc.sol index b86b717..51301a7 100644 --- a/solidity/contracts/lib/verifier_anon_enc_nullifier_kyc.sol +++ b/solidity/contracts/lib/verifier_anon_enc_nullifier_kyc.sol @@ -43,65 +43,65 @@ contract Groth16Verifier_AnonEncNullifierKyc { uint256 constant deltay2 = 8495653923123431417604973247489272438418190587263600148770280649306958101930; - uint256 constant IC0x = 1413853962861001569358305612548684789177651871594965589761252342895612221794; - uint256 constant IC0y = 15224564710569128326473413068659857504582960089989280426570137804062186528652; + uint256 constant IC0x = 3187641095191764205521308540462557905930466895026798971393305540949223016704; + uint256 constant IC0y = 14457920879344764499401602377918522177525788777965863915888942264357717723387; - uint256 constant IC1x = 2872723816577508709624328704197591200727607541758628878954128471105893037536; - uint256 constant IC1y = 5456330743498094593133844908661705509461831972346097901139218028858353007944; + uint256 constant IC1x = 2860866556146802855041735077788880282234677476033746813905724602023886264941; + uint256 constant IC1y = 4164320525770544600488682460253430343434788252422566389277341531250950954627; - uint256 constant IC2x = 11976645042660157778245600444666201881259598139969532082607597201248624893723; - uint256 constant IC2y = 5550995410876922716148473852175797786273975811686365647727105917433860011686; + uint256 constant IC2x = 20005970355915983992920772838716069620999609744929599311550550115259208345370; + uint256 constant IC2y = 7957917174675133778907020325695031184060853529561377406978890973683576102936; - uint256 constant IC3x = 21632064216268308772608847035071233361530471189339165054883984973984793197357; - uint256 constant IC3y = 17462608659782075911688767715619683212310424904968446440153231973702057463339; + uint256 constant IC3x = 18776161050240195481951016329243067313847283989708975421896551365085770213884; + uint256 constant IC3y = 18985253622798527839366252984379131002379499849519232494951522478888203835206; - uint256 constant IC4x = 19096796998504450466812112404518968523908474709519687141317167317992641618245; - uint256 constant IC4y = 18926903502476219600784340400063325209155800740924339849895308657533853249482; + uint256 constant IC4x = 21849792619502891896150254420982912220784684091239790196191714404674868147303; + uint256 constant IC4y = 21261807983971100483491302533681497089719386197098566083866641053771149668172; - uint256 constant IC5x = 10884053302401933792716404226193544468262547862622816890357412988997445576476; - uint256 constant IC5y = 19607672738978149038944226212184284509947617578053085314389210236673180321584; + uint256 constant IC5x = 14642560879226435844354124199845292056119507034598587194498499585805373051012; + uint256 constant IC5y = 14520231279258803164535202266469718946503444469896866759528818781729084363717; - uint256 constant IC6x = 18756091312230953743252901076852307680130552720554773696151104865352368562472; - uint256 constant IC6y = 12902511926829987794220882750418908360066437485500339729661607416121693345966; + uint256 constant IC6x = 5023804329099823805416515688246040248924847786362017570042335448442056529345; + uint256 constant IC6y = 8382238513611094628642975553791204818769515982615564025615549684367892996063; - uint256 constant IC7x = 17321763059883533307530550563528139272812245333124603446887973653459535929881; - uint256 constant IC7y = 12151446517680088985469318937798285286889358479014056479823529294703263839674; + uint256 constant IC7x = 12008960058556068697103589727036613004859214204242747562055033628333728741809; + uint256 constant IC7y = 11549829791086711441031398300643495345757978247085754143975705084855277736225; - uint256 constant IC8x = 7876865731056312181239824927776932899807834073155045758149531514122047026470; - uint256 constant IC8y = 19727958552252784828353241448428439511422180671857872524153093347318814800865; + uint256 constant IC8x = 21676048549214160641708774054966539648403646520266299766972605580528973904190; + uint256 constant IC8y = 6133628765182212162767357239177264158295542457196938124314266841563602963787; - uint256 constant IC9x = 9917086662609452621644078045211102624920459267963950639495728329006864858157; - uint256 constant IC9y = 16939905902506291291358058305981897630888395253458496241770298547058611772885; + uint256 constant IC9x = 1878562863160038059176415460175329640070110165120282126598068271194029045648; + uint256 constant IC9y = 5127422672165768813360802351479040999696350992419430795805273496601552337327; - uint256 constant IC10x = 18909135056382812197660417909514271893824654273327458151123027397224056786779; - uint256 constant IC10y = 11102621345588723325762141758667426598965226444015132997889348790614820467885; + uint256 constant IC10x = 8359139644190023057316723848376153263021330854901395861801711756249118767455; + uint256 constant IC10y = 20692654987063944827979937541934509237249254311965583721345702438299495090066; - uint256 constant IC11x = 9904533998675821050250228870878062500839738046112142627413972991561649387784; - uint256 constant IC11y = 1472999390828711720110746479187832259055695312591594515156455948701970839167; + uint256 constant IC11x = 12728322096071109471830413239011296574363867849402269565227718856147893151459; + uint256 constant IC11y = 1861155125555298028424371794082953243758577640243508009872303391966604599475; - uint256 constant IC12x = 6259981580117243269505978400843201685900073884341263913784480781409531257016; - uint256 constant IC12y = 17556400727789437691301959719873477688875958672470408542431599994268277697701; + uint256 constant IC12x = 5719881750637140376234263354930178760202458985446575201739124346530164867686; + uint256 constant IC12y = 16368908805854522036614446719511659848951900827540109846279566584785728705509; - uint256 constant IC13x = 6786150454543824681185379885488409422358344023379931929254945828912517427257; - uint256 constant IC13y = 1461307302213617129025058553488759827142505916845079526007426509438572108529; + uint256 constant IC13x = 17743901844690154394019484671927322912468028307268531100344960063878809180846; + uint256 constant IC13y = 10449075965866828550561232884328873569183192287787503984004506139529009907967; - uint256 constant IC14x = 18548160247798364319220035665282406269803300954541170041430304804683033785051; - uint256 constant IC14y = 9755198421636029968350019001957456386103308719599303665032093558427283180600; + uint256 constant IC14x = 11098420666637563511874761448080733212857263922886831437961470397940786216022; + uint256 constant IC14y = 20762798988550118502864524996042519439526113662033415554183073455766621269511; - uint256 constant IC15x = 1518206586970420517477151464101006353315752811845263733302611013600411502158; - uint256 constant IC15y = 3751141164530472434270316848184190720887831510108717881293011856437265093706; + uint256 constant IC15x = 12162442054122685425764477918885333367552567658214510668069614692965769983400; + uint256 constant IC15y = 10116305799707759724200032585859517610375923513561120419627006258472344776813; - uint256 constant IC16x = 14141410449344663648896620837425930560093061920476445455145116319568877990307; - uint256 constant IC16y = 21362576089049937855001902873781985399258826264127713239968957647242767818391; + uint256 constant IC16x = 10500812803151215559678023582489293425614334754977962045729501794780661711092; + uint256 constant IC16y = 17879133699582003080522465138996767736409202114537342906486180174324441112194; - uint256 constant IC17x = 20261948216034307185865350693399474848083720679809810166058642970987354907864; - uint256 constant IC17y = 11269953331712894119137124918207740684260362654532667611699297664219336782776; + uint256 constant IC17x = 15197305417353928416977249309822906058437028124423395814781085440365218815358; + uint256 constant IC17y = 16729470269554137696139917273604830301640308674783569547646381948810954506300; - uint256 constant IC18x = 10203999916396463367270368359575974708015544129948471630676981517737357310011; - uint256 constant IC18y = 13377549460491605159843070390893172806946016983291100814680828534398871836384; + uint256 constant IC18x = 8144472318421423709272161679595106542701923972725047251696434931369275680374; + uint256 constant IC18y = 276182636699442324140702035562595434502675336521018273175786616835727609719; - uint256 constant IC19x = 19119291374078250310453268556150662770119321418058910055456275551901831221665; - uint256 constant IC19y = 18656265189293580010301267675792624799018138439042917808961597814449002263521; + uint256 constant IC19x = 11775146635990433361594820619094635080647576996297625103123889003230084269706; + uint256 constant IC19y = 9825057348355954974998124406871175445717384046411290930067512427350358240376; // Memory data @@ -283,8 +283,6 @@ contract Groth16Verifier_AnonEncNullifierKyc { checkField(calldataload(add(_pubSignals, 576))) - checkField(calldataload(add(_pubSignals, 608))) - // Validate all evaluations let isValid := checkPairing(_pA, _pB, _pC, _pubSignals, pMem) diff --git a/solidity/contracts/lib/verifier_anon_enc_nullifier_kyc_batch.sol b/solidity/contracts/lib/verifier_anon_enc_nullifier_kyc_batch.sol index d0ee65b..fa5de84 100644 --- a/solidity/contracts/lib/verifier_anon_enc_nullifier_kyc_batch.sol +++ b/solidity/contracts/lib/verifier_anon_enc_nullifier_kyc_batch.sol @@ -43,233 +43,233 @@ contract Groth16Verifier_AnonEncNullifierKycBatch { uint256 constant deltay2 = 8495653923123431417604973247489272438418190587263600148770280649306958101930; - uint256 constant IC0x = 12858642186216573514376237800965234603650348168089173346459768469400500053251; - uint256 constant IC0y = 12565095604564374485221498316349530377709382949948054355717909187503668328055; + uint256 constant IC0x = 19897988225659105939639408709293840562897022785921238146066575545617348312548; + uint256 constant IC0y = 15644088698146438245644546730726249447460541809094423000622894418334512562175; - uint256 constant IC1x = 13138077759640600902994382164090740677763266688367946800443925142634362541881; - uint256 constant IC1y = 7723900083385686148919365704874326680250569739012955417787349354561021447872; + uint256 constant IC1x = 19147347189359129763962233101180906458439869943878009136949214946695936249511; + uint256 constant IC1y = 16443091035764976902250748734471996367063308703550388048936151831508916790167; - uint256 constant IC2x = 14219188412519089397214334581640115554216938530741107945688240997660263170219; - uint256 constant IC2y = 8125001429497239326152138654137918018111779471251025427553277398926329934842; + uint256 constant IC2x = 4953721133054374020691168168912856344128159216890887779127507640745852989067; + uint256 constant IC2y = 11274237764204185798746850229590615897364057340682130907386954538737981790028; - uint256 constant IC3x = 1759344920564294627929169355477706885942426765431124731801753927931354406526; - uint256 constant IC3y = 16704901573493296732998549934540890651410652165343574367926253888287104473131; + uint256 constant IC3x = 12014343148735150516037826153897244442964751967857451125647538213400289575908; + uint256 constant IC3y = 2256292164141221873783002769914552682959403069391248287193189320231972071517; - uint256 constant IC4x = 18134796096326614857057328188329348746820239703330333808300374025361274720547; - uint256 constant IC4y = 5212627741252822716339446204636891514022844101746285343036769573045284953110; + uint256 constant IC4x = 16474111233563377351871041720154184097630499258863248315326764649157486024007; + uint256 constant IC4y = 3465627137266950374889235022170115771490529465832689707716067214948698410674; - uint256 constant IC5x = 17172679838518323409677749691588214365220267398536693614140734792906786694323; - uint256 constant IC5y = 2991979426725964436056898136610419475023575862638049862936910254220821506203; + uint256 constant IC5x = 21239768529935134066346277853440527215270350044622347770638217479251212158464; + uint256 constant IC5y = 7127821513699748457811543966328448758787726945642497766450864724327997311167; - uint256 constant IC6x = 21499164383697425217120152657113615092287034447947963704384713090289054641288; - uint256 constant IC6y = 16171064071592752054093802756901859080986579596068272427835573477325391292842; + uint256 constant IC6x = 20471972717426227458045921399823861507441545072162372877052112450284926318790; + uint256 constant IC6y = 15690641790115007853742129143398636761393238908077402496312595876959907032754; - uint256 constant IC7x = 15779166016763002120428757835985278393297293764828050459715565840244474786130; - uint256 constant IC7y = 10427231172566214799309001614729561335097611216682552831326126618221728130847; + uint256 constant IC7x = 12249524535261188578794643602619855658098993422806566432127371018556423636474; + uint256 constant IC7y = 9598527391418900222199326929183254437955434178811007044051681289104233693130; - uint256 constant IC8x = 5327289818666334492489293856849696192046246016406082960977355506140119513181; - uint256 constant IC8y = 17616031884310713244347063286442601125717694844051977165917682362170860747545; + uint256 constant IC8x = 15510118051699880475157329616372101916039157017977355842946660472019827696389; + uint256 constant IC8y = 6045131352513101292902956652174831155777162555286522283250353347448002272275; - uint256 constant IC9x = 18030450872706033037354006711072254713141270199112344880139805848327481797010; - uint256 constant IC9y = 10513592887287392492506837777945959827767413659405259959854692393972495674961; + uint256 constant IC9x = 8237962499167191717299109920187094525728582720089853220028379002409156902616; + uint256 constant IC9y = 3872291793198670228738802910150553797306138588608369982742211481904207335377; - uint256 constant IC10x = 4524864247654964567469535929163200264726482171439083702442378388147786638589; - uint256 constant IC10y = 9685552092365208253342839015231175128860850045536226039667213333241819189247; + uint256 constant IC10x = 11021190808920206708521175885367808506403710026349261813343566459531685391016; + uint256 constant IC10y = 1091042997961435981758159431116424631308189158647147706316040872328615669781; - uint256 constant IC11x = 329539512901187456266567759571219202495070912781353242872678516063984831188; - uint256 constant IC11y = 7145692892980733218772365595170632546143336877018824267081325757282839562499; + uint256 constant IC11x = 20266534472504758304827002029642639845414165264657296437397072278053653166518; + uint256 constant IC11y = 11265986845770000498619078678284319535435431545663693535794289369507168603450; - uint256 constant IC12x = 1856227097482306211980388391341480809415523646892907964147258781905320155651; - uint256 constant IC12y = 16543095693952504805605399499868446737720271872920526258562049981705755276756; + uint256 constant IC12x = 7829346354910933388493469819519610668134763494342423656712830862266420333795; + uint256 constant IC12y = 3686355576932585256071775977861837116925961022990963328330233893737808072351; - uint256 constant IC13x = 5392850330837980073356747596993790265968885059537375200702635552143983472635; - uint256 constant IC13y = 7703986526264547936088911510529999152674965393528913111525128992581017880478; + uint256 constant IC13x = 21208081894525298601787151495018808718752027297242956532575493388691397517933; + uint256 constant IC13y = 16099466525244958964216384923037994585998474402985453699741494498122742858053; - uint256 constant IC14x = 18438332276363778446890024904290375852060920841748335851790867936141859904279; - uint256 constant IC14y = 19448860375190721620648828020939963086196708594297444412804184163640327160131; + uint256 constant IC14x = 8155455923920254572310584655650607640944517100266368967254851328873094792706; + uint256 constant IC14y = 16913747786754588566372805507346420539490777863198363908045087223827314334982; - uint256 constant IC15x = 5687865003847548563399579267783553733441567866638970403121677997146439381888; - uint256 constant IC15y = 2191988301463932219325908259347620918047096485308726944866158692676637795702; + uint256 constant IC15x = 2048484096179779713761128855383973330941996365333726515116421061293627244827; + uint256 constant IC15y = 18127350277121123854599162995327296676523226803582849476525059141391839319180; - uint256 constant IC16x = 10279050062086339246661120879488336116758244501989502881689491605008915076835; - uint256 constant IC16y = 16428995848587898142982442127509205116369865808291868979938415680875182775525; + uint256 constant IC16x = 12413888029629544447074201425628640978515839548759729638611127445926900755664; + uint256 constant IC16y = 15941827976704593133129237037487776507467735657550185698053146651641464831654; - uint256 constant IC17x = 9816468710844480490642228295217484851991632916656479508160966623636114865744; - uint256 constant IC17y = 2754507490610896776041833030065834464442111984869142813935489770199722445347; + uint256 constant IC17x = 16735941652697217872028257305895498271806983436521043335037295369269827038273; + uint256 constant IC17y = 15218161999330747552273516029374892143801427925467335709703802880679770576390; - uint256 constant IC18x = 13063622716125375763271649847388054009900310451705116384857933479525056090637; - uint256 constant IC18y = 7994920979609930966967930172016154794817903198704598865209423920930323096445; + uint256 constant IC18x = 17264079083384941891049531609844894949554212952663751277900409141172441081955; + uint256 constant IC18y = 17602122828133046682157103204510222410265905744605305151852279762333976332786; - uint256 constant IC19x = 9446214791657203662970190954509087731906331456494855211267704960114693003191; - uint256 constant IC19y = 21776845737822675365873239039130394552130059996615606643305678438492320080031; + uint256 constant IC19x = 8020783635884299785017413065536444513306274686322784698230436944510923802427; + uint256 constant IC19y = 10778881148042898782718784574682898294924170688076480123274527754390704926858; - uint256 constant IC20x = 1885050368269925152057295882804719070229392645420846097024137982919224633770; - uint256 constant IC20y = 13856939111858796218571089026023802718312924290260146728675938282943232546081; + uint256 constant IC20x = 19001011513924778900341458674569684250154217732301036185350531297988366259110; + uint256 constant IC20y = 9417382914885223328442786658559621422715681857099431887918590630945450992386; - uint256 constant IC21x = 13502981376532058730213267607742351586905109909912659823464058089453980543127; - uint256 constant IC21y = 20334183524413245818866575266108429506934265583362822816829917787569232526099; + uint256 constant IC21x = 6737376250348345240897516838886785785398634166153032340232008808252573602088; + uint256 constant IC21y = 11494137845405047046843931866657459358217976022357861720539789336859723078084; - uint256 constant IC22x = 708724843887592966090042763437951121939890272319205833027672386211527623095; - uint256 constant IC22y = 7454601060816578950716347512176870469572088600363242636696409496663583341632; + uint256 constant IC22x = 10418844037018507387903974696172156935242789010920930291305974939743035608094; + uint256 constant IC22y = 9845375038080405764939095853534189920226779400958692792333867633389719570572; - uint256 constant IC23x = 14119879497714697061242498044936832063422208534040076861776139957786619511982; - uint256 constant IC23y = 1453030324388625916010093192863624023054896168656174654597601720517171766301; + uint256 constant IC23x = 4524775720259369737405012321787052186306238891992093167562861963484344478427; + uint256 constant IC23y = 9062667940492452432577575085809718481829458861282751358857396244888253008543; - uint256 constant IC24x = 12271062616699198132689170125722784479703062504537137171812117819772997338698; - uint256 constant IC24y = 3676431107623582185000426100556860805839409841263721120706707136997823046739; + uint256 constant IC24x = 6330629647499414850067070607038861664843239718602832398209869754798741155104; + uint256 constant IC24y = 4228509106904581581274500803106488281935316257092981114054140174563190449500; - uint256 constant IC25x = 1824913022854221323644984530099684888450767469532774180747075347781876694520; - uint256 constant IC25y = 3899508529597325237733109662635109559896217913681858321495980233622100331615; + uint256 constant IC25x = 1221451322915780656298044974415511567700230837260033136719446068524174831580; + uint256 constant IC25y = 18860671826203696986352708992907256428505803631110483180242385659399495942704; - uint256 constant IC26x = 12557067370518147862043507833326506959791078712169384504639292653505027180142; - uint256 constant IC26y = 15149998150719593703609290872828214731355245266578234125726145711106382632380; + uint256 constant IC26x = 14363175465381210503076426626102164077729617303895377369907483648161303894716; + uint256 constant IC26y = 1039765371798554589534200523668536895007965927976091186090146272629550698693; - uint256 constant IC27x = 5829840523465463958909607723359876700469942173115320771166484161713718282591; - uint256 constant IC27y = 9611195661719380898097235760700826835276531672392802668236453508531091035194; + uint256 constant IC27x = 10844866802204039461129597196036007555116887079776349691601311291532507935841; + uint256 constant IC27y = 15080882338740425184306169377610855196155755750902218937806065382577568430566; - uint256 constant IC28x = 16232085544582714949187842523710432985519070155756937396743759694308936578665; - uint256 constant IC28y = 197210443422913844441852265914771117016218524508232721795828526403802660644; + uint256 constant IC28x = 7282748483105142942952914809234113307290499708397911896381074483068120123945; + uint256 constant IC28y = 9708793634285407627079828789679550447452184518918624435255107054670757126024; - uint256 constant IC29x = 12769874874317449448398890418579508192059699675487726291360286072338472626483; - uint256 constant IC29y = 20316010443614392364943349261952083622802522827489619529138770824319673757622; + uint256 constant IC29x = 5138747558556186688156598867345806497092946881293320489890503986815102199096; + uint256 constant IC29y = 18586259913426258188835364490284030396021729525721719406501410102262565348459; - uint256 constant IC30x = 9734129384094680547995613138054610125828593376069179848768658036657148002141; - uint256 constant IC30y = 2992669327566926603317036570110950470027617440161819191608754193931132208178; + uint256 constant IC30x = 13912363492986715690172761005477226514653135170137575720619506454153853346359; + uint256 constant IC30y = 6893782072051478665218510432315015654626283852568425834965115505110253115273; - uint256 constant IC31x = 20849948417143878841027639919843921539323288164074406402431253440498072149345; - uint256 constant IC31y = 12314252851577929580908110210080275098313126995996149851034950184196310491813; + uint256 constant IC31x = 19518992070206705110735545840976158925825227451671153494070370708056809755261; + uint256 constant IC31y = 13458217343753689429814916577886510621498889168246485682346852264809078723259; - uint256 constant IC32x = 21479332708681963336728261276489890777177424325004148887142756299494097988161; - uint256 constant IC32y = 8055938613310177737404613036054909547029202949550716156874045771973008845566; + uint256 constant IC32x = 1097235715910227033327833429533074269192586012028475731477475399244736688088; + uint256 constant IC32y = 6890774447349851824422506064846539799917454135804297142885207816025033161946; - uint256 constant IC33x = 5008871293707209117112243616376510892191331661540497630870164870896747559846; - uint256 constant IC33y = 17899199427875819064220560246334197679978944745279461171935668858646558782444; + uint256 constant IC33x = 8545915603207328763153687368654098572100376577619186155105002847474459274902; + uint256 constant IC33y = 2643960856702059282412430765156638700883595267613637635371675378334184541765; - uint256 constant IC34x = 7717582089942619775594873675301625275812288799122254877746559706915772729624; - uint256 constant IC34y = 3108311010362495238282921984339085194514915755458797651891031322998829044785; + uint256 constant IC34x = 13627824545339932282915723530402785197444023331093555307162151773294070744334; + uint256 constant IC34y = 16397729842871261850876321810765009366490138863416313051851538739447146040558; - uint256 constant IC35x = 16411921225538804984679777592020084775760110721570684792890887036573818540903; - uint256 constant IC35y = 15841892232688345757902083996930794954583824054843049696932195726645313999362; + uint256 constant IC35x = 20188227469347626703344636858723277892814222529623724593145308524258817102866; + uint256 constant IC35y = 18672311838692498224986336996945086288515951917827273191227730907199318066039; - uint256 constant IC36x = 21736822414829759563741087499118594450691632648115529553228374222189609416769; - uint256 constant IC36y = 18611237143945577532896931945863068676495688217648848855327003088857927939826; + uint256 constant IC36x = 15256264953155444178864372052190388745740189403694348626225720289920875393136; + uint256 constant IC36y = 18360682089753574262770990632934119740864080565996652241985872899808342139044; - uint256 constant IC37x = 6766779860330869694801899046307415551211955556038382164581083432846348700226; - uint256 constant IC37y = 4348809227536966993624804311309128083139628407034296854485102604735473773161; + uint256 constant IC37x = 18717442962331535590202272318263441978929468031878724494781454269431836231883; + uint256 constant IC37y = 17590574677083835340991998839326355797384991388873061634267346161853561631569; - uint256 constant IC38x = 9350799026503994956556626995121169898340280644400547473739718669680854004946; - uint256 constant IC38y = 18177948831013317937829243162228732916573419255767956909271821104092205107687; + uint256 constant IC38x = 11076360783889920282429185815607604170568101123121939825235000044462490227641; + uint256 constant IC38y = 7427574263995658656753018038567735283390342934474190351900793103215611438674; - uint256 constant IC39x = 94472296351831194468356019302107406410788832646145067030343354857803799160; - uint256 constant IC39y = 9558041477637858711229451831649420106979368005401432633757775171711586712581; + uint256 constant IC39x = 1462264002981677971180254485360242717039923726030357662056431471319157988900; + uint256 constant IC39y = 18451577591932356051072162835084126573452649494712946599906969905532550849883; - uint256 constant IC40x = 11924222116111824991860260042959961353002146666090548490374221736283466888440; - uint256 constant IC40y = 9376478922816835111239590927155662092900844330330399569891165247903096420628; + uint256 constant IC40x = 5103996117361874266153897429070227880163051857527936709738256107021123964059; + uint256 constant IC40y = 10298514862841858940068158221342901186487319548982710489211925713002720191140; - uint256 constant IC41x = 1595173533002108298188171571771398368233508884044110950580415280925498343002; - uint256 constant IC41y = 140362717412579991719892173085430060259414714186248236075316046087103551089; + uint256 constant IC41x = 8948999702210973406372134881948635946510474332688678660220353143234539745734; + uint256 constant IC41y = 6223048303950568899098759623457578405129707611359398015997066745469192121230; - uint256 constant IC42x = 18319434801672111353339429736097984802197477546441364369182430504203884564626; - uint256 constant IC42y = 19880794555729491026065075422460291327421057920878428636196616471669642160992; + uint256 constant IC42x = 4352019585330006073756433207490276457934814091393650065720438491948372704736; + uint256 constant IC42y = 5513757498515638407564816542300645533152354753795296370722374649796922252543; - uint256 constant IC43x = 14298591664878293241402475452930424038231646087519650086862341368082546288484; - uint256 constant IC43y = 5700983900392255682138073827509652276340230564615029828872002207336359375702; + uint256 constant IC43x = 5927628426611209356918335152730784104079050011117402094227629910901744605159; + uint256 constant IC43y = 9877838872307105150242736616617522872683504421897410091835785586340892260268; - uint256 constant IC44x = 1458893789126043501953887683321386018864367931522452938826459835990109170040; - uint256 constant IC44y = 2658215231895679362259862719429564236615857838303074175288121415751956320882; + uint256 constant IC44x = 3272095207365383123292357038475956866604679793253253156399980506608481318158; + uint256 constant IC44y = 21119390009834480671279683098444252421793983335924638316052302445053202617588; - uint256 constant IC45x = 11064112203686674647106645830419420709196890279102372003493120060412036512401; - uint256 constant IC45y = 8287956196445426823797809778105408799892912161035528841955009267040480061818; + uint256 constant IC45x = 15524623528151826914308944209298957568469790654802464429900017368067089319780; + uint256 constant IC45y = 20355958234522381722457811342514656902212369583565801255991875779389127941658; - uint256 constant IC46x = 13851027107271193900975432967315478096932479736639646379084637309147878017109; - uint256 constant IC46y = 4450349056058299830503310354148491948664285038809958448024012287062316615048; + uint256 constant IC46x = 16224839611196658969453565246937619963233244566057079437050956308679924240843; + uint256 constant IC46y = 20336799151677945642604298760932420571889835262144137656536490327089217497821; - uint256 constant IC47x = 17507493848332403906086412257257255935251347291570004580421636920681223078428; - uint256 constant IC47y = 7085725574070197988412368205391156183838163343189008548401245110570804062921; + uint256 constant IC47x = 8339471978208863402294510410942283067819048214469170681751225578049840432131; + uint256 constant IC47y = 8298459084372792228889476340239847681193386953909531421349942406258528700781; - uint256 constant IC48x = 4609097752117007954520151781287262899170776828894452682254041943016124235553; - uint256 constant IC48y = 19749426748323419687598448893916427065141910432304107857075100318582814466388; + uint256 constant IC48x = 11875480550859637947808894207205592032838827941125960824047492699758525818699; + uint256 constant IC48y = 11075839599880437870246858014584314250085665813141320824371578957564816480476; - uint256 constant IC49x = 16574218961687390602789028999728280967624631738160017828495726918156613249078; - uint256 constant IC49y = 6044192185623496095086288960921583224741872927261607856236635918539683284576; + uint256 constant IC49x = 5254307817213998754412376371283037873529591710480089652646118799901396881105; + uint256 constant IC49y = 11054853095893833102717362446813843698715121342753068286071409993301790530195; - uint256 constant IC50x = 21604305051063308453335012931969530744510398238282014894442855105112804266210; - uint256 constant IC50y = 10413838090733029275617714737576180975243530500563360135536488074688057838774; + uint256 constant IC50x = 7395382170554153483710791490305137139384608057295719108356686158575730277462; + uint256 constant IC50y = 17337809641742678764682073922152759261604875977777940587364487755359595726961; - uint256 constant IC51x = 7764408639814512603838154764631526319886606433261656743608229778106556101640; - uint256 constant IC51y = 21387734773157015498518846574380673546980789344619461967223915135750558115739; + uint256 constant IC51x = 21083048980552562131530946400344274016610869292674992152206187152085623241522; + uint256 constant IC51y = 7456676987555041530892145143352405950082418081830676589879769492118412225006; - uint256 constant IC52x = 14909548937315936008524922491636665986360008581945780986903891216922070762656; - uint256 constant IC52y = 1664351798941531671559651874897518165093469946096549276729304888190685291746; + uint256 constant IC52x = 19914185818525433169385902831412598876038182172995611925444932046375946530606; + uint256 constant IC52y = 11598831798965680494756101269383487805192310849754637193158176933347213915526; - uint256 constant IC53x = 4614238873201220965153939599187254909004047923819015976069683732158919316244; - uint256 constant IC53y = 4722795851830618845884382156583439743547834690307002874535492698787108955839; + uint256 constant IC53x = 17504272635653669426858847063712002458606460138895613672521319014395137885467; + uint256 constant IC53y = 15689184425355674119503689260359241813185163185081594484449338800443378498413; - uint256 constant IC54x = 15197864413628866316379587721636158247259025163428559670694689852712910729761; - uint256 constant IC54y = 1401273212688352517008858641807567448019599897394916436625228295012498484024; + uint256 constant IC54x = 15465219659542665620426495405536681998103741648185129201159031227478103592117; + uint256 constant IC54y = 2802734936500785321693792921524080065764436372610850966553544941213928598941; - uint256 constant IC55x = 8569310930376893641517507676031502998684387820332066052650291694549510548199; - uint256 constant IC55y = 643274406765234728379874575577550537111232663873082733909143890382504564493; + uint256 constant IC55x = 17733539939663415112065248339369528917069654619093990576348486293711347443020; + uint256 constant IC55y = 14430836790052811686618405722845642451253928989904196526784598325502566484469; - uint256 constant IC56x = 12762518128760818150886739516396083567575986702019713785717151335312011514231; - uint256 constant IC56y = 3769605679192029754831571940160391650308784250092442010088706955736610380724; + uint256 constant IC56x = 4928543994611704038147352277179385380733570098567446392419815266578085485578; + uint256 constant IC56y = 17051054565088810468716279795583749256581527659492822901040183166052166186347; - uint256 constant IC57x = 3189174500871313680764664480905638040127163693997910432263595362142979665869; - uint256 constant IC57y = 776020819762105554005053452060716907505468678154595068076689353121408123285; + uint256 constant IC57x = 13742960627575011476904634820837997444091392837326487675541171657548898428959; + uint256 constant IC57y = 4639072684957897893629228345629263973380441920319481580744027202705839378289; - uint256 constant IC58x = 19376317377196079728076712169101441440349901835370580888232493469749197110916; - uint256 constant IC58y = 3592475204230655808801662343843260514725307826524878734046379671956873553578; + uint256 constant IC58x = 20975254323835866453739128848385099669732388979835569116482688808568875195796; + uint256 constant IC58y = 16966088481952089212696771118988567510277745140136149057737936756559858996062; - uint256 constant IC59x = 4799915220692644649753533504149517128475232824338431811727801945614187697956; - uint256 constant IC59y = 13378978664759993687957402332023218378859458045597192682065038434589196039237; + uint256 constant IC59x = 21229565258629207413814184606278167035626886108012638802522058026659873245989; + uint256 constant IC59y = 7189313184050165778564553327905395679010104496209129265001051754804493708159; - uint256 constant IC60x = 17356963671387791136626612918051654683944675743132522135107394094390272672126; - uint256 constant IC60y = 2492534485701186859331467741058320879033522878496671047543252133967346736359; + uint256 constant IC60x = 10142203682863987027788022977389754498367329786100798604784103655633165315422; + uint256 constant IC60y = 16337804816444273832066796146653272491463896547513296930654559517740725531646; - uint256 constant IC61x = 5814024747431153344801549601432563738422231162213566298427981349001387435581; - uint256 constant IC61y = 16721488692612711789362904139915784496063938968627134749709137464726589565531; + uint256 constant IC61x = 8324485743441439934885854058624501904339089987075050009038035849079648510666; + uint256 constant IC61y = 1934312867741305372813606742316942858809850762872752489442105906287872615193; - uint256 constant IC62x = 8608343078905260825116309150626950288107712845302122699016436828442827782713; - uint256 constant IC62y = 1260158607781222985952927525309925422129427684188843158276441590897597362531; + uint256 constant IC62x = 8755272281132200881206081379155898769453478996201798721015264710014237556074; + uint256 constant IC62y = 7214546438548448102397333066720146141106097367523450945533711844508856251613; - uint256 constant IC63x = 11258425473065207572623984609608914538428760698685193130185004597164614478569; - uint256 constant IC63y = 4854489234758154798649678878068102447416704048454668211527548199335632683207; + uint256 constant IC63x = 14151475773760190653696652057083705672606177381042751000273096796627254891704; + uint256 constant IC63y = 12800420004463021246404540157960866332438498566711132636992732955279206340139; - uint256 constant IC64x = 21766168373449823414270800279443623372571839384674812702142944802401022394378; - uint256 constant IC64y = 7703902925470304776781728964330997228580896245066014584797849560782888798938; + uint256 constant IC64x = 13695690449116736099166029360461213999742840847215613726326344740675192046747; + uint256 constant IC64y = 2603139465866620659347442006519027944297611908969018068686986645685466397302; - uint256 constant IC65x = 1384530296890089198307647168215761779850576912076881001598160291986026496770; - uint256 constant IC65y = 12584308877935799775759132281264923264277890903295365956142610321614279794420; + uint256 constant IC65x = 1177637445668075826821915128727635425470608517042545111313078486114789416401; + uint256 constant IC65y = 9852733692252826772847989918737146031585846991790555047871140343994085292750; - uint256 constant IC66x = 21115974864023553736522125665071481959149729855452581830519528236376260491674; - uint256 constant IC66y = 8908365689168526027483920455915005259849013171794785798355208898553832867588; + uint256 constant IC66x = 11867992990579525933482499635947781741744735660517966949566848663622475787622; + uint256 constant IC66y = 2618035820332247973637563479434568869003814421527376408004985511407775959172; - uint256 constant IC67x = 6198100476911319381136526896818417893455790633249121384808914345569924897459; - uint256 constant IC67y = 2936657732897541191035075338737281896974406581198472408041617234550530719725; + uint256 constant IC67x = 7210966159925993015452861400592769434522839324976716414804569216802320545229; + uint256 constant IC67y = 16843922512754149933191011829072752242547047876211570899862901647591520334091; - uint256 constant IC68x = 16673561668055089127104948413320632058054932616922886831152175571308171291722; - uint256 constant IC68y = 13365102546687537600231738228662786320745890137087025482429703191969849289521; + uint256 constant IC68x = 16699697603759144825698262269845341328440017375857568954454051158571197106152; + uint256 constant IC68y = 12064743873149952980455162878616600088123898688566016537225992371096617158713; - uint256 constant IC69x = 14464971584724132509485354385552099228212256440708197314324265844596824179740; - uint256 constant IC69y = 14645921625165329023515781637143761220291337478325886213902767732119379247927; + uint256 constant IC69x = 5111463607690538467917768219750831882850422836940489209353077581903070827858; + uint256 constant IC69y = 11169438770025069794225783878649624146742146836483670378641246869693228652834; - uint256 constant IC70x = 6599504216018296719823288921727082748548266803767080991220398531137873889253; - uint256 constant IC70y = 4876952318688787222636553235642837524139996295486611213239536460225129297934; + uint256 constant IC70x = 14806268424773595685690193026701319784989733270013454892827036142313076072621; + uint256 constant IC70y = 16288760063300179289346232429477717521626849188696502988196642640063738639071; - uint256 constant IC71x = 21463848722714033440486185038945125724006720461464758537645318008277972427853; - uint256 constant IC71y = 5841284683571800089782342281984637694003126889191389397802402888447123609554; + uint256 constant IC71x = 1430353237650057060504828399719802014440428557490166602692903873236707851600; + uint256 constant IC71y = 20191862058900648669486143866907803336456965089367613743221213864688314781930; - uint256 constant IC72x = 16213464432225523495426109553030690767731990088934751096008578161557940302646; - uint256 constant IC72y = 14823957153754707586465065897744710705654010901245601112247720634512696158604; + uint256 constant IC72x = 2366896769323523901241446332481655507747547029378146308054867419821972959585; + uint256 constant IC72y = 4758677958858409109884573530674283165976111011330480827892482962568567636825; - uint256 constant IC73x = 7859589839267797163200602956877913265055164095747536840537064565208778460349; - uint256 constant IC73y = 11629571171547336333959971915130356660242772799944866424256117128366330688742; + uint256 constant IC73x = 932522054294169898289727664089770628793397540510265387790277817991002346477; + uint256 constant IC73y = 17727672143512464871673552059320176918960281639457417311783773552358661794730; - uint256 constant IC74x = 7328410307801366440258605993259568961918657007716618533680527436559166571941; - uint256 constant IC74y = 4671655370973164091589829545231556438180959758785630670937772947200496168718; + uint256 constant IC74x = 7165819180679872653731391678714162932431740658100242434605276187598030445685; + uint256 constant IC74y = 1964871898459773332945756204888101791749504479659651461411621369045541738272; - uint256 constant IC75x = 14074358839369919045859600954876359018351022200323100354114813511190365539831; - uint256 constant IC75y = 14874402639148570564877335066665498698798443974543001126724821220742994149380; + uint256 constant IC75x = 14018470570501794001125692119306265467735897080300787653423950509508986239091; + uint256 constant IC75y = 5184136469273701727518309213768780794514014759843289868867671810595880412822; // Memory data @@ -675,8 +675,6 @@ contract Groth16Verifier_AnonEncNullifierKycBatch { checkField(calldataload(add(_pubSignals, 2368))) - checkField(calldataload(add(_pubSignals, 2400))) - // Validate all evaluations let isValid := checkPairing(_pA, _pB, _pC, _pubSignals, pMem) diff --git a/solidity/contracts/lib/verifier_anon_enc_nullifier_non_repudiation.sol b/solidity/contracts/lib/verifier_anon_enc_nullifier_non_repudiation.sol index e193477..23dc75a 100644 --- a/solidity/contracts/lib/verifier_anon_enc_nullifier_non_repudiation.sol +++ b/solidity/contracts/lib/verifier_anon_enc_nullifier_non_repudiation.sol @@ -43,116 +43,116 @@ contract Groth16Verifier_AnonEncNullifierNonRepudiation { uint256 constant deltay2 = 8495653923123431417604973247489272438418190587263600148770280649306958101930; - uint256 constant IC0x = 61152201537889926275975451868492796646122446807695713296456978247249582416; - uint256 constant IC0y = 9695648204016070781622666667584047424682889351813380418002919727735680431848; + uint256 constant IC0x = 2001385234062673987692550429821815722863659431302298545583634907691892482680; + uint256 constant IC0y = 14781110368514218587561375268471641777412620093484588360122287750189358006163; - uint256 constant IC1x = 10818413718893848808402545727883654427504377656024608710124673989981283454777; - uint256 constant IC1y = 14701970259579375859890335270676117743373026657357926310435717690639139050640; + uint256 constant IC1x = 7556096446151950874840339036103156789650197148291803984785545466651498561337; + uint256 constant IC1y = 6650962405978808836297634992928011561427876716598531736909858761293243721563; - uint256 constant IC2x = 9840109243993106315091706083155776361032307023052778294772503086667107815996; - uint256 constant IC2y = 21421479189014038406783263969703640720651565849997847849843209205588964320102; + uint256 constant IC2x = 20038512891887596670632812249594702812590007142730486797720701790391611848271; + uint256 constant IC2y = 20256333879439556091659528342474712479670113373689574853972461613489102930678; - uint256 constant IC3x = 12196519179633826522602326841852965755022289891906762572351016836798858206098; - uint256 constant IC3y = 21412982233376624982950908408194070113939028694796250687285586821383910088647; + uint256 constant IC3x = 11443025028450071979050887288247099503200358162242990201001807478924029957245; + uint256 constant IC3y = 13327499081089653748509498371491725809431707733316023854978980316109824479432; - uint256 constant IC4x = 7235581190969404642674908755082149965058521362907161333566312285819042633598; - uint256 constant IC4y = 6931782325900735400905731567130246797576747310426631700865748776636338594767; + uint256 constant IC4x = 7624555235387495367935127170697828159269695097559331594010293813960319884875; + uint256 constant IC4y = 11137415159601647519869398005771976201119348510679516196579735433485526675104; - uint256 constant IC5x = 17173127509734661798214022591915764018115836414873628492024583620042432609703; - uint256 constant IC5y = 11053567531734874125107501562108570466815783441341452166837816067812005570598; + uint256 constant IC5x = 11087871541207315606725362171392044593868106261660454382374333971677088481491; + uint256 constant IC5y = 19340732691909630389342213036129595674096169741788037180538629969520804730266; - uint256 constant IC6x = 21322229154496451310781618984685530972033329595022238631018620297371680426022; - uint256 constant IC6y = 7388749448350962125829245020456825870275144349454024855495165941982341148301; + uint256 constant IC6x = 13583100217505575966160350019452009194048692549120513539268963698775438650630; + uint256 constant IC6y = 1641448164312944528199778933389766215797047305335726307565132483593471411259; - uint256 constant IC7x = 3662204837926956638674706277742975228880114760813672260168091215011178377018; - uint256 constant IC7y = 21256710106786993659486690926211319492336214639483222643807507892624155511837; + uint256 constant IC7x = 5585922134673658233801959463798429458921409250802635584596282098657485406976; + uint256 constant IC7y = 17863740184730961269858749548594348255637841211596681301637226124021328969527; - uint256 constant IC8x = 16416424487929438802815037726775677877790769889611866329026773729069676481190; - uint256 constant IC8y = 19785498286057309459570388602549762654841028364369156080553734005085711769135; + uint256 constant IC8x = 21099117100082313827099466608703735183105199543855999801428992850216941565751; + uint256 constant IC8y = 15576013126025048602321604727127815002671640946151978810664235227249216762668; - uint256 constant IC9x = 3487720661542272985378587516835961797059090111389323525709549840624484697614; - uint256 constant IC9y = 9086284871543196624528653219516125160115487238452508593981701258865845917119; + uint256 constant IC9x = 18537449506596155106234105147437034972479117580979497781576650676303501386606; + uint256 constant IC9y = 350100634610876129956205819597008741801048830980632745488137405716028556360; - uint256 constant IC10x = 18253627212668420590014153250663082604494945345432034082183424497743446495887; - uint256 constant IC10y = 18885892320384992450879558642426510373395491929091207152085524010308391329263; + uint256 constant IC10x = 6230623393922273599156930456061095773845299179410369329393737749736010110232; + uint256 constant IC10y = 7212836541072467658356691744886683497110671517013247336842773780534221299897; - uint256 constant IC11x = 414951092005304150207393545724488327983772155278396477138998452800148473396; - uint256 constant IC11y = 20390659272138664715535171789663124592069290821350218548186974176668587653702; + uint256 constant IC11x = 11500834666249894206517075029818888357187680835157036595150320912042566569794; + uint256 constant IC11y = 10625222236524492807356740110079370208109188102418579704419887770202367954617; - uint256 constant IC12x = 1168575149185240211324888653868923894417382761378342118701161407010633670253; - uint256 constant IC12y = 4706411267945777685285850214173533798828174918633689637694953529725440534791; + uint256 constant IC12x = 18076381111049825224143411559610114673113690783792848328851083183120075264231; + uint256 constant IC12y = 17241151807696198062216881364680561730664367177940656173116091242366074985416; - uint256 constant IC13x = 2708079734316722651536743890186401451097080895975517317451013107038247821480; - uint256 constant IC13y = 8977358116889422548878836900019923323513018742753199736419453246514956562282; + uint256 constant IC13x = 18451364510169040263505387567915153954911354482207025092421380365896418091293; + uint256 constant IC13y = 1263492930065030278481614479165428450888795551755252441204101302538824235427; - uint256 constant IC14x = 14554013898775641489762497185197550189632522830895044082161659057640931772313; - uint256 constant IC14y = 14889482653403760930884332940306178418612364394102374456894952099223376786830; + uint256 constant IC14x = 21557271937691250944604817969075776869572327921381748598093805058055364675382; + uint256 constant IC14y = 2836455568081527627449278837231945506251083433638642473587653523569100114637; - uint256 constant IC15x = 17631257501386282999336267319522575091683306188832359641853067203323908074688; - uint256 constant IC15y = 10615533054645729953317855789126996302922886998690919996970038510603834128347; + uint256 constant IC15x = 1830909393324537755555709765026971523236789684214153554380484581693135723935; + uint256 constant IC15y = 21068113563481994679245374860355836161021339697312248094433479370934515451200; - uint256 constant IC16x = 8897432937336003372807056990365114855955385048457406053197873363788354880005; - uint256 constant IC16y = 15495321263778104158978910688387535214246249760036312084039296565160541778498; + uint256 constant IC16x = 11323220431842225102481559113791044767139113164625700896793186678487798847741; + uint256 constant IC16y = 5097446564327053568314477297310301901562468521373501658833148993862660836660; - uint256 constant IC17x = 17086577629138371227124213198427084810777680166485068873604751243294342243364; - uint256 constant IC17y = 2640178595987583846574831316748354322347157846109908443707128260937216710831; + uint256 constant IC17x = 12493914728195496222179273208316003621624853295718398849363619148486542758948; + uint256 constant IC17y = 13929000355918240912783087207522794697670133160373892491732663590746265725429; - uint256 constant IC18x = 16132408164886035123611840951332115843280225485704624516330514903402244033844; - uint256 constant IC18y = 14202215506801408940555491892923501280472863665075679903230018610497055124407; + uint256 constant IC18x = 12196477888450095144631113248433088165567496228974853259061336126355061433132; + uint256 constant IC18y = 2593734875576368754530901115322716277329929337821110679278653598281534577027; - uint256 constant IC19x = 11075384166226685133901189117990358459979678656090407099645665784140519446199; - uint256 constant IC19y = 10268254657997113972405744160462847515017885202341772715624667438104613841401; + uint256 constant IC19x = 19157133362169706067425507599439517487346982421360162947533618038435688460883; + uint256 constant IC19y = 2197367399999210168073557297719654236896968421428125867638562390043049905927; - uint256 constant IC20x = 16557253902183535088299722558553861661224436217793266741175101452533738391452; - uint256 constant IC20y = 20745617385071117222395337373235588040367724445790169286930647533849729207393; + uint256 constant IC20x = 17676616893182722038184797005091187792591287172525628880466940529019202338232; + uint256 constant IC20y = 6421633775748634968225616302389477201287861997904078481265131439393505179076; - uint256 constant IC21x = 20276608125826464320376441606771761357230362470337215016714387155148950666599; - uint256 constant IC21y = 17239242738104373845790998232385943645662169711985953967303958257047014479471; + uint256 constant IC21x = 20385997122851512380113704253865887187323114383215015031461647656151596858613; + uint256 constant IC21y = 7260981333215033747977825638549821485672849697997346397182358438850672343241; - uint256 constant IC22x = 5468803742491520170652456835172480096975199763110920011227423237939965120207; - uint256 constant IC22y = 10174598386076821485585800465159883129504130989583486981573994868686379305592; + uint256 constant IC22x = 13999922842165919432862939195355754862945480183509940013200483835153838109551; + uint256 constant IC22y = 400163328287374113717183118590344728496928291194359253961837679770283021908; - uint256 constant IC23x = 16599048882137769684318845208760094357578011339397607490719154542208418938756; - uint256 constant IC23y = 13707639706540078382732652651030837558499924834000166193089217038693941304921; + uint256 constant IC23x = 19458055711860628943708443169030611608754382401303100174185166022968492361607; + uint256 constant IC23y = 2848381386694903189363259153112379900106707228073594084492169187784172949632; - uint256 constant IC24x = 15500365059494035595313116884299889945654503047189092046213356892620745679761; - uint256 constant IC24y = 3011251002372418632018519536826417868656538639481362934022721707993634028436; + uint256 constant IC24x = 17531046966640079573316289123751632058366589650567343583061752365060469197314; + uint256 constant IC24y = 16462363270846382286366303329373338154741806960837952304208472648401068312723; - uint256 constant IC25x = 7753191558285517673913730304558808219026687470773211539615140473091639976801; - uint256 constant IC25y = 21027943544731468810145211491708040194061275482321933619845807595195830153424; + uint256 constant IC25x = 16798288305215215084918804845752642717144659018137592097061628636415784683373; + uint256 constant IC25y = 11467990998187098132358760989945104347271362685533654409959629758948243439095; - uint256 constant IC26x = 15960757957822522316310966391345985404864097297323560625516737351925975813261; - uint256 constant IC26y = 4347910655717154598004544319915545683055553526828690820284353401002638182272; + uint256 constant IC26x = 7131341148725923062606977990723516820447565213228296843410134097107044444246; + uint256 constant IC26y = 14786619507058088049423601195439941140727663081696792947069507487258897239548; - uint256 constant IC27x = 2046647242310270851768817892706457764601280100679956790044440377297878085576; - uint256 constant IC27y = 21309641850717155775706239210200211893388849300806309076190017272113498323810; + uint256 constant IC27x = 20856664152702038152073898073607260504713974915497170470013213358589148195496; + uint256 constant IC27y = 16289984255803231565038245555195542047629395546572280647123389161444417971802; - uint256 constant IC28x = 19597691291777789593490660411582938308337232089021256869678006625229616548796; - uint256 constant IC28y = 13820011893561492651702294225486438195332162240104655125561826839247672430721; + uint256 constant IC28x = 3559951894740717395468316711337065168904775438446206161240136513659995988852; + uint256 constant IC28y = 6220168565730984299204583459599531536467445850896316477312219438812674598134; - uint256 constant IC29x = 21851557989147907820650966779309613501892960294400269160320917010221513281109; - uint256 constant IC29y = 12557462194610933903124929702503099769284858185996077647536148067635397338991; + uint256 constant IC29x = 10045785015361146439922103880268122753194557614584401670992041149651174938426; + uint256 constant IC29y = 3636243097487537009996004046942013245175535333592383120320202659005095158940; - uint256 constant IC30x = 12207189225721994604952937615696899377442678839226083655403720663235093461689; - uint256 constant IC30y = 15830428763679240451172816453919204017985215066319417687539454241048626278967; + uint256 constant IC30x = 8214743474785854080987884698401706499167027176616015038372339548021576538361; + uint256 constant IC30y = 3428810406315992284055783425099893053213425751412394897713941587222409549759; - uint256 constant IC31x = 4081908059095427843697493043351639450365605703110409523961207174007236484594; - uint256 constant IC31y = 21548923288877200209583216684211078344630771042900720710385747398692491519215; + uint256 constant IC31x = 1267549717859668451439566862713405719893723955764005218098007961338892457797; + uint256 constant IC31y = 11758429816001925927960801327235916813596014397726174910675235018229427539532; - uint256 constant IC32x = 13856212562239399663932100593091486718740554719127709669526649747051185213477; - uint256 constant IC32y = 11606635826446787988089212546591198489112765060900712690193434214630560210183; + uint256 constant IC32x = 6711601108141956980424669452891331514596660008992284700508667715390064956555; + uint256 constant IC32y = 11191350487359002842496957330936506202001026948170806569580865351098880972781; - uint256 constant IC33x = 6886077838878155423222525820388792351764063548264896251770137531272491984160; - uint256 constant IC33y = 11751057318610310230818395934629656703134727241242152533660390881350105654273; + uint256 constant IC33x = 6969583499031249624725786651021279938665233209619102259194496777307711531318; + uint256 constant IC33y = 12619377049317739439680086336988760205149563407437972645741590800514719303024; - uint256 constant IC34x = 4922806362911026274177971239322411824999727481356932313866779043681978928813; - uint256 constant IC34y = 1647157187422345530281186342478775664173617309478642934298471295512051621981; + uint256 constant IC34x = 6583002047962971819178024209787355947253075667002085983486858682679610415792; + uint256 constant IC34y = 7277493903576658302975604936999804116171838874279241410915597563901311265688; - uint256 constant IC35x = 6143994621664212907952117049980707194193475458802305382424783593007363457106; - uint256 constant IC35y = 8200689963763708865676511179816670550341929963040776220149093434181834590060; + uint256 constant IC35x = 8409562441091628398649064783168407582528957269661520187235453496268334600306; + uint256 constant IC35y = 3882989998725918782530462650946481670824992493219037513789268126696771430348; - uint256 constant IC36x = 10255139971908934264949047378713233471192075842841114250056065579445305987705; - uint256 constant IC36y = 18935081644016507039588454984092027149059279175474401447588285789996499051430; + uint256 constant IC36x = 6455316605595738687684242950455236432385232714912342332308527117235221599782; + uint256 constant IC36y = 17947945135063582453644296713215480011345375622915077708579449202303948211154; // Memory data @@ -402,8 +402,6 @@ contract Groth16Verifier_AnonEncNullifierNonRepudiation { checkField(calldataload(add(_pubSignals, 1120))) - checkField(calldataload(add(_pubSignals, 1152))) - // Validate all evaluations let isValid := checkPairing(_pA, _pB, _pC, _pubSignals, pMem) diff --git a/solidity/contracts/lib/verifier_anon_enc_nullifier_non_repudiation_batch.sol b/solidity/contracts/lib/verifier_anon_enc_nullifier_non_repudiation_batch.sol index fc8a008..5d6f309 100644 --- a/solidity/contracts/lib/verifier_anon_enc_nullifier_non_repudiation_batch.sol +++ b/solidity/contracts/lib/verifier_anon_enc_nullifier_non_repudiation_batch.sol @@ -43,428 +43,428 @@ contract Groth16Verifier_AnonEncNullifierNonRepudiationBatch { uint256 constant deltay2 = 8495653923123431417604973247489272438418190587263600148770280649306958101930; - uint256 constant IC0x = 18661541767316051609174264567468970161706692437114182144837966317529115789532; - uint256 constant IC0y = 17027817624397861211906159381942351709315937334383652511078424689575984922256; + uint256 constant IC0x = 826157184837839653966309698688579132938897321578442386264245742884068310496; + uint256 constant IC0y = 21742828786089281723622334384086099270903098394123036522913812942542854131695; - uint256 constant IC1x = 8290530862351464363086184160752799156116351836894934808112164350901009497020; - uint256 constant IC1y = 15319886729915817402050471997196227259682200322954908248090765059471382185503; + uint256 constant IC1x = 4746894749317347489473107619470551810383207615606316735952923166740572729500; + uint256 constant IC1y = 13240638548826800941394996526549480277267089363627431633233705212973735471283; - uint256 constant IC2x = 3895265863140239486594319022420933422942926366021271122764983911786669061751; - uint256 constant IC2y = 17327131053229940710633510393674716594640387470221166505664354632591126027060; + uint256 constant IC2x = 18524221492888738982283268640353228847057865771275915603395228256007586226006; + uint256 constant IC2y = 6627297324444772140329097476824137975058542316048790116975662719163158674461; - uint256 constant IC3x = 1449505007295467084248032641804391601654994291207407663876088150642837785091; - uint256 constant IC3y = 17187662067696344218494831422162203517840819920181510671766900512799614678605; + uint256 constant IC3x = 13458450701730629842728216360799480112056737119649281192974705693204675440533; + uint256 constant IC3y = 4191057959435779029699303911466622953635606417705581960636697888447962918074; - uint256 constant IC4x = 10099011567697851541392630559580266733469712273366016034447917932461193487878; - uint256 constant IC4y = 20813361752444827248104593831786670218519414398811879505285591420995782187189; + uint256 constant IC4x = 17393478035215623903531349267385222996646656147148697160843045733990852182873; + uint256 constant IC4y = 19526613028510093783962039107307336099785641349794103117812409997310795316727; - uint256 constant IC5x = 18004425199377525371529555647874305215119082921748137559234210154747556945749; - uint256 constant IC5y = 8824742347006013972503911806064482890769074621994728092024948712479345260984; + uint256 constant IC5x = 19700632609896967182947832646689621561036800401028641117587463377317044067121; + uint256 constant IC5y = 17563524551202487690430242761955559887093688697861141704761904068535789480821; - uint256 constant IC6x = 1231559026886333019618949523785147300746132078944098899044081663750754003583; - uint256 constant IC6y = 15500350979516205029529371737534331669803248984571185190497619100646001026991; + uint256 constant IC6x = 11857590879503392679306429088089973101494695329746675340826783251822572095609; + uint256 constant IC6y = 974183780329905671576079445261515232448284108763840918496967992640023685030; - uint256 constant IC7x = 12238173745854709800111972965560423796733003474905855165799601966452622162617; - uint256 constant IC7y = 15607387945007972543659352255120789239421323971551977313883398771074916884351; + uint256 constant IC7x = 2985064396858376122772659175684520416646023681332818811433944665621840535368; + uint256 constant IC7y = 6651008213465139513328686558415818478033544270060775613357283372468217938284; - uint256 constant IC8x = 5849783032212342441585915616376612607580431282248188800348204508635735116114; - uint256 constant IC8y = 476548274828105873132483807759149012831981934977163602227068520254226664194; + uint256 constant IC8x = 5526313511259471243571267211040694627689108400645452007006401447531530751837; + uint256 constant IC8y = 5815059659003639111391685854668525529449729800361592528380406106705958591028; - uint256 constant IC9x = 9411736581863360600195501109590467308242657590207494410928923388907257423195; - uint256 constant IC9y = 12826790969850434087687987242298222760431439689027944791208946116077811771548; + uint256 constant IC9x = 10848762186629816405235992423870422595954924496966238775080316415470098536536; + uint256 constant IC9y = 18164350889171823285608613464535553402700849491622694554995545840171901752489; - uint256 constant IC10x = 4030910874248134719724279512534908541018742485330949595794045081247968733403; - uint256 constant IC10y = 3898186474677372216115712850262513281734019825008231550121929178919743992657; + uint256 constant IC10x = 11409456862023263096534879642775056485594818467895934297594215657194685089311; + uint256 constant IC10y = 1125816384543235939850769102318688853960902172577339634677917051997882482278; - uint256 constant IC11x = 2485717264369732880098781373781399025480983377248142051009025546043109157128; - uint256 constant IC11y = 20834406849226036020514633978321759495429948963111368416462587343808628572801; + uint256 constant IC11x = 17454946761220444680846019893470601123016716607255609012301111483401239956239; + uint256 constant IC11y = 14599956780718734240053860344600245412971336073453884372612539956401658416459; - uint256 constant IC12x = 1242799285875911358688294329332384114191385369077998568251363037364617544351; - uint256 constant IC12y = 3376081760322732119142108066815688816016519628567837563273613249356084171417; + uint256 constant IC12x = 16356432335147008865154666826533368131781587153864856300387535396174318831859; + uint256 constant IC12y = 715432251371940390492720845599467510369652571145741102037538538177188990496; - uint256 constant IC13x = 7204252439145723688924502464118009669591754835529746135034088644077897905551; - uint256 constant IC13y = 8365282111835866924498470373240787835297630709319972194167627362950678500449; + uint256 constant IC13x = 8208114947263041348114487167850656282917915842779499004186526644719481018791; + uint256 constant IC13y = 19170080788788270357222312227756798986044665850698194152394893756056810116685; - uint256 constant IC14x = 8979836886252258551326705741039164391200440592452577851389843897090786713146; - uint256 constant IC14y = 7206277366770463323261557604330786290442748007399134061043368053845569588656; + uint256 constant IC14x = 19224543367398392211184352139643766275927041220155857208705892917656896624313; + uint256 constant IC14y = 12773391242211064893856103003840774483841545684092235873240571877827981708896; - uint256 constant IC15x = 14665522835450156568758312477419083599423149140460666047191883830987651034228; - uint256 constant IC15y = 18853389212854154339842598865229732616886438372023376577921867997286139347217; + uint256 constant IC15x = 9571567118471888139635136443799982033018321690704520618191128021915416979560; + uint256 constant IC15y = 8147929189457351074290268938346530202259838316578814192535686571565009063581; - uint256 constant IC16x = 20064867886620096505164073983657438324788848100547125643411452062403703032548; - uint256 constant IC16y = 21308879866084483596090496085008613048840309566317792908538588655730427649572; + uint256 constant IC16x = 11194997131411702880912188442003640822777581414757872762980199255982203325417; + uint256 constant IC16y = 6055765492710438160767098160555859767073344277249359921562944713660630379446; - uint256 constant IC17x = 5692133256476129917816122722435141004427628811198766593805200341200939889600; - uint256 constant IC17y = 2228421897819673848227891746754554247485634268175495903901928091821084006471; + uint256 constant IC17x = 4662345302604259059003844054662708887697693947091343494601691989255298238782; + uint256 constant IC17y = 8870894021957209729318334815498144819785681310852804828331527479936904396740; - uint256 constant IC18x = 10878386928396372493660082468181714405128132539751954845186162888724789879862; - uint256 constant IC18y = 11751297315356770164073475859142842045546680432360068446077370708632370337570; + uint256 constant IC18x = 13905467999967839880308506069247699282367868687633501191242042509716132006245; + uint256 constant IC18y = 6955760904989099106810565155867155044607345328317975165604489001324718214232; - uint256 constant IC19x = 7878803049712230516002896310567649058877767305290284870242285034970201116817; - uint256 constant IC19y = 13314629479608238209933726814482347289298884464342359647367708415935874418364; + uint256 constant IC19x = 14229123937800676480768641990329075027007079876195122931378797239619890707585; + uint256 constant IC19y = 6721311949228472235306987702824096380039272238332719988453162137214829043886; - uint256 constant IC20x = 1195224455429648431963291870582196062923120397098370405056724197378324019422; - uint256 constant IC20y = 7975206700792022613867883291086240529231152361757062680082625100551505888240; + uint256 constant IC20x = 8182180686712881668344659075496332436745098920588038489342853110122927306208; + uint256 constant IC20y = 19780050334705028390852666357889030858660453479052749697252898080424384821827; - uint256 constant IC21x = 444765178051308857659823814925713982629778986079628850498671227417536814154; - uint256 constant IC21y = 14277552638210035568437016107733939935858665282529728403462105815520159990434; + uint256 constant IC21x = 1489538266585251167776234368498709026790230985739920725817602646790593568117; + uint256 constant IC21y = 18492177771550380837685457926564782197240803355753300824770758909089245134513; - uint256 constant IC22x = 12357591404805372411800727989102933533823714100783743695033351594114806450233; - uint256 constant IC22y = 14388992151593914840590387433478950475343604700279104913967191543161804967834; + uint256 constant IC22x = 4820132068344277947288769761555313959794426810475730716988457903793528092721; + uint256 constant IC22y = 12423684489117321032194050954389244998050332824554338537555930135622358010461; - uint256 constant IC23x = 4900402163762500889360514361152011922586605082345569977948363472817950660764; - uint256 constant IC23y = 6429331276349713868990813736711227296990808268499622619610628135846460097754; + uint256 constant IC23x = 19952033835171690414892910681081276502612237100433361165104636315720553474413; + uint256 constant IC23y = 13802471673405290009831609152057463279012757104560478649389384638093977646281; - uint256 constant IC24x = 11154726511982029141645315006924033758262760296660166081680315705025567290645; - uint256 constant IC24y = 12770285530422661109936260285973218220644741626531995324675451808559081733575; + uint256 constant IC24x = 17700045406225466141879246535208492345676772958394838375527664423450243000234; + uint256 constant IC24y = 13896437174333105469988935663681913149872149913237653179154321696210904637990; - uint256 constant IC25x = 19879263575959414331826258555076176656543000145733112025663448309264492658472; - uint256 constant IC25y = 21541443130295020362222619180984657687896619294258462260951100925940786403113; + uint256 constant IC25x = 15773489153958618338212720637526593330625171477784683439667351026189199134697; + uint256 constant IC25y = 21282967180432738690693014678723793135073290137248534090114347929818782140086; - uint256 constant IC26x = 17787518551766473778594642369705227423696242964540959613897554191269415622464; - uint256 constant IC26y = 12156857218917811148992815604201651161080854530535588689566166293519599538546; + uint256 constant IC26x = 4518250427294613460855217365952327987778155656067734737292444331907356559920; + uint256 constant IC26y = 14623018032555469968612446167975353612367040048295631732912557132869179832551; - uint256 constant IC27x = 5440827282964610135135047142455924639215304533269399159397221360244991102465; - uint256 constant IC27y = 2617394538062844516495717636719464217438016030915865662682607810157428365528; + uint256 constant IC27x = 20466401196277929533785273544318756665115597485846192522870281664694140264687; + uint256 constant IC27y = 5810980182882761283880437872046872101477614883329171188575582643208444671321; - uint256 constant IC28x = 9664552259251498518996360833493584744677794780700907420840873984801312675579; - uint256 constant IC28y = 5901280610165391679957970148553735733501272805213912300338186623554102410722; + uint256 constant IC28x = 148525684504103143817299511655189168703378874409617641478664579872367886466; + uint256 constant IC28y = 19584034535682412167146865531072256441701307027287243857783210176663541459669; - uint256 constant IC29x = 10938993605597136384117662877572744577688062648827496000956300815584249820446; - uint256 constant IC29y = 5244789693010409670567578918852392570628512842358679798750140752397197949786; + uint256 constant IC29x = 5702883755475048839989110651062979434028150593213036598308950910874200255352; + uint256 constant IC29y = 14674610865101648130292962441263812754945397068419314423445035011326670647273; - uint256 constant IC30x = 21063171588876583036144337154903722726158485352441218100418049040644625951853; - uint256 constant IC30y = 6137455975634462514233728830437970084776104358495548504902739966595105088060; + uint256 constant IC30x = 8660489665783224406639676686936559481644532596999652062852705867101673336563; + uint256 constant IC30y = 13757101899297877375244907374316306721763982761991388141328819294578949673628; - uint256 constant IC31x = 4285453364254616050143720909650203229606601880807582160314126106842627787308; - uint256 constant IC31y = 15134983436856213659499917391343544237208140799667398421058415399167650631064; + uint256 constant IC31x = 15643812874650484436367986523721712371977990880227353702720140285298437237604; + uint256 constant IC31y = 12278191208536712683666353574943448009061686228398744894651959062637013143432; - uint256 constant IC32x = 18813748264526039931865361291873463440809627382704273654505753787409757183772; - uint256 constant IC32y = 19283432077583827169463586783705859172919693178783513641664439121147734315924; + uint256 constant IC32x = 9915168287464207324757985122067823032217343793889725156189488239940712816316; + uint256 constant IC32y = 20444358008931061730313986895946962624491749816501380610307219251665847553145; - uint256 constant IC33x = 5730840652648682976368351799112185356414756618795701057881438711508234537407; - uint256 constant IC33y = 21770378519580684365049645389060428842136856801212203451989491268626539195644; + uint256 constant IC33x = 21416542908997699808840915928453628961898094023574436117379043002220648407376; + uint256 constant IC33y = 19372058037138284746937381438649918932967298238912992146701407101433230944731; - uint256 constant IC34x = 21192703526448061453505020688096201733772674834786965503542865889692571117098; - uint256 constant IC34y = 17904920392426946092839216956304265580142734167486168296609137207620441904906; + uint256 constant IC34x = 11919318873421973706362265934961452053998079993120876912669152345591555763917; + uint256 constant IC34y = 7469706204887779560671396565151138639787723587688022187145260516082657991984; - uint256 constant IC35x = 10530748668942367576112655924143186112401460144542087868040130658706819931389; - uint256 constant IC35y = 9440139834894339716077331046947621494338984756765011023212787915836028468902; + uint256 constant IC35x = 5754354157639317979885626517732874614388017536396753994752902467523655405552; + uint256 constant IC35y = 5118293535313205032602944788163028998490759758248121860520010900945147974277; - uint256 constant IC36x = 6084044783537120148872300957258020219660731766446295703377014074578882336665; - uint256 constant IC36y = 21567392058984849200189968433639072568029807708112007538841869868188578282879; + uint256 constant IC36x = 17044592268614076527102966286986781734902928433856394184129025643534639957561; + uint256 constant IC36y = 21312980466718058420313182491185106686697221293561160344435320087892177358981; - uint256 constant IC37x = 14405662286404153023584090155453350311513411721189007121167398354907313900355; - uint256 constant IC37y = 14790890767138431160978253615991770487197902157843528246503379902478314270349; + uint256 constant IC37x = 13337098613901567247517252856476420462637370385003022909729477463467591853253; + uint256 constant IC37y = 17309372691982443619771407720475776190581851828110067252584711473555502738191; - uint256 constant IC38x = 11938481876387470124087593615968509210067951431803427314659516551098397053931; - uint256 constant IC38y = 19347112465328291637986581591944982535300004317254694362960421355197724656245; + uint256 constant IC38x = 11676130393689452381497372483908750003907347658574726075506873380653742171662; + uint256 constant IC38y = 2429256806244054090856707337337149888651724446695376115620155627920545546053; - uint256 constant IC39x = 1075463559544134625279607002485395601183611503949963087105677039498948248717; - uint256 constant IC39y = 4142105785035347126180725749797176989767922193424152066799961615192068304984; + uint256 constant IC39x = 8066888946592112579713514929794257850762976899713204999308616827949869388947; + uint256 constant IC39y = 8222007192156727813640229488274146824955792995077557213998898843955869218228; - uint256 constant IC40x = 1693295402625411914931052475425764915688700998224995096798561433706914704876; - uint256 constant IC40y = 18717955454546563713384814107764143502434638172274849745708370875986600185599; + uint256 constant IC40x = 5491375329334337790452763338850169650607255801506047678188772087715168500651; + uint256 constant IC40y = 9349667677950228626957775242135920999633516395781771994144820875819863554653; - uint256 constant IC41x = 8922612364071929507704452489624681249999652907719326689742117062171828793123; - uint256 constant IC41y = 4855092092685682119218308613340268934094886876805204874931882681238076408275; + uint256 constant IC41x = 2744242472255418593756301091356698272930588318768348942155124426333086725768; + uint256 constant IC41y = 4876873966161863088028295225876411626084710544321060915718008446070109783573; - uint256 constant IC42x = 5411403082845296716589054160110975182414555527533966717627019018728583277680; - uint256 constant IC42y = 5654580150674182446974979733548675671299189711073467011435367646037262262067; + uint256 constant IC42x = 17355227664894797270121475154046488271680910616767779733132872722484250035928; + uint256 constant IC42y = 4878598063167171967939711390987805966387500411757709427749776517519624139512; - uint256 constant IC43x = 20223726568004953115170428701772243422024277319355489039095000247419921818190; - uint256 constant IC43y = 17393301240661145525114573592672198661519746932908778040755807541442745325010; + uint256 constant IC43x = 19438365678425871542769721603087558691239815886199726757495931131297122921782; + uint256 constant IC43y = 3308755846627365850592957180041108534158192194919194595251630541341185829708; - uint256 constant IC44x = 21418366877845232999923590788274663390891009929525345580697301726741618242760; - uint256 constant IC44y = 7259320239673760204603045374096441112438031907493183437941838108467610268995; + uint256 constant IC44x = 15061110201445643349582081464763811631147468121692944559573198601967344830105; + uint256 constant IC44y = 20659530390870449288869061999153707857602168157429398255050816264117570628766; - uint256 constant IC45x = 2499800344704057769605341561282197921448539905608472116741371605823137078226; - uint256 constant IC45y = 1829761701930088272022024336229999930163862509028298356800355807529899698822; + uint256 constant IC45x = 12048801695332269662898388084053238320192542762669397948392671151039324764888; + uint256 constant IC45y = 19401546308060601556467042664739279589065791545482690215004142226049781774018; - uint256 constant IC46x = 17627540420814572210327263177013308974131079973326762092203694886755545779963; - uint256 constant IC46y = 9725078955602846786266467152728676384174538561848271866608047165584565867315; + uint256 constant IC46x = 12372207617877651124884123148267175656588228458508109379070347828395766217625; + uint256 constant IC46y = 14096305196424523199778723582548050520329775109946649129456301311387987086227; - uint256 constant IC47x = 3051018737292416739311929157133564012575859300469614483117733117240202186724; - uint256 constant IC47y = 14168470224022205800500122102283090607918111099020213879413621019447853958482; + uint256 constant IC47x = 13203413631696793419520740170543715048623014126416296874805781132878429539819; + uint256 constant IC47y = 18246591970703604264779467761834250627531713551696563162668113524974407714463; - uint256 constant IC48x = 19054427353388656591808893031730873474293337301315199690994751079717690031677; - uint256 constant IC48y = 9662347661031655835453719196504859444616800481582278955367667203258520578308; + uint256 constant IC48x = 16721358967806068851951309178286520570467796594625576954628874257553613364824; + uint256 constant IC48y = 3089090929330067329316059446638318241765155625330360045424966824372054540004; - uint256 constant IC49x = 16854732429937899147829293717912988825386084928935551183599465403046107874955; - uint256 constant IC49y = 8548024066405243757853737878993122028984960944975486911133020489399069480802; + uint256 constant IC49x = 12952388348250235750635119542416229347463479898873759194372904116544009658224; + uint256 constant IC49y = 2192763573865916387406901072500662666275151597418900217638086740576642858510; - uint256 constant IC50x = 2847044521256689534601247044437409625138059084218526002670818067271565365755; - uint256 constant IC50y = 4326278511430235987737935932840835942332298888501572236894677527157923052380; + uint256 constant IC50x = 12298259621852842151414299060085222611025879721498610152138128979717484452881; + uint256 constant IC50y = 8539856172118242378660984340364880912039948008672036719265678341058456831329; - uint256 constant IC51x = 9015446185384557285562998107247928170898367982310026835510136352364491945259; - uint256 constant IC51y = 5255896410873764053401201830498770292646731025609056693183008255418244450285; + uint256 constant IC51x = 20346045372184266801926255919894305496939531094207199151840133989742322465231; + uint256 constant IC51y = 16323254840889500707174771954970474817774663246195117178426198616386975192968; - uint256 constant IC52x = 4950103376930366314730429983358661352945513859143354243861328749032331458691; - uint256 constant IC52y = 17416747929840777259377319178740179493934338441600715127231306249291806560891; + uint256 constant IC52x = 9274065811589869298692322151931836403771807605767152939532470348729845201721; + uint256 constant IC52y = 13015569382279394476329750742246652363049070655720725939080964949162777399787; - uint256 constant IC53x = 13081050266706996053359757601036140273020997174257563376032724368661472665850; - uint256 constant IC53y = 372887152247490211526848626935646291154336529920869077889318378962361920112; + uint256 constant IC53x = 17108673642141327918097180810830941946183826149666856906037528254635986233493; + uint256 constant IC53y = 20869263177369480940106876306681179252112426199813141624453449973667392395638; - uint256 constant IC54x = 12429094425269181398633639505581359149719082500057914656650335660243471270674; - uint256 constant IC54y = 20111268734414621426239549019444859455870747897237472432664765455809484207042; + uint256 constant IC54x = 18209515825884270918635063148284992072921376660033468784864779478728674734994; + uint256 constant IC54y = 4220686285118561916788421389250040446469740622672773969569807583380846393928; - uint256 constant IC55x = 17198838342969691979797131840543950415931395481096816274517217440538456056682; - uint256 constant IC55y = 19494354287961014260116083958000795960241014177072245313106005103088466598445; + uint256 constant IC55x = 12726384677330372456487240773373174693146283900274731213770863379635166160563; + uint256 constant IC55y = 6002142423260582268762371165496581300428286005776909264725359022143653642629; - uint256 constant IC56x = 21832079327400083902152098762393081352903491328163852887064940857763596841453; - uint256 constant IC56y = 6732737075767086157315264129728085531210069527299646319990562878113433676733; + uint256 constant IC56x = 11539327439435338172316631770330101731699067456547958470221864627372371473256; + uint256 constant IC56y = 19048774016782733097804738400439507117844152604202808823332951705813955433122; - uint256 constant IC57x = 8900365497585850977601232421640686786459031413806364904415786280025984860449; - uint256 constant IC57y = 10662771739912792565888366657136133399971990646871514672555272756211537563273; + uint256 constant IC57x = 17238391568233777715280104294983104201721059311954403265623356335759519147118; + uint256 constant IC57y = 10609581253004071998985863656324426168852529153267182168497844039509547736041; - uint256 constant IC58x = 18464224454680615430675080145928097268581104620658243685754317396330660638868; - uint256 constant IC58y = 2472001674480643113511972342454707735788777619454490705090296712279037741804; + uint256 constant IC58x = 20327561197734709653052075199809462875983850980988445292361673163585369583362; + uint256 constant IC58y = 17203217249629478635023115933751710224458667137619944012870845444974984101375; - uint256 constant IC59x = 14859821171835094504829172401985414481528907040537745901756395383093345667417; - uint256 constant IC59y = 18869834216287495376563325850957655139335708115583959439244491002121516523587; + uint256 constant IC59x = 8063918969953662566872590678147767508246022221816569058166177063973747185828; + uint256 constant IC59y = 10355826751257755566525719098541992666255422254620085445317910160615919309582; - uint256 constant IC60x = 3046941047900164081321057301675318957704472711407257436629522128887351880960; - uint256 constant IC60y = 1907267854362391848955157464815382825537910372695376808622154862258739350240; + uint256 constant IC60x = 9862417231048402421457325053647613367893514460584387671701939401818804994640; + uint256 constant IC60y = 5013201421734134446005996908935567804779695898079493018269304155859569328732; - uint256 constant IC61x = 13494947937733797908758256330651992273293776454294282943288109392350144526768; - uint256 constant IC61y = 19052993329977246557079453635349172401839766276542928512699463255626509690329; + uint256 constant IC61x = 4030989414935491896217560815716291086678130517545251413741879943354139650615; + uint256 constant IC61y = 10396909143371005608632073798860994894662020124508969454741062498737606138850; - uint256 constant IC62x = 4776818335677398018464972510234543575208922620199842141498075905239781590615; - uint256 constant IC62y = 4366976049582490160511746449678825906064258487058624930970381588651901769101; + uint256 constant IC62x = 12898255110528712304997629639582499185017878021562632543821488544259615212384; + uint256 constant IC62y = 15590535970211213694963420489115763408937531562704274335342207909779548619926; - uint256 constant IC63x = 15771138750078864180894925618157182284945058455765793215029251683233094841821; - uint256 constant IC63y = 10985279413987590693157536452405134612905339861193780535157538615671888977690; + uint256 constant IC63x = 19226726305682812389085823443500316774265924893878126969472728765887962088049; + uint256 constant IC63y = 17097944269626305792359768682674455840496706373797337814395342896291098040157; - uint256 constant IC64x = 20572905388774684163930079237409588977220833645442654071317838448712165795310; - uint256 constant IC64y = 16903825531453953399509160506896585992516050819869650431832409998065353914194; + uint256 constant IC64x = 6525714488871153169111941478878002301027598689610571669687837855845766123091; + uint256 constant IC64y = 15759047568234518503952547354526181526703827179386697788843826852344411311219; - uint256 constant IC65x = 16564793720980064340325329377478679173982206308998957537443537050931908055865; - uint256 constant IC65y = 8705970543387410098124627570877470071227610203110874911312854655964794097296; + uint256 constant IC65x = 16731059791994759299704933778632740846751428181891161573540358547049842000139; + uint256 constant IC65y = 18039545160362699861356865092372561057914683896419930735393770020730911268250; - uint256 constant IC66x = 5272121417098614660475519610432691477226381620982090847505498486255158093666; - uint256 constant IC66y = 14944469529178805605746669750753537613866815635013215869688353526019435635150; + uint256 constant IC66x = 3274077004966342625465769273177608123164783552598792216783367539402997706126; + uint256 constant IC66y = 5613043513152995430467657510470125667457523268298557792005769859877895457184; - uint256 constant IC67x = 2465517809001382262961675129288014791030922623400271267126000847050848568270; - uint256 constant IC67y = 2407342817629996425523491601408501847093792894098903929519151472202270711753; + uint256 constant IC67x = 11463542738659454257686571308441750235343447219805531847045344022410145160910; + uint256 constant IC67y = 13087768465283646354076045701241467476637693098387142247320273466383047024937; - uint256 constant IC68x = 135616403413088980825757335695315728998428341432750229618766193657696023691; - uint256 constant IC68y = 4852872251287625001707309288598475237032088906433141550905197071209753375401; + uint256 constant IC68x = 12118662042346188875657598333484531816416087610980553991774139031367579901367; + uint256 constant IC68y = 3670164795112756016635268434130271093331863931949610562730568980001213625581; - uint256 constant IC69x = 18847810726107961677955441820675552242108741380857994112186261043387433580602; - uint256 constant IC69y = 4727817968701380360303074114482241305342688945092636608075034425998111515333; + uint256 constant IC69x = 4719195397158798923371487398950259949629077694083916390352862679020115263745; + uint256 constant IC69y = 2420369729797784429581020366117797940499344312946265976554124864305721187561; - uint256 constant IC70x = 11647168154675375375969660306071353878588601716209484097884932063094745013732; - uint256 constant IC70y = 15204911198250064580988373088535558827261157431453326970556131594345132469906; + uint256 constant IC70x = 2194519592217201767959684732333293028469812614635597636712978365884707647742; + uint256 constant IC70y = 6368010604531002605306772418251952334127776948642303236786375117223103233913; - uint256 constant IC71x = 18964289156676730415102685012481736402637180263062196836793875559124505749944; - uint256 constant IC71y = 7381536515170724044454339699377821825904350903963573383615265003638603277741; + uint256 constant IC71x = 16313908363052888328645348111739429434829881627141534043376952281455528251575; + uint256 constant IC71y = 19487707363427000563714193148535103868080185601386617700983857047236025419735; - uint256 constant IC72x = 18042335499048138689410755793827319388072868565106993425716046286627875205251; - uint256 constant IC72y = 15891247248140703723895051525609989237582812200824079645866510533635857984741; + uint256 constant IC72x = 16156718341116885613439175411056572866350738570419269318252654740265680762688; + uint256 constant IC72y = 19772429625444200125952873785084967255656903218801373799039089065868343790734; - uint256 constant IC73x = 1159486623064006693067951596323604993592829542758052587339054811496429762569; - uint256 constant IC73y = 9546786506258753514595486502278731091679917184293435425677619292798554375137; + uint256 constant IC73x = 9732093750868689849502768081357868036388143463986117295789993592420322000139; + uint256 constant IC73y = 18536468252081869603437945136679046645027081801246786137358914866571120855316; - uint256 constant IC74x = 17487262759523522289818146224159087189091564846330103660288857591582913625946; - uint256 constant IC74y = 20221327525378622776607060237318445868782593024076036342172033358035678144175; + uint256 constant IC74x = 5194150317442063293254743121434371553437505062507497643428537499716513919244; + uint256 constant IC74y = 8475834485767274352507024685426442505496836509323131365677737834285805308559; - uint256 constant IC75x = 14609680057861434190045318669467053401349965426626083168819493818144106553235; - uint256 constant IC75y = 16502019672201373271942885049246645655639885184739375438821347436111995759785; + uint256 constant IC75x = 4407865572688249821437688550774360756513682264570451035646152555535192423188; + uint256 constant IC75y = 20870603234091203673963645803198590617097699679363240561942649760052994787552; - uint256 constant IC76x = 6391507738993717621965956932278424933242868423385013740480990031737412227471; - uint256 constant IC76y = 568402907950443456493050036226578902911484018968368279168622215548724685855; + uint256 constant IC76x = 2308024612458463850137964184703510924198133715352642010605351233301020712542; + uint256 constant IC76y = 13899483827168171870964061103244441429869094641580952417782690554345143332205; - uint256 constant IC77x = 20943022084382132046175910990582149916492501026179582753629511105908454975439; - uint256 constant IC77y = 4816473311686872756271209654094467494758420097327068950556634997356359807723; + uint256 constant IC77x = 1796913307364504950147571744456872983912308856872076973041842740015799259751; + uint256 constant IC77y = 18610074877052217009298115201702136801170105896648812596433912793197175262944; - uint256 constant IC78x = 6946988740001009508149355972939855868485883758419715303270425179881978895093; - uint256 constant IC78y = 17843140290940196241759859422462552201717859857280533133922678202805242366221; + uint256 constant IC78x = 21094494115717204612689789415533238654351331263871578917192657068796763876966; + uint256 constant IC78y = 13127434905898005254590194735296818446192278140932126103134238666362412476206; - uint256 constant IC79x = 13492105886886276705432681920086878786729006584295332118422032546407372914130; - uint256 constant IC79y = 6608918805134881986552650629293993158549830141069004899863810729146126262736; + uint256 constant IC79x = 21666775507500320751477783742385543441455874722349529582964996548706991433260; + uint256 constant IC79y = 4558019555266563638910604011878684457480147766329410148679531103314692446188; - uint256 constant IC80x = 5164147440758692246579351640169841712431571007562520170603114187079672005697; - uint256 constant IC80y = 15938644314887398033226147609293834494627813517637109800668356069657148782843; + uint256 constant IC80x = 13234413774668275572995458839125712503294553533241665118299078145835005309898; + uint256 constant IC80y = 465741220687572200861815756291598962337542383042618436832593678772001164884; - uint256 constant IC81x = 18168763744592149673824797160897842324690653219489944269079766908599462759958; - uint256 constant IC81y = 21486624939690409064052442338314399998080937220263845437663393119906889818817; + uint256 constant IC81x = 20434464532979503243231842065861265623711775918088681555164796255561895618450; + uint256 constant IC81y = 1494280528939544680291063287620520911993556033404287457514982614438470877206; - uint256 constant IC82x = 13125636961831578248000769058943432273936814142540619927929334205755160511102; - uint256 constant IC82y = 4743025077654646418671592869443078863169252049573567357294567294100287446335; + uint256 constant IC82x = 8100796229236414634748030017963921160155013074960705130376291434414417334405; + uint256 constant IC82y = 14223582895011849690552180664501103046132350336775850294576294120494324618184; - uint256 constant IC83x = 19137467410506969218793974657644565416246693234289250668021746477663753729830; - uint256 constant IC83y = 11330568293402502526494407671052677752822871957474160746494377147236621415110; + uint256 constant IC83x = 9502078604422014536822327582310309287463802983620974392971553195275252263839; + uint256 constant IC83y = 17506629600849181810541185383741756865937156554388765707738060098076094551535; - uint256 constant IC84x = 7812014271414356947418133088851333947862738989513783358985866880257954104936; - uint256 constant IC84y = 7344391555329317602836876400481223521644563396291002175867293608953515135759; + uint256 constant IC84x = 5124383492683288984602895845955440873277535766386904126048904444355701181259; + uint256 constant IC84y = 5837481690198558239047684739904260787223973670556255428503375384126196487496; - uint256 constant IC85x = 2505833952088428533065273449357958818248012931924167527089480179409533148665; - uint256 constant IC85y = 216584842153102998394386138038331022820004378489561403536169979397685792016; + uint256 constant IC85x = 162549920853078761444010995874196485205175127211133495618244064883184970555; + uint256 constant IC85y = 11691300811572378864596788415579532390285951085084989296209683874479917238640; - uint256 constant IC86x = 4177701333026875117285121192104523363912331905743147453596106447458824934808; - uint256 constant IC86y = 4718163794557104373228888426064680473587017940820613475684560578732698089652; + uint256 constant IC86x = 21108522543888731043642121885009948773143287991367857229248779711883343848765; + uint256 constant IC86y = 10200200589168501190311809446966431964384372994364153432001988525310380441812; - uint256 constant IC87x = 6772700591886189227393721558819762843449076585387657355939587014845314634020; - uint256 constant IC87y = 16139733661722304090182689345599044092552785698561210762817729102853011710215; + uint256 constant IC87x = 12643512043376868474658575591454771585094499948007824222762122842844513094345; + uint256 constant IC87y = 2665819945679271165517303814495263934091552418991978062316672614227297060904; - uint256 constant IC88x = 5870453983196032707637131118036890401739868782326059275242866306823552244871; - uint256 constant IC88y = 8932553547399455690178561037143849196484056798407338781245637942548231878392; + uint256 constant IC88x = 21061462917778441256072778436458004317547468876115424924785474823217649137974; + uint256 constant IC88y = 10725953902083695646570161950372721147826070641896061097916400333069479032955; - uint256 constant IC89x = 592010354761867168309306218451998092163597473030477622853003123746521651085; - uint256 constant IC89y = 16774535586837785088908866027752694064246248093940498881994929993119839490788; + uint256 constant IC89x = 10937993643342145485480508931039094564006760800395856126079514790819729662001; + uint256 constant IC89y = 17155364566457499511983917901558802706819055589255729088780472649994258831158; - uint256 constant IC90x = 21036093175151368402032437427146732841518492702138761361562487105214365562936; - uint256 constant IC90y = 9473952893497293592668316417218760211325873477800389494596940116333270257950; + uint256 constant IC90x = 4606526979214952417219364414767328641293978651151932738622234881857593193833; + uint256 constant IC90y = 21153687967774088815829128634387540821833249150347842102838157959971901078896; - uint256 constant IC91x = 11910417168267165196166681651489397740738495431878894208887316096741483922299; - uint256 constant IC91y = 11675910865460438395364617198484948759908103100872279839511216552033174727773; + uint256 constant IC91x = 3336134534754836675732799972373260563456751804822580826473449201085527666887; + uint256 constant IC91y = 5400108187451749259265805590317793112687258942267723099263277949796502398169; - uint256 constant IC92x = 19752424308229585100076978526907742333983089067727449498295756167623086361487; - uint256 constant IC92y = 4990245449506153087404016469209638705038579736418075571144063397891773186575; + uint256 constant IC92x = 19602768267271843456540673641182709055896253141167046092220609370466478685935; + uint256 constant IC92y = 2998590709911644794553334231903990848010841006438085071303720415070642244990; - uint256 constant IC93x = 13195091987990165518158708565729317824979193814880020441249981877585976612151; - uint256 constant IC93y = 7028253471244299500124016857410243619476977456399069992147457182506951023461; + uint256 constant IC93x = 3100670684012354968142548754339409616124394261333300597186759543643537977704; + uint256 constant IC93y = 5653949714850389511912844724703786201276328830106331632543453250224515958974; - uint256 constant IC94x = 16054355012960747739512939854225639195460158858777087549521950281892165726291; - uint256 constant IC94y = 21786927862960182409007865612175949742399509392956899474369467964496599144167; + uint256 constant IC94x = 18279623282514421263615807019661967099392480444301728363160695373346714461791; + uint256 constant IC94y = 15909911032904048431882399556833480353219212752477818486069671596655698008098; - uint256 constant IC95x = 15850538787557761732433008924365328782617538546072231385830099279297832606923; - uint256 constant IC95y = 15366369608274860188065197882438290540374088174467927583150666534465493801214; + uint256 constant IC95x = 1624354144366023301343998377738757684019822708447075626764041443311690618661; + uint256 constant IC95y = 3293614553329473790025323083778755639692257019025844423037354487612880828986; - uint256 constant IC96x = 4300245880274050408303572259804740576579700465315016679772167012413722260060; - uint256 constant IC96y = 11168535071890702208038176318385291274179003858260175657013229942964148992275; + uint256 constant IC96x = 19516200069266880644535003163630693526021862665897532671616481079510381196779; + uint256 constant IC96y = 18810305309675823704919044671093109456932316756823317883575530024476293567305; - uint256 constant IC97x = 13636519539976731378435294734072471367642438716628600496375507983251648554538; - uint256 constant IC97y = 7204525624678612782955151743223150687801204950498704135076407306210739670238; + uint256 constant IC97x = 6225443160650609947497945349441179833177484489632740055317670545983689812189; + uint256 constant IC97y = 14374359666273203356436161015681806386050121767229106931098283887428512870836; - uint256 constant IC98x = 17991460694531456743164170316251470028989220444721668620853690302216768989783; - uint256 constant IC98y = 15691078156034557980167065705535002816884065389588885034466254405238230228077; + uint256 constant IC98x = 21116900684263962287551474266041473639710673982518850644377861741931501829806; + uint256 constant IC98y = 20942936276132437977541187481144676280063001700149138937936890427247227691845; - uint256 constant IC99x = 1070011449150845926480182574709066308750771831902108141629633808907164176057; - uint256 constant IC99y = 13927174290784804930519348748870326322284493292949248096811434553497450396059; + uint256 constant IC99x = 21743464782683822735399391589185686414341315122288606146108363580309708917576; + uint256 constant IC99y = 2018388646535398921915000439398620625106702913362010910131711421262465435170; - uint256 constant IC100x = 8338577724146839700941475178822890445374170196498217399498434071625919202422; - uint256 constant IC100y = 2688989313896548898744301395790274562621167113633702207955842334376940254711; + uint256 constant IC100x = 13502708181191886997316713063879344071723171559165690804258930247542111062622; + uint256 constant IC100y = 15289894526479337736486336662660326111283940160348129468107883964256694572854; - uint256 constant IC101x = 9437699271768812204644228843099583518043513113249726789653895387646747002024; - uint256 constant IC101y = 11618437177218039022402738164051598179334836563956404442882200750690398399493; + uint256 constant IC101x = 5773140365203914028039021770509729705417034013450086498073613046923746002512; + uint256 constant IC101y = 16394879513597359596925690343730698471359740257223310202814660499915334887723; - uint256 constant IC102x = 1578462578225669314462013356257096712213168979041299424708413401945313546551; - uint256 constant IC102y = 7662689360716154920223433981140096778548695294186947422788729050649143399761; + uint256 constant IC102x = 9161392031804917364180560841719664740903442409816307372389793344846863460025; + uint256 constant IC102y = 11910988874170355457952284900422055062538420465389605609953218450887094591062; - uint256 constant IC103x = 16632349528557961222954699765821427121373405318547654427023806751686620821802; - uint256 constant IC103y = 19788864921591399658904035416649564158003782631038837252956658781921532876740; + uint256 constant IC103x = 17462350663242948196024992388011969543400793032307005402146818235731222788828; + uint256 constant IC103y = 7652745572543869102091904190454546474651392963098199032616714248383551132332; - uint256 constant IC104x = 2128222222182231681294985795047114361088524924266638979016904427793859499009; - uint256 constant IC104y = 4277686753151850461432277996986988236361314044952001045089080696267505660602; + uint256 constant IC104x = 2784400783267617601926945593244486447485959024230157406350600020222068514559; + uint256 constant IC104y = 17398376234061707451762388655977373858620748278904707533477326447183628138439; - uint256 constant IC105x = 17974876206734405508378195193436266162436944484609660774541180888678807432661; - uint256 constant IC105y = 16634598814940740854310691800912580614319313365243037093541800170862459230004; + uint256 constant IC105x = 12097725807837544196195588675404677707018171528889276246825960670646183997842; + uint256 constant IC105y = 7532154443724469932067466019359770257331948249041173390213775046946682044007; - uint256 constant IC106x = 16232011361908395180117731401023228687384416416707856387243078379659682428005; - uint256 constant IC106y = 7145958720937512629523974303440226912915909129115037111610414298361630562767; + uint256 constant IC106x = 20077888575212968033433905351389341870581319883690554849816870051347108301446; + uint256 constant IC106y = 13825932711690206685798318858405095176747033498238440276869727140102077766284; - uint256 constant IC107x = 13760365117793325818833401137286190085192112246956902579325376135059002559868; - uint256 constant IC107y = 15257964259747735593147038335203563744576715819871245594043780729633317148353; + uint256 constant IC107x = 2557009863935539124440444175952744613636316221921593236683168366027505232927; + uint256 constant IC107y = 18115046894593959638536880465256164863995949222725423135923295588197425816309; - uint256 constant IC108x = 13118864062189249465555873002994238255601526825261607449928594519142068712427; - uint256 constant IC108y = 16801874707522164453847486353006599208417362706561212219869999224390739183766; + uint256 constant IC108x = 14735682162751849675604225314244737230380189912310276084057341540672960955634; + uint256 constant IC108y = 3258050244185347765411950491359954951774241596514281770699275736798694098069; - uint256 constant IC109x = 12953388045150449412424600509780118582310290208827538761630220836059136281281; - uint256 constant IC109y = 17720559438076785150524497494734515215701577439362321347210540282529058433508; + uint256 constant IC109x = 5893305612548375868817817323962812843687497574698353284493480359133331598021; + uint256 constant IC109y = 8605121411925058247076958970463068238644692272472344324197489710078082612365; - uint256 constant IC110x = 4966127559361948475617770613833731684135841462261921997602151083975129743116; - uint256 constant IC110y = 8012766292601003262418068667878583758765369609693160542863832769539254636288; + uint256 constant IC110x = 4024680915624335053865818736378806033400291123327791809486550385777680867736; + uint256 constant IC110y = 10429528687130879755650027413949175147984204185249887475109543068891483891057; - uint256 constant IC111x = 12692096397667445903693288153542731474948538324887280315333267807360833711361; - uint256 constant IC111y = 8684340216217747644297378067680446004910387126110247728358273461605498132878; + uint256 constant IC111x = 19692876542629295221819554407315926163048146265681987336617454253128850005487; + uint256 constant IC111y = 21300287342984937819076816070426696200120746263824422254897642561211466421103; - uint256 constant IC112x = 12877956090250882067894738227427381144263240018034897959697660480469444341115; - uint256 constant IC112y = 6211381135153817287877555950024085077042852882501814448897921704987647196472; + uint256 constant IC112x = 1164519584009728404318542542458544593323474179409249703667360884280903379502; + uint256 constant IC112y = 4934865216640649538942622939992368511779730934513369386707214682227997925600; - uint256 constant IC113x = 659770306870350570897892051163537904674951266570793463636499958918018428562; - uint256 constant IC113y = 12453278873140895281212078890345999710807205115876819468700753575105573110893; + uint256 constant IC113x = 8205905809069196563100858764153448464802635588687799645628989777020639300724; + uint256 constant IC113y = 6982934729710244918842568165445133434592227196822960581461531338999086965181; - uint256 constant IC114x = 7338083693437629218199944306550052108788450439176026309289578278480290795679; - uint256 constant IC114y = 20935831499875222894045350883392610374538055122881352280747981270888103508808; + uint256 constant IC114x = 13750695178985857717244492770135730545265979582520118597953587307226490661285; + uint256 constant IC114y = 17495646185795840900271231818192739133407338941610196325954732744215691221114; - uint256 constant IC115x = 4594859155428785277107262753966455397566045047703108351938986012975895574937; - uint256 constant IC115y = 7697489625213282761045965412908181593405880587681996890854491044922798077564; + uint256 constant IC115x = 2225915496486157812792883847520118328142972166831184509489963760822617682688; + uint256 constant IC115y = 3401285905285915754385926534295439529329646480024435992170795618682896187862; - uint256 constant IC116x = 7898493897712314099134560733110150037469241454953928748134187904324643791478; - uint256 constant IC116y = 632122482381315233606083278123007374614220017554361380342687580459039996551; + uint256 constant IC116x = 4716922875285703381493347934190542015732091657991046189628724328217369754957; + uint256 constant IC116y = 7009280363608304257294656968943597772700551152615504829582852507601327251682; - uint256 constant IC117x = 11547759338043179459584933658594503946808373542592988045763206018569484614450; - uint256 constant IC117y = 12438507721294506429607783480899396172561798618616266439222769076768719587024; + uint256 constant IC117x = 18650674221789443532180745751460600209994630125913373888417486739110393469405; + uint256 constant IC117y = 2359261148886091007529625119975858285247770452551892732772524410372770386014; - uint256 constant IC118x = 18641332412692704412439399709024973196790857102994183984502898107209827371772; - uint256 constant IC118y = 14478357176691107522915384916947576861528919469957065035497833297994388611523; + uint256 constant IC118x = 8688628613155480998993614516713168425327514691460891201034652522460143761626; + uint256 constant IC118y = 15192326621581710879896941991724397097879304041252744761532508918650408197367; - uint256 constant IC119x = 18019770930023736384162142407858527890936049288320955605364360097415528805966; - uint256 constant IC119y = 11332165643505631671567050887712040658787257577707792852606751747062999361951; + uint256 constant IC119x = 10169276835081614008908455623723148057159397986474969294144351501052477116880; + uint256 constant IC119y = 4089838793865760961324752742665310062796854508405550733919368893556141833418; - uint256 constant IC120x = 13719946942659072110467615635364787802367718571130218513536297068122348247640; - uint256 constant IC120y = 18932787446749841193741287728390134070256641250370340025760086600151068120064; + uint256 constant IC120x = 13997562374888233989791695937811001038544186525846714288558487382196470238708; + uint256 constant IC120y = 21405454779835121705579382974741099887657352783760003597481757172844509991495; - uint256 constant IC121x = 15054552175146781544292770176608519445873402384752274218690208337114979595792; - uint256 constant IC121y = 6022330412585513398170693857506737440147583098989026207654328851259192034013; + uint256 constant IC121x = 1897728073013784828193837047416290778980164862215909192805452840932847383627; + uint256 constant IC121y = 13079305481540748398763293055797175652762747443305217545441461892235782864176; - uint256 constant IC122x = 5978097498307073903973955050797360955952283619914587179274380809660135819196; - uint256 constant IC122y = 433112069170868003651130734325133467301541869573957419515713159608622940175; + uint256 constant IC122x = 17331128154534688581157969507455738750824098757570011683130420632147577149293; + uint256 constant IC122y = 5024462583100295495966799040508989209090757916186020635021438441440698718702; - uint256 constant IC123x = 20738358652444273895584321742089368899185457896411968268086023709945996987389; - uint256 constant IC123y = 19018894786191096173754261799180572914227779342747188137364137390983551050932; + uint256 constant IC123x = 12478767183077300839721168110011778209430472401871616330094382805819761507420; + uint256 constant IC123y = 965749679228561092825992688173810448924568002927786065192942663578973182997; - uint256 constant IC124x = 10935515062910578438518132632416896975183122492204340883296470512180521521000; - uint256 constant IC124y = 2019285704406665910827875212121017343442281043939055639568639179972745764273; + uint256 constant IC124x = 15025746492872994051742505541637857911396191094216397625211412651392786596795; + uint256 constant IC124y = 17641405555314607415094541891090608567067560059826351774606122352732778843470; - uint256 constant IC125x = 8393385306710683132458618657121146267854718322752084316825636672458406916298; - uint256 constant IC125y = 11894099051820843180180506672172607724756405102770646136898715531354756637921; + uint256 constant IC125x = 3471163823152835166651968978255619716714207766212272110674545666284327412865; + uint256 constant IC125y = 6589859372933894019070981219444248701000901810876453486896050309573639012685; - uint256 constant IC126x = 8043043035974068680873763385362303941949849255204123818976526720765694463039; - uint256 constant IC126y = 15245258043704328774075191981706781787687192133387841062832399535016760697358; + uint256 constant IC126x = 10769763538996124561500045737039134628523214179127741404252132466188775519796; + uint256 constant IC126y = 7731435316897038611602381578625669416211140049203378092508574292338987726264; - uint256 constant IC127x = 6076241232232292768663888683478869833053095948739488447618270301952700702950; - uint256 constant IC127y = 20878501097034512716289568689859640040336240225687713402024304244764716992167; + uint256 constant IC127x = 16863961278696846466218928987562445152453683375245910313211259017884873320135; + uint256 constant IC127y = 16052962571258667881149191214426494034158847577512068775032758447770815912929; - uint256 constant IC128x = 17753973726008049585887147469506734982240386342125953472863039376697241730192; - uint256 constant IC128y = 7051290430998908913627034130037114178953517532455790253696486802634255899985; + uint256 constant IC128x = 20746759939203467966797161847282656878842872119513229329278600216599123595407; + uint256 constant IC128y = 11616152901402996933507958718335642840834489235675059538987011670281768627794; - uint256 constant IC129x = 1985587336066591256280794130084774320803065876976960084216916229724387476627; - uint256 constant IC129y = 3889243609530146618257402435361575163870914976286241938292678621631567346143; + uint256 constant IC129x = 17638746145844423563082988764048470863584378136138254845480725383648948975207; + uint256 constant IC129y = 13286392080045435215156492462681510971641667485116114264165823695122565735275; - uint256 constant IC130x = 6634970296573135512389765076017343752859024409649032683543637039375332808525; - uint256 constant IC130y = 15966619933452949040918604939484182759800552381828662858775048526956114256705; + uint256 constant IC130x = 15297574411514227611515453891186843804123931932281399925727479866939683867172; + uint256 constant IC130y = 17965059436676824672965753841883115804840731367526067552779246880866842196490; - uint256 constant IC131x = 19628815264424160203951841207921657472012227659307250633981411135161553546401; - uint256 constant IC131y = 21868611625363254355250868481892296156831624889419415297811375266502055903460; + uint256 constant IC131x = 20224444194372360823842192687172451925735235524875956619524734330611153002651; + uint256 constant IC131y = 6608404115932880869024279925765719426011688422858504251616037961164421504439; - uint256 constant IC132x = 11253237340453400273867381869670031578140381174765665226001979333343997691513; - uint256 constant IC132y = 2529642089695403767325757418050210060529631676845425922036346228804421885545; + uint256 constant IC132x = 15786588794426076074308737066897915738970488333652790210596137013321503429431; + uint256 constant IC132y = 20255756643363913391026691248688555925890274339963909654202620475301597157973; - uint256 constant IC133x = 9609229803153159713516361850603076519168741444703501375215322555296743170441; - uint256 constant IC133y = 1287183483591085350540466651218974832971283390988562712006393750028914031262; + uint256 constant IC133x = 19435799577503832649883771714527591205240989755780322188611623816120822172982; + uint256 constant IC133y = 14029952788665958327144797808220349798871620212961905305381526738890811739389; - uint256 constant IC134x = 21773169572290895568375997015909818670767363261950017434137922123240071259863; - uint256 constant IC134y = 15201428083692637253382742313091169132558991387393234099584367999952597481169; + uint256 constant IC134x = 18561598586900123620987642266356847669879643881674841532189252643871585011468; + uint256 constant IC134y = 382743190576626180894288509916250230364332354227005816619272197841954268712; - uint256 constant IC135x = 10599675637490795971958716715569609592344155201544988423675938758371887819369; - uint256 constant IC135y = 9272763735736652094491328337872020737586458825532222308338995688637811824064; + uint256 constant IC135x = 19703957940769098122787629913161539409936881454104713581900120470855543157074; + uint256 constant IC135y = 6790570194812299696777313225460437307823680849951404817226194644382296355951; - uint256 constant IC136x = 1304884794851910823911000709881813913715414826609226108759814862983933566778; - uint256 constant IC136y = 2866129546853880019936751822696697110679855277297822345169975382429960028; + uint256 constant IC136x = 9553766329913671908777643687121702266060679738355765484007165890105139371094; + uint256 constant IC136y = 6188678908555208002459654017951554266856437505516288404434976852368000078922; - uint256 constant IC137x = 10725257147826442844445920934366669654630633210174286077723500267758227047730; - uint256 constant IC137y = 19698820009728443665092786925134354076096325791325625734640902370926755579826; + uint256 constant IC137x = 286468397906750326516972194395354674186876613312638029356955908203261700694; + uint256 constant IC137y = 20520718388754120575467712827147157540139214983530730496198802895070031163788; - uint256 constant IC138x = 7329412528370528037468640299657826101833314734621528816592501093012325171483; - uint256 constant IC138y = 21886218529031566339052638076578060810139862953487250754820625908936467198528; + uint256 constant IC138x = 4573596764997444120232925932080048234588616530875093959725037973626778900833; + uint256 constant IC138y = 19842818730100971123182148819879102646308617138552718146407186212584675045565; - uint256 constant IC139x = 15325247450512183413091667626770034840206677417038972436709414199147527730669; - uint256 constant IC139y = 2780639551532060247341383297429310301096660658271595280898955088925035369092; + uint256 constant IC139x = 5397056070739777735003576750405394174876338795027790813295506447874940417396; + uint256 constant IC139y = 16264314232755745404747528333094450836052446370797578173931142285193110486789; - uint256 constant IC140x = 17634159762650310699815924219573656194017129978109901516921015680921559888822; - uint256 constant IC140y = 1567055382280427138910619130587010817603590818715885828109271617021348733624; + uint256 constant IC140x = 19381563673278202734926980571585747761322791030709560058840481750157877341789; + uint256 constant IC140y = 16823142273254240227711748520769257295541378536844794795257114710225849054595; // Memory data @@ -1130,8 +1130,6 @@ contract Groth16Verifier_AnonEncNullifierNonRepudiationBatch { checkField(calldataload(add(_pubSignals, 4448))) - checkField(calldataload(add(_pubSignals, 4480))) - // Validate all evaluations let isValid := checkPairing(_pA, _pB, _pC, _pubSignals, pMem) diff --git a/solidity/contracts/lib/verifier_anon_nullifier.sol b/solidity/contracts/lib/verifier_anon_nullifier.sol index e696d4e..a302308 100644 --- a/solidity/contracts/lib/verifier_anon_nullifier.sol +++ b/solidity/contracts/lib/verifier_anon_nullifier.sol @@ -43,29 +43,29 @@ contract Groth16Verifier_AnonNullifier { uint256 constant deltay2 = 8495653923123431417604973247489272438418190587263600148770280649306958101930; - uint256 constant IC0x = 9501235093063452297897613112367882167052010737681264908890053375807939757054; - uint256 constant IC0y = 6033645578912642168747443217233026280309182299194874485328823634817036867500; + uint256 constant IC0x = 2526153147111825271652475054685618536800479337827730131759319996774286854042; + uint256 constant IC0y = 19276795063001669301340971143202104271494569740191961224508860042262761542513; - uint256 constant IC1x = 9691565961867034497091509556099088436204143743231203784385521604179949267654; - uint256 constant IC1y = 10785511160454523043633301864364148272224852918851822069491747697267491720201; + uint256 constant IC1x = 20558041691420506575832567123686249205121781713775569640492350118632707774160; + uint256 constant IC1y = 20474159150572329834032068364439534791666193292408646948278804494116010112006; - uint256 constant IC2x = 2664427876739654522185745494777323360004553258514683488732180420264248714061; - uint256 constant IC2y = 4255691490561805233403772066525481890722307123713119909289540295555951262763; + uint256 constant IC2x = 18295612446655870340888041346081823726537159102480297777852235583097490929233; + uint256 constant IC2y = 965095848747592277682404026081602865919569099651232087512762458295025330289; - uint256 constant IC3x = 1456129673742717730749020069019837396012747979616336111462269307416088354972; - uint256 constant IC3y = 8371060363230981806714411220277506306849801910204387335972070467310920148928; + uint256 constant IC3x = 4603580366449945605591805868062260208328328538492258056519855398559874250620; + uint256 constant IC3y = 8240927279373619308873966037272009187966593921287239468424410342454516115055; - uint256 constant IC4x = 17698602033750480080630908986768434458130997132077743791339261883427969788703; - uint256 constant IC4y = 9738332346151540720512693174990434751528744024349979135524569687029910019124; + uint256 constant IC4x = 9717810072312429202051022559074264672960675999521442365706370192679078116426; + uint256 constant IC4y = 6052182684357593361261436717875144240084420391725299940389538850155360862817; - uint256 constant IC5x = 12512819991528373830228538943398132246975758924253737765077770780533287602074; - uint256 constant IC5y = 10574187136341048386474394051978643586319472401259522458233102003891014627828; + uint256 constant IC5x = 1241605996683624404299693905756616945291594033419738727783948857531200268966; + uint256 constant IC5y = 14438417672522269667184399112538154493905472019625451922242641113544553102294; - uint256 constant IC6x = 16525050358907181999114251130625404082382639526727716409927940321107047713165; - uint256 constant IC6y = 4190183310734532840746207632055926482580852066235337017901502242918610919284; + uint256 constant IC6x = 14995977654992000305684731816837728498018052697554514720654248137948172193839; + uint256 constant IC6y = 5975367488688260548897221818714183981963303849011818273909565727101895419915; - uint256 constant IC7x = 2947694833564549447872348293320551974183039101932827473069493139287569776197; - uint256 constant IC7y = 14761175126636203982537870766752000470287489849750642099693149782969967196114; + uint256 constant IC7x = 13125880797644292838466115256884035764193549939113450516592178953762537832260; + uint256 constant IC7y = 1020758836019492767823163826407902850832540708209437346683677609223415470048; // Memory data @@ -199,8 +199,6 @@ contract Groth16Verifier_AnonNullifier { checkField(calldataload(add(_pubSignals, 192))) - checkField(calldataload(add(_pubSignals, 224))) - // Validate all evaluations let isValid := checkPairing(_pA, _pB, _pC, _pubSignals, pMem) diff --git a/solidity/contracts/lib/verifier_anon_nullifier_batch.sol b/solidity/contracts/lib/verifier_anon_nullifier_batch.sol index 9f30b11..770e627 100644 --- a/solidity/contracts/lib/verifier_anon_nullifier_batch.sol +++ b/solidity/contracts/lib/verifier_anon_nullifier_batch.sol @@ -43,101 +43,101 @@ contract Groth16Verifier_AnonNullifierBatch { uint256 constant deltay2 = 8495653923123431417604973247489272438418190587263600148770280649306958101930; - uint256 constant IC0x = 17597693319852546418407317206296148373698270858190689977875546982859726940491; - uint256 constant IC0y = 8118153777833048296636432393924223445361273937934900816501954258825221765150; + uint256 constant IC0x = 14690425847737190490600050249813402456279799734650269027145261462844549991465; + uint256 constant IC0y = 12355943016630694158348917747022006615202524659576950063254060333880897276360; - uint256 constant IC1x = 8633912278644610287475887713911534964807539155667235584423819625501837002741; - uint256 constant IC1y = 12782270579821301562897542543693756010611609738889956205159332274840841047686; + uint256 constant IC1x = 973439626785668747061763033956563519440367005580176127380508848086894487413; + uint256 constant IC1y = 15850514111119225793921755949261914011395006749480680308104108837250267282650; - uint256 constant IC2x = 21700179077835246558971307380294521103286350535253985418290536465754023128379; - uint256 constant IC2y = 15004626941619194278032579752844424149866966587469894640257965243821228927334; + uint256 constant IC2x = 13155203050208195669156695648367713267389515134402590760248478617517686577972; + uint256 constant IC2y = 20554844102160961562430053654277490524644994265293579484955811514772946178683; - uint256 constant IC3x = 11501838067340941162826191089286590710505510954756365862310687494049124610281; - uint256 constant IC3y = 7997218930568129577107427329463928855492905926410913006836967883302928159857; + uint256 constant IC3x = 7387613039317590804009988013164857047469017666985496797462802705836796224199; + uint256 constant IC3y = 7642394480405587447429853848799417236467104932175882049313138856438235924485; - uint256 constant IC4x = 2340297852501124355160218493977084471403636217371842151303051370245556306174; - uint256 constant IC4y = 9863219541214382108703698943644567235314194065893121209648036230903904489937; + uint256 constant IC4x = 5312683905205363022462369392552008345825622357130101809067078816353415269757; + uint256 constant IC4y = 14195412313555196958285044147142827788108766075255382554297553275404593989127; - uint256 constant IC5x = 1514557942974715384289486242082461809010443828653577522593327574600071732814; - uint256 constant IC5y = 16135696422408961088299374316721767948700913285226275787047603637037926153141; + uint256 constant IC5x = 9288623343750131011592781037011999990000612499024586049986786574697554357733; + uint256 constant IC5y = 11362006443624802817711331016260584967472494745582127886105019976867823145354; - uint256 constant IC6x = 21583660777059180263521016565511699919946563507465320614743470341955906907683; - uint256 constant IC6y = 12420920952797856254769118555919773550651865403918186904592992066570542038191; + uint256 constant IC6x = 11578965381901395714203406075453776320272805420533478497669657733565305987793; + uint256 constant IC6y = 10207336791172177164533565882598339843592087685535791920502230626224882182762; - uint256 constant IC7x = 10980742372840171221043160666464637954411523283226958088726896817761761290970; - uint256 constant IC7y = 19327866351494297293170821839716613926821786056891035015434265486829281639462; + uint256 constant IC7x = 15808281792574842554259905197879576797250956578783592702638196207054415692304; + uint256 constant IC7y = 10864196820924352020862261198905278706919705698335119502274306755004660689004; - uint256 constant IC8x = 18596319256715964383973762645565923772534568677942378069525944640036890779043; - uint256 constant IC8y = 19447620402352883899679811336082731725149153031151074048937695477884039400238; + uint256 constant IC8x = 21007242079792335890065165743052917167387979047738498867462032770730808710002; + uint256 constant IC8y = 428094048143102273316269247946342191367400687664515640929517084839224639138; - uint256 constant IC9x = 5559679317881047179184299869922431028130676567220325253628378681301647197266; - uint256 constant IC9y = 20301435388700811403049117486769368990012535480069942056391021814722037812351; + uint256 constant IC9x = 3738851691266794001175198797223403425726775868750629039449393059460181722950; + uint256 constant IC9y = 4939270018523610294481140167251229840060269577632945558071212610554537257062; - uint256 constant IC10x = 7571657016319652922725033260368571000168515132336399497806728851493407871201; - uint256 constant IC10y = 9303694550986012160697743275451570337873556815268686173566177548328841022226; + uint256 constant IC10x = 1082423131062341268452908332023960162277056835086211595298432948133404783052; + uint256 constant IC10y = 229864084259215928597335148113291835696982863337515784461446824589331628888; - uint256 constant IC11x = 2446550097064438624164272232164992360904209286481246308083249175659936243309; - uint256 constant IC11y = 13952886724306545172914688782906831120754511258313604146962566046021217003056; + uint256 constant IC11x = 1341317534311890495862806725095733861559086694392409351535133016567521581300; + uint256 constant IC11y = 15929087499972165447491837803548880552123398466833064130010491028076445776831; - uint256 constant IC12x = 15513579294225333750341953110907484262180295975826474112568498910818467120141; - uint256 constant IC12y = 17755495483467543522599964741556240041864668940308531491933194236777628838337; + uint256 constant IC12x = 16483540421158004886702412011005278690315166478274709687432472246282659415995; + uint256 constant IC12y = 19564739241656077917367650496489160194296949649697248375163415671850699328627; - uint256 constant IC13x = 14921270977614594358885901465352981080077443695960568347364822787267341722137; - uint256 constant IC13y = 7265811997019181552810219908532393806360115520769472008703961881020197478491; + uint256 constant IC13x = 16104546169460564107741007286401970239350826268556769139029325575239586382698; + uint256 constant IC13y = 13517999757390186397597605670674420190734881940683461897289604053325715836553; - uint256 constant IC14x = 18901591238979503931761104350328685960555890089542990983976550906925802577375; - uint256 constant IC14y = 15957159245558538761444308144891617845635823081255980836575523789801622807761; + uint256 constant IC14x = 5353453675093419432863107854995069305147268033019719512610502047341154647830; + uint256 constant IC14y = 3252634932089237054650711722047195033191911371039012174381950637388774057516; - uint256 constant IC15x = 6327083277850305161961408310391501560154117128918787318655202465958819052902; - uint256 constant IC15y = 11267385976440811132194917165538782883602618015104937816482305901965448363416; + uint256 constant IC15x = 10857066642674603938827131152375591808325640388334826700338961056548535156531; + uint256 constant IC15y = 6543347057749764408058890158655489700352531787298568537495865248965746262053; - uint256 constant IC16x = 12554434291581926758867597638726576203128103310493963758559042269431790670578; - uint256 constant IC16y = 5628125655849713504543560297714523950575061725489767760379523126819352632116; + uint256 constant IC16x = 5554695372166954876322098202748619376439653430027691495614539440724382377225; + uint256 constant IC16y = 12824754595919557394401232006722068103218385747303769220848114775762248656114; - uint256 constant IC17x = 9588492836171905542633333778923307158140578503356221138991963159193312011491; - uint256 constant IC17y = 18207942458272288899920702895671676283424367339187943892869054207389561277670; + uint256 constant IC17x = 2897194952360748964001216023312869631418699951253972532284970980501560310284; + uint256 constant IC17y = 17869432893494988290097519261337840470629337589566014523017404245207234666653; - uint256 constant IC18x = 21310589795070469219276841023290803082445679893383287164983171175729468082407; - uint256 constant IC18y = 11603534368164120490539046393784138071315977525409002871133057871231063399000; + uint256 constant IC18x = 1877445382493035121296381810528414270692189580836525490558367440493138548254; + uint256 constant IC18y = 9302698438617044942198763308107474165630382718709126154778797907945709504422; - uint256 constant IC19x = 20971429406681867492532092565670290459657054408396879366963175648946806655794; - uint256 constant IC19y = 16102312112362935425036365089764293838100907117761847642245355792687389221068; + uint256 constant IC19x = 12719638026257757169103735364490395527920872538259246035205426207516439117186; + uint256 constant IC19y = 15659847361301868818525762703953196476523328902107738173324073752615684359466; - uint256 constant IC20x = 6373353557989085254713137953640135374089853728124829941416096300381883535819; - uint256 constant IC20y = 1998211836282351344175880620945799215060616586455920296100792090999106049871; + uint256 constant IC20x = 21379260891305341512198597450588670395584255109028387829669698539335326839399; + uint256 constant IC20y = 17722834605715418760616536025948138190765108727399536971614174237326172494252; - uint256 constant IC21x = 12333875653576608013717935760205183818165731091403602261824678074609065289039; - uint256 constant IC21y = 13874532117247603520502913781872780128714390515026082149176314366522756145144; + uint256 constant IC21x = 4938717796933361424513195707162235071113768980929136385813547798734552041205; + uint256 constant IC21y = 3117258020212823158357400262823825559154139599011927310689753352783945664762; - uint256 constant IC22x = 15594814678072126511611089471012881997994953243312827781966520286781138956993; - uint256 constant IC22y = 11798552322923147379414313744918674147843948655421054730917088234193979549283; + uint256 constant IC22x = 20407280859881149731270203000708436098839340720789188118741495262693344235848; + uint256 constant IC22y = 8116406100602395577318380789343563839030476181735774007770067063140002361239; - uint256 constant IC23x = 8447439813168437307300019878899514062912755675167883338934818415497297225651; - uint256 constant IC23y = 6121165686329538759063975820107092861654730292113395185753663258626568437878; + uint256 constant IC23x = 8394416751860763835715540777793815552800805927981961817300267287832845564153; + uint256 constant IC23y = 20602001104727375343732975807642593092086912579174726400547925692479336382280; - uint256 constant IC24x = 3370306254232236086173287395533557521636236575310809453092482676149019205014; - uint256 constant IC24y = 17043632493577052467111669278849854823995607083570570757793792590973221841486; + uint256 constant IC24x = 3807389008641049643153457068711041475953442325051941994946756771009815070746; + uint256 constant IC24y = 17238922584425250182361555037290613213557480732552513226535537244934379444094; - uint256 constant IC25x = 12034706062746579045761849873094174320018072123387894157340815364343681322491; - uint256 constant IC25y = 5766344946552280398773374397811497404577836809787968210494878053430884860672; + uint256 constant IC25x = 9512884880721072336763991784432320781570665332909354721898443957947318440113; + uint256 constant IC25y = 3228978241035529797350196821091339457671005447319564922021800553842067740684; - uint256 constant IC26x = 21680606806761591130157639346391512985583518533487837932295471730780711003956; - uint256 constant IC26y = 17147021154864844500987770633524120941122830180132314145388568575460427383036; + uint256 constant IC26x = 7431465475683419725459015250386300451327128713538171557994539840682629851856; + uint256 constant IC26y = 12442479355705915307933125864371393083910309134935925393653030404790229633619; - uint256 constant IC27x = 2952113066106922305257989816719532055252431306174543757438758594260338773047; - uint256 constant IC27y = 13997833761639911054942937586090636771871978347177688931761802496685622639792; + uint256 constant IC27x = 10156016800424647673552003993687020229906070700081453017445343460249018650881; + uint256 constant IC27y = 4518851793924376352110648082167183190010585298730345169476637640855632518146; - uint256 constant IC28x = 3655608940167328473712715285173111003641424207443936910838262526036059801674; - uint256 constant IC28y = 21619132420937672870838247048657082623107347968031914471177278140759992355499; + uint256 constant IC28x = 15892549484204945508692176817293608064781942552954879658724896127227239668867; + uint256 constant IC28y = 18511944036213151754591118324685592475901456447057959793385354191402442026421; - uint256 constant IC29x = 19566935143310829307965604920392497155822122331925438555163797055302741801348; - uint256 constant IC29y = 6103710148163173273099395302554561403475260480145256070938176247225930950293; + uint256 constant IC29x = 8412782548750992651107079179280549637477812989063803930397021437216171679498; + uint256 constant IC29y = 7252527078520558148796384236322319137623616461000603349054594769114760455303; - uint256 constant IC30x = 15972714510967671551656781026338698101049199818364901217930124132975919395951; - uint256 constant IC30y = 8557273975939336053382396409176882521404086909184641362069057383102719156548; + uint256 constant IC30x = 16071214977548414533811649470014994518862502423293204796699102887139111597255; + uint256 constant IC30y = 8231756121387009610914645315378989643033237103714992735838851431652342012368; - uint256 constant IC31x = 15882592379718701282498750007755113852359102540936302942039495202258329292207; - uint256 constant IC31y = 14345579372819398020224297536615136940627411034595227225711370012240940972945; + uint256 constant IC31x = 20707079280093901951291875046505694374940268614290532793311819195705337262532; + uint256 constant IC31y = 15889403409602591365301308819954060279825745787110811345161780014062126948317; // Memory data @@ -367,8 +367,6 @@ contract Groth16Verifier_AnonNullifierBatch { checkField(calldataload(add(_pubSignals, 960))) - checkField(calldataload(add(_pubSignals, 992))) - // Validate all evaluations let isValid := checkPairing(_pA, _pB, _pC, _pubSignals, pMem) diff --git a/solidity/contracts/lib/verifier_anon_nullifier_kyc.sol b/solidity/contracts/lib/verifier_anon_nullifier_kyc.sol index e20d299..7234f71 100644 --- a/solidity/contracts/lib/verifier_anon_nullifier_kyc.sol +++ b/solidity/contracts/lib/verifier_anon_nullifier_kyc.sol @@ -43,32 +43,32 @@ contract Groth16Verifier_AnonNullifierKyc { uint256 constant deltay2 = 8495653923123431417604973247489272438418190587263600148770280649306958101930; - uint256 constant IC0x = 10056555469892418515983559377483195438148570041454959545307680780944183869079; - uint256 constant IC0y = 11343591103991960122203876173769289241635909702735902679549455327815952316387; + uint256 constant IC0x = 18123553351482973719688179313478140330506202775488937708019236153134504451219; + uint256 constant IC0y = 16997829253969207940523709639057222762827616969787461147387425617138781908566; - uint256 constant IC1x = 2603876099757310154788389263152282275627880335792214669340890260181989887970; - uint256 constant IC1y = 16807462008329376093045054238879559029756891943864431063512559566859113456464; + uint256 constant IC1x = 9553187017341114396600783911442981141358391549987081274899168475558288071206; + uint256 constant IC1y = 2284138698466444683881738949288104825631324514966952524424820205560095888825; - uint256 constant IC2x = 19638538129741818949193970207896093826681806369773726125389068299215830462311; - uint256 constant IC2y = 12214226908693668628010259962489704662948581679338132772053044540663212390986; + uint256 constant IC2x = 2367201567455515348768653878059827719162852137114440905559951962597164072886; + uint256 constant IC2y = 10005927772316916494723434684764823216004168106831937092067507361479164970551; - uint256 constant IC3x = 19784284331549748180128202256537997267454222587134575520500399549261649558066; - uint256 constant IC3y = 12635309262742233044640375105049669162197308832242390633399741527341581365238; + uint256 constant IC3x = 20060065545343301036999536430317101355569421687318144671582981812588811037380; + uint256 constant IC3y = 9885707302608442062822873336911771069179335246874906294661872034030839807071; - uint256 constant IC4x = 15719008791714065988285617486744825741498733104226557663346219175075890834383; - uint256 constant IC4y = 17990945893520946096018903800850607289164880735418389422312555227956040598441; + uint256 constant IC4x = 6929671971183308001719852566193983904296527887042581041032444586875953329823; + uint256 constant IC4y = 6075928883899395143833554022120971343083236204573831570908231714212527502505; - uint256 constant IC5x = 9625938419211062849227802374787253941200809252532888384025841039723569214086; - uint256 constant IC5y = 16108711755678996636669478979977332075566820238199161837516679433983793795069; + uint256 constant IC5x = 18560354734452905947995876782291228067649203639645281699554150678248686609487; + uint256 constant IC5y = 2597248920776569151432168397681469064239673614682028004020264765340400159490; - uint256 constant IC6x = 3049617608360033489723029480888615093214374587666997821678217430107426240817; - uint256 constant IC6y = 2149460946101964075458601679949725643873226438198590290954979277694949933173; + uint256 constant IC6x = 13933672039555246525648568152409400679323220294179813129371285277219348160739; + uint256 constant IC6y = 18050684036447430269858847862127206085431495216331559041440932459341763591785; - uint256 constant IC7x = 1974913806598404874050563663898772989489018774085130492860423391457054143534; - uint256 constant IC7y = 9582196417432082243275325444345382138858143282378039344288398207935774790285; + uint256 constant IC7x = 9081357568749337875281940542789401022048074929577648797441122216851883857810; + uint256 constant IC7y = 13739739564359346374542786825162592028283748718905947405084135584277517264010; - uint256 constant IC8x = 13630325124965095022377068297749551756400575047277768956424273050793334237530; - uint256 constant IC8y = 3883845552581662837409555670569659690225415926884238791881943632774485931755; + uint256 constant IC8x = 19270749646336802266672011059977367520106977047226577013370448608487022163211; + uint256 constant IC8y = 966495477952102982491726332113342060081053862489591676156174612158433860981; // Memory data @@ -206,8 +206,6 @@ contract Groth16Verifier_AnonNullifierKyc { checkField(calldataload(add(_pubSignals, 224))) - checkField(calldataload(add(_pubSignals, 256))) - // Validate all evaluations let isValid := checkPairing(_pA, _pB, _pC, _pubSignals, pMem) diff --git a/solidity/contracts/lib/verifier_anon_nullifier_kyc_batch.sol b/solidity/contracts/lib/verifier_anon_nullifier_kyc_batch.sol index 0e7310e..8ecf837 100644 --- a/solidity/contracts/lib/verifier_anon_nullifier_kyc_batch.sol +++ b/solidity/contracts/lib/verifier_anon_nullifier_kyc_batch.sol @@ -43,104 +43,104 @@ contract Groth16Verifier_AnonNullifierKycBatch { uint256 constant deltay2 = 8495653923123431417604973247489272438418190587263600148770280649306958101930; - uint256 constant IC0x = 5055457806551308648641602858341222034412598158840015521115708780357586537733; - uint256 constant IC0y = 13929219707581595389902696873838817350282760244992317353035320295188511606679; + uint256 constant IC0x = 6569430588439877366527786609386328757691001219784351110757163414976967760496; + uint256 constant IC0y = 19701795840659458217627552317990846281708656250569079904094563652056875210649; - uint256 constant IC1x = 384812557161372662669413245701867914489609613493188812590436862874947037856; - uint256 constant IC1y = 12860908655956463609520692003694329680053096547984855171492240067568031270059; + uint256 constant IC1x = 12945827806291586309087537362460183393843928214650649891353470663949981030504; + uint256 constant IC1y = 8932777582762148771707401553533261363376771904533681848350081246444752874642; - uint256 constant IC2x = 4245757302017366581571557978332016938449225411089656969177428195459711337057; - uint256 constant IC2y = 5225028896615339531700779183298982429893702320559967566317169785842253092490; + uint256 constant IC2x = 10623651636632220785753346216025555937925152224093250136734721725161955553061; + uint256 constant IC2y = 2597552069428171869734236995969529647600435237310598221252962321395245419878; - uint256 constant IC3x = 7287687849148654981012895747708827908366769337855961476955334286124242031773; - uint256 constant IC3y = 17996946503875371212072585490004541575549367998865829305978883358153861543900; + uint256 constant IC3x = 7635723367127694102263101004079537988095295496595834034241272884403218961193; + uint256 constant IC3y = 17494904972347995837709075349497627115022448426720751805927273610178117244408; - uint256 constant IC4x = 19235045382186349101136024714248182883570296517762062314890835442556015119754; - uint256 constant IC4y = 10445862969534871462284724012399298002449431433509174810393109712910680199185; + uint256 constant IC4x = 7206262815948023259783945121109787762355582131093803336150762939970851415706; + uint256 constant IC4y = 3692263523790291805456195389183989538256075880195264132183156008641028853209; - uint256 constant IC5x = 5793257897599599892774198902680213729006215564961922151132025271271190431579; - uint256 constant IC5y = 2466460788167456760490909268607730505971771469003843693078635842050559792496; + uint256 constant IC5x = 3249742650124912741431290225562493391858058885426598416077062246641393541202; + uint256 constant IC5y = 12182493959120910993185277595510521866071346067218317610537406543204436540256; - uint256 constant IC6x = 15720488526001255048979746432723542890578013167029947794898992385820379713748; - uint256 constant IC6y = 14311705045784421188890629141750011130293194860742875435448862699949915962308; + uint256 constant IC6x = 19399629286388729337006925058633225637431689483936939692376025031208969295794; + uint256 constant IC6y = 2575814769691915382158209280837784150408525658894339892187566760085815770759; - uint256 constant IC7x = 17802021095794086513460137776793901594674708183010820081754059837087028725889; - uint256 constant IC7y = 3279157070123984955450950265387836674597755338450726024978914681965759450239; + uint256 constant IC7x = 7145030778227723876773183231723855591384081609880943655449668561650021847349; + uint256 constant IC7y = 18431933505566318397538276541529258152954659487724451074075182663101860670671; - uint256 constant IC8x = 19359815959815076899131860718663451003218422169656276678015490293414151184678; - uint256 constant IC8y = 5707354413249396553586007167737077037290919807879639509253482984035665820027; + uint256 constant IC8x = 14121490205711368432724351844392057840710731241934651490392648457275809879077; + uint256 constant IC8y = 3817877641513085626250539750880532913618898900537070215790162086064594253703; - uint256 constant IC9x = 1725872725912072612422820280616871706914827579843113375313445774588331804926; - uint256 constant IC9y = 20620006515826938608329874607147155942682434923485018310741689381366316663540; + uint256 constant IC9x = 14521042375094556087481158410774453529910040590856897391451119261874157951401; + uint256 constant IC9y = 5987603852882230316443858411928565101771873105229299008803394361465085376167; - uint256 constant IC10x = 3750626831706765426764858537677116670052811859895035465159140352051254893919; - uint256 constant IC10y = 13692950311360677852943462374966452490713261402367448787753844286139700057808; + uint256 constant IC10x = 7877210241238626352534782708146597544416859042112588813546078025497746762639; + uint256 constant IC10y = 4488960775353546849514798426844292049658739652880016252759201723296818722954; - uint256 constant IC11x = 653060428867723149388680302328852007781744895445948395564351977998893043314; - uint256 constant IC11y = 2392634140035627343217573187592457191980158492944234596081708635656536951676; + uint256 constant IC11x = 8196831921956009582136302857785303839314199397205962154706979401642782672144; + uint256 constant IC11y = 2464415412278735525053752289849974278015039862957407236936892777656602416022; - uint256 constant IC12x = 848057632829020597775111744077074290599460660422683715621697125150732964376; - uint256 constant IC12y = 1165634259060314419729348737488491625144344359196723224161937596407804188963; + uint256 constant IC12x = 9618611458768968316596303441169163465854652484079730345378867349054625546560; + uint256 constant IC12y = 17713065231553587001334449906234793449751895728702084156424254269605434434369; - uint256 constant IC13x = 6796133382642935359920238417292446244470330321080780534925907136385966106906; - uint256 constant IC13y = 5483741050238113243051555363062380525010009117947674820642104004302000894946; + uint256 constant IC13x = 11923411540039701943807453853530402254884128172615068154225050288539205394835; + uint256 constant IC13y = 10638753812453059872225237236545824286081056624854279203224533655601040290284; - uint256 constant IC14x = 8106441409952625253378113001929114649422704670858117519344483339663148890749; - uint256 constant IC14y = 8622112428188266733459194735561489345463905110379423639463881768955076290417; + uint256 constant IC14x = 5364887122808703583686140582582871715499542301104855343077911842623450833613; + uint256 constant IC14y = 12433615932553523377208857396109862421829459241688667324735642225913673082454; - uint256 constant IC15x = 4191652197026093367861782866744362301385677735250820700023614166486073780833; - uint256 constant IC15y = 15717090349026460649486119312458368505984286740916883290320790677874689827529; + uint256 constant IC15x = 11362138669358320692737938970489777744791078072687798787805288147061568884189; + uint256 constant IC15y = 21181268189514937049538784434774591302268103522590325191936888065750135595338; - uint256 constant IC16x = 5776296672230138374192730225883064176242397211023286372849649761984693768221; - uint256 constant IC16y = 14905945306820282389385882436196748471946208760613239736496576710404665224274; + uint256 constant IC16x = 20171480061316560128261932356128655053870296250508707984152048719948019416058; + uint256 constant IC16y = 16469912182119429337346216669322189895484812892424647552672781336980342427947; - uint256 constant IC17x = 4559742855829181956548161432919870338437706078707185429517436408683570584819; - uint256 constant IC17y = 16944561631661598258841334090988727293087544220259173861611247617408683803241; + uint256 constant IC17x = 13435981607437835176038298564532402978524803183795362167985345496485816989396; + uint256 constant IC17y = 15850251220438716720678604349051000992661965436725416764994919865994866270289; - uint256 constant IC18x = 16587169411945221794629940460815898228634210524160576458917942354390336705384; - uint256 constant IC18y = 15972853747600343202136943816686809165079318263907350810685749123332283992609; + uint256 constant IC18x = 11811704529904171197302226112517616476696081278565166583889376612260805366770; + uint256 constant IC18y = 19019390331791751281804943125396296772002105299390052915790201437866279662469; - uint256 constant IC19x = 8821504718841425618793065011325815296592971153042906721525253559102869998701; - uint256 constant IC19y = 20850692993225930864774739863553994587075062943341148174407941580697925793153; + uint256 constant IC19x = 3761471756023907823753662465802390456071662791601109601641361679956352187681; + uint256 constant IC19y = 20162842344003073985846811954950247779528182752114757276021318353919250223457; - uint256 constant IC20x = 18063333947262282324939485446898186709216263049371107487562701926444263710629; - uint256 constant IC20y = 2455766652297295649340171283091470728693530178189726861600654965326631348600; + uint256 constant IC20x = 8071737940013135701818664948073246488373061515317448531046144561741451109185; + uint256 constant IC20y = 21249802238872385794052754733935006016288143915502543365592840846555221479621; - uint256 constant IC21x = 6498182062916319720894646129006367644687460796460948472605347749700849288067; - uint256 constant IC21y = 15582813260747884419894348160950156371509402077228880016716350222753661956718; + uint256 constant IC21x = 1723680139370666935432299119241451157012312182480235360808229176603937596859; + uint256 constant IC21y = 8164366164883561347815095120721241648189233554976540427493558095838306440753; - uint256 constant IC22x = 321929734564151171971470625175058617225940564290674576363109019639095818177; - uint256 constant IC22y = 18273686794894913763164834634638991620791931669901681499087533156823609362637; + uint256 constant IC22x = 689162672330801569236860417513166829127154851999990636353535831269200896688; + uint256 constant IC22y = 11200584681823644754861106194748361242875754624399213261000378216461858026291; - uint256 constant IC23x = 1385448045915172689076876549717256835132700382238446872100221741591990955362; - uint256 constant IC23y = 4022520602423424225479857596947599676554320053840239759248164835623176007564; + uint256 constant IC23x = 11132480191379362674157945793411833650393405623591215012860767771391927446355; + uint256 constant IC23y = 10277738761608980247730521899394951892428405977105154597348202031123885219627; - uint256 constant IC24x = 15614848250708717650884557704667152933528951388736256422056746841520333855747; - uint256 constant IC24y = 19021192862351359265015245362970383223928898799978594391167809319868841270411; + uint256 constant IC24x = 1354010359951883199790977489723895500507371930668360256318460940352281683644; + uint256 constant IC24y = 12331331943282510326157833533439183364709881220201144096863857222742169515625; - uint256 constant IC25x = 14219104558666768957315034631425076492531498832675405478043207041480276284936; - uint256 constant IC25y = 5968883590209381790926786851795101235787710669209775744964007595413491210531; + uint256 constant IC25x = 1590725216690146167317215389183918336927440723269966298715652851810883950078; + uint256 constant IC25y = 648789650233718983137868002717409751620582801629138464278675991230484864236; - uint256 constant IC26x = 15053045505455240382139369868913333257395507379978726369057643711772295373329; - uint256 constant IC26y = 6261438073742895324492874312413238180887393702081809898802326658749648295325; + uint256 constant IC26x = 4017263919683246039531103614452508414327439699503842445340340190257692581622; + uint256 constant IC26y = 21085521370142183058993324041411717678642788883068145103769278269356952046488; - uint256 constant IC27x = 8279402908699966876202457428874301580577182074699386896468066902620550211553; - uint256 constant IC27y = 19174460945619058395437208583175641756720323569757488274680139821480257784290; + uint256 constant IC27x = 20354123394938294132319773872263617091686356348235151753732395588542115990253; + uint256 constant IC27y = 9370969562790654841486867992534284434087821265694482360742469527651389052516; - uint256 constant IC28x = 21499793604267157825830681866304028648437840630646996537572829551777574271839; - uint256 constant IC28y = 1005046359992507174719839503561719300473242986575812133312314763711270984318; + uint256 constant IC28x = 749698431933435545392856576924856252408426040378185137452101024854473982318; + uint256 constant IC28y = 10369746045619366203245377833848197507328508425992979363855345137502313717119; - uint256 constant IC29x = 3238614055232236444949225941125793358783200606776689162371028284906675604194; - uint256 constant IC29y = 19495078682976583717496513165386543508605758961481274209957275264765347242483; + uint256 constant IC29x = 13924261703846280754011239690661134541096397176882043202637554890822603864678; + uint256 constant IC29y = 18490581088324737927057960954047847534810947157729964269120994220496244858876; - uint256 constant IC30x = 14760129744126933213773033864361354810338779307800047348283148893032921061798; - uint256 constant IC30y = 14663555281074618599135299437451681770150596815248880167564723598817295979622; + uint256 constant IC30x = 3639736301087187198215354960483681177361361075663113624463814532907153992441; + uint256 constant IC30y = 1032841028236486436610535295630820909109454508466929979895079509439401121424; - uint256 constant IC31x = 6195412757967138718449488882106251157524891233712748777352466418003640549859; - uint256 constant IC31y = 7789417952150316589968393082954101751776794288548848034183786949891570349392; + uint256 constant IC31x = 5228567285493337244623048337556447250995640037732065591059183190260251367495; + uint256 constant IC31y = 8716670701772476772999790138453487291942759826365368712159979869310609024744; - uint256 constant IC32x = 5322112193572143306470196243206084629933090772814697697105570159589731596593; - uint256 constant IC32y = 6535916631097085889848271696279659032098235144105942084677969420875353671017; + uint256 constant IC32x = 4050395180687500033451272794494370337472728614419225549623019562176909372738; + uint256 constant IC32y = 17670949173403368114103989241104457239341380011198095960032306325532120806476; // Memory data @@ -374,8 +374,6 @@ contract Groth16Verifier_AnonNullifierKycBatch { checkField(calldataload(add(_pubSignals, 992))) - checkField(calldataload(add(_pubSignals, 1024))) - // Validate all evaluations let isValid := checkPairing(_pA, _pB, _pC, _pubSignals, pMem) diff --git a/solidity/contracts/lib/verifier_check_hashes_value.sol b/solidity/contracts/lib/verifier_check_hashes_value.sol index 82a38b8..65e6269 100644 --- a/solidity/contracts/lib/verifier_check_hashes_value.sol +++ b/solidity/contracts/lib/verifier_check_hashes_value.sol @@ -43,14 +43,17 @@ contract Groth16Verifier_CheckHashesValue { uint256 constant deltay2 = 8495653923123431417604973247489272438418190587263600148770280649306958101930; - uint256 constant IC0x = 7451946452627654831087368244416850811848640051585835431774006564787696394579; - uint256 constant IC0y = 3335938186741695161920937664249081252546904250712465973121885140080729804559; + uint256 constant IC0x = 17792762022125287046321768098607171320071618631211367966788587488825455404458; + uint256 constant IC0y = 11155528019403985287117957011181683282276980330791900414761420530701336492839; - uint256 constant IC1x = 4825167184845404163337490360685409593368334234867416547655377178016060612776; - uint256 constant IC1y = 20216917433859335199329194148245717058149862581677751710529776924054717858789; + uint256 constant IC1x = 6717605603646218844646921196814073522173739325926307699116887265970061883098; + uint256 constant IC1y = 516153472147520123255754218210841627924243470206670179828454953236590121912; - uint256 constant IC2x = 15958914812085923571729409913935907268381565403173614269925036163982984629903; - uint256 constant IC2y = 12537821265017874170836131082487633026846634600904134063136842002739226714069; + uint256 constant IC2x = 8087731838810758210112265887449747110390409349987938026778639089761261395232; + uint256 constant IC2y = 19857276812072296411781253738593366602790857251698964067504889225833057563826; + + uint256 constant IC3x = 473105502461913999202734899658281137764286492931790885921074401072316990093; + uint256 constant IC3y = 19795449967604900309902005580999588375004713323386672270649013487860620808493; // Memory data @@ -59,7 +62,7 @@ contract Groth16Verifier_CheckHashesValue { uint16 constant pLastMem = 896; - function verifyProof(uint[2] calldata _pA, uint[2][2] calldata _pB, uint[2] calldata _pC, uint[2] calldata _pubSignals) public view returns (bool) { + function verifyProof(uint[2] calldata _pA, uint[2][2] calldata _pB, uint[2] calldata _pC, uint[3] calldata _pubSignals) public view returns (bool) { assembly { function checkField(v) { if iszero(lt(v, r)) { @@ -107,6 +110,8 @@ contract Groth16Verifier_CheckHashesValue { g1_mulAccC(_pVk, IC2x, IC2y, calldataload(add(pubSignals, 32))) + g1_mulAccC(_pVk, IC3x, IC3y, calldataload(add(pubSignals, 64))) + // -A mstore(_pPairing, calldataload(pA)) @@ -166,6 +171,8 @@ contract Groth16Verifier_CheckHashesValue { checkField(calldataload(add(_pubSignals, 64))) + checkField(calldataload(add(_pubSignals, 96))) + // Validate all evaluations let isValid := checkPairing(_pA, _pB, _pC, _pubSignals, pMem) diff --git a/solidity/contracts/lib/verifier_check_inputs_outputs_value.sol b/solidity/contracts/lib/verifier_check_inputs_outputs_value.sol index 3ac4813..6aaa1dd 100644 --- a/solidity/contracts/lib/verifier_check_inputs_outputs_value.sol +++ b/solidity/contracts/lib/verifier_check_inputs_outputs_value.sol @@ -43,20 +43,20 @@ contract Groth16Verifier_CheckInputsOutputsValue { uint256 constant deltay2 = 8495653923123431417604973247489272438418190587263600148770280649306958101930; - uint256 constant IC0x = 20396656022623641670008377669003034980093130786523942851241118615302768419395; - uint256 constant IC0y = 14460565471036210802313774333143023635831814968531542209492724077895634610612; + uint256 constant IC0x = 12946007655294748109976651790282368712032854715550040876001054877264205748780; + uint256 constant IC0y = 18032642300154066830488632818855044055030982780193227094738656624662833078781; - uint256 constant IC1x = 2081151087886351362052109284349136245896365144480594970363965209121454435615; - uint256 constant IC1y = 7627748436840484016041411383412007426088166462897758644125825809674647553935; + uint256 constant IC1x = 8228341292765993013090092820633873569483019963672083323737021345228840775169; + uint256 constant IC1y = 20432244021136381590872457352955032102872199444416050619571352452282317954219; - uint256 constant IC2x = 7189738800008926186611658901247628991245747187450005732092919064722079974942; - uint256 constant IC2y = 9212648002198273470709296946004128071434381043645920720192760764536735495174; + uint256 constant IC2x = 8738679007939815464034505049392842095886575320134992784554786710251071495194; + uint256 constant IC2y = 12009150672696869511811457247713563145562974962822650354468690669684773324888; - uint256 constant IC3x = 11768707076760067129018476295317416349141693871872804260182676814443586962585; - uint256 constant IC3y = 43457176520741345734163037559924361056260541490089514615718694453957091269; + uint256 constant IC3x = 16976117339499051172320583716642091977612878655215293512007076397040817016742; + uint256 constant IC3y = 18369955760166412766197526139589217319712839270695221527886946564802088870621; - uint256 constant IC4x = 14832630682718922412549948302466331845050461546654693173139520463665603837447; - uint256 constant IC4y = 11825832786155058262551483980525323216948427383462899518191468759111948872063; + uint256 constant IC4x = 6204120783350765925857762755308465534553599091344386478886890855955170711802; + uint256 constant IC4y = 8643610540753524921724781956366950179079789331191119071601262970976815564720; // Memory data @@ -178,8 +178,6 @@ contract Groth16Verifier_CheckInputsOutputsValue { checkField(calldataload(add(_pubSignals, 96))) - checkField(calldataload(add(_pubSignals, 128))) - // Validate all evaluations let isValid := checkPairing(_pA, _pB, _pC, _pubSignals, pMem) diff --git a/solidity/contracts/lib/verifier_check_inputs_outputs_value_batch.sol b/solidity/contracts/lib/verifier_check_inputs_outputs_value_batch.sol index 5c0d8e1..7b67097 100644 --- a/solidity/contracts/lib/verifier_check_inputs_outputs_value_batch.sol +++ b/solidity/contracts/lib/verifier_check_inputs_outputs_value_batch.sol @@ -43,44 +43,44 @@ contract Groth16Verifier_CheckInputsOutputsValueBatch { uint256 constant deltay2 = 8495653923123431417604973247489272438418190587263600148770280649306958101930; - uint256 constant IC0x = 7122584749132663259889039153467921074977127280515536773587823550717715138029; - uint256 constant IC0y = 15067071742475514977002742831294748418717541246651495731918679212820223087718; + uint256 constant IC0x = 7605020151164766720932880397176905095983170802501793884341102770884420020482; + uint256 constant IC0y = 11578388613645654158518048253463162726071172307764933798767177117762211278895; - uint256 constant IC1x = 6592068033136811632712027579331313659240637339145829055600393395160018309932; - uint256 constant IC1y = 21219315757020742402238899038339838826992258516784600407391603177049286107527; + uint256 constant IC1x = 15517079692254797082811127896852347294842175727299054806187097752985044386145; + uint256 constant IC1y = 11495218079914661091848865922797430386857914791128443633966423638887578652800; - uint256 constant IC2x = 17622292954822862386817225635669708049867559480916120103382985213787384202047; - uint256 constant IC2y = 7167167468011464318946287166963492579523363804560727758854980196883425691906; + uint256 constant IC2x = 243414170770791910563402075185563980513342209369023526954923309991295341694; + uint256 constant IC2y = 9498198509948216509468422581109675232394505898833542174822777188323601783999; - uint256 constant IC3x = 668403363461447598904680161205931437179175616205087540424204007706629678020; - uint256 constant IC3y = 10032662903633053202009958741827965739902686330774741030669161486172992945001; + uint256 constant IC3x = 13285044807968100769106768874832759354495600411449157905782590466328779755528; + uint256 constant IC3y = 2136895439498727662587473143938769324523684804796466332723470564952038685883; - uint256 constant IC4x = 14295759428178258239992482405314014064226443189105921030804666999555778581628; - uint256 constant IC4y = 18488963038915603346172304124283995972527963744748177124390960452827314462559; + uint256 constant IC4x = 3692932732800293622684828311503806475019328215635560980215020783976779762937; + uint256 constant IC4y = 12791108782670091177537218211398284608704674283826973490354384567113275556590; - uint256 constant IC5x = 15827631958532679019467548003005479753705494791403024412739530447336351187507; - uint256 constant IC5y = 3535897343187309822451309749973488928758158195731683145047284962319418723381; + uint256 constant IC5x = 10168275234288879049995440108184688085912267959332845106194998999507298417219; + uint256 constant IC5y = 1282071841478225616046652786859289229680066730983817071785821086479137382077; - uint256 constant IC6x = 14382566322728017649401327822680810765867398641622794333903525088377475308012; - uint256 constant IC6y = 5456513850887641213948654120873949077571677173824915782967248820973527933376; + uint256 constant IC6x = 7235068284145630972050279713430878509765936948747625554947288022190564048442; + uint256 constant IC6y = 5902554626780998512883944113467917148037254437959334264346892443985833627237; - uint256 constant IC7x = 8241500277658417382828150640358387653199384288753083795005104434019315790562; - uint256 constant IC7y = 11108853157270176956025479834276360365558003825915823762801254233495763508413; + uint256 constant IC7x = 16861674313721729212277476940333742169394147874609016430903615957170161200825; + uint256 constant IC7y = 20426849998603797757853510264597534845673973727619839541012525228388119741909; - uint256 constant IC8x = 11264822885265940838313058809601512470719960668399696944474021716552306587749; - uint256 constant IC8y = 19565565627114824647036055179151281135298975148984298365974971858081741517598; + uint256 constant IC8x = 17708819669592927848989594793667114710771087624006287649012860592792923987997; + uint256 constant IC8y = 15873307863447105780111308151894272535859534246468813842400366408614675542327; - uint256 constant IC9x = 4211085816025444668734031159064828176264001118416196402327737012145924045115; - uint256 constant IC9y = 21864660836716195480144285181566056407708782779652346534606811992593548851127; + uint256 constant IC9x = 3197281054855316450538721218831196330542296382661440781051889522226657563194; + uint256 constant IC9y = 5413568987684267492065617785858413891618395417745135855175348324258253213513; - uint256 constant IC10x = 377420763651349430167769787262651980652224075769482905933450731313439123277; - uint256 constant IC10y = 4792110247611418571157280962896882959941763647614623512469856495533429365533; + uint256 constant IC10x = 3831763653728578388092289917373302131302206639052144524861592322599234498350; + uint256 constant IC10y = 888707563378974588326031414617587035464449471174524952521745636124316368133; - uint256 constant IC11x = 21463289860355964998997312809245870824322023267249808639758808215793084441652; - uint256 constant IC11y = 8749740440592146132497426053418247082901048900424817073006050223457486281505; + uint256 constant IC11x = 8551505161979601570199483900737374890291193858580256984768954850420773432917; + uint256 constant IC11y = 8290587092562422403997757942904610038970268187030822023299514255968258921345; - uint256 constant IC12x = 7583366223089437444625200887153626804190871938460940258547895521764978809010; - uint256 constant IC12y = 5679361263981250667432888495195921658823129716735422639903986297973479422166; + uint256 constant IC12x = 20997320264896874922675680132719385968387223321238331618609644318329057101045; + uint256 constant IC12y = 16147901014701742694117656771529088911376761513927933289235031161761680134480; // Memory data @@ -234,8 +234,6 @@ contract Groth16Verifier_CheckInputsOutputsValueBatch { checkField(calldataload(add(_pubSignals, 352))) - checkField(calldataload(add(_pubSignals, 384))) - // Validate all evaluations let isValid := checkPairing(_pA, _pB, _pC, _pubSignals, pMem) diff --git a/solidity/contracts/lib/verifier_check_nullifier_value.sol b/solidity/contracts/lib/verifier_check_nullifier_value.sol index 557aac5..b475aa5 100644 --- a/solidity/contracts/lib/verifier_check_nullifier_value.sol +++ b/solidity/contracts/lib/verifier_check_nullifier_value.sol @@ -43,29 +43,29 @@ contract Groth16Verifier_CheckNullifierValue { uint256 constant deltay2 = 8495653923123431417604973247489272438418190587263600148770280649306958101930; - uint256 constant IC0x = 13422141526933421905908030759709671536496990266474855541292305427042610689555; - uint256 constant IC0y = 7532744786626295625511335632679656641015170681695089640944777303668735939117; + uint256 constant IC0x = 21479972349761820082689109991096144113595851567249751778844355084519665372018; + uint256 constant IC0y = 12954845361482748830004870237224824480547324964567783945687232438965992776053; - uint256 constant IC1x = 19872318028591660085789934010650728334254082942909500113921251224393800369933; - uint256 constant IC1y = 9258168570004839984054392783142416346426635065233115559699690312764226600700; + uint256 constant IC1x = 15140559764739014833414840602600058195954932997325564673581613460055534260134; + uint256 constant IC1y = 3668174888313206113621286077307156893422097860879478966424990577575448076391; - uint256 constant IC2x = 12801382080150046399178003879831586455362280882141185591823412154425431454441; - uint256 constant IC2y = 9842518513384164998091361043290956544694153356403902513408658980312068223230; + uint256 constant IC2x = 13740382588718560255183975165717990452163325471071683111880639133163222393492; + uint256 constant IC2y = 6936863670834921311830269014161474743250664484174187891378368512177343327786; - uint256 constant IC3x = 19518875821670302600797220351790123384488560694591369153322028532792703661993; - uint256 constant IC3y = 3376066704022509979059446751077697732736689786265055915655827186973626799531; + uint256 constant IC3x = 21369364592773091188128985677572872041049135071297760113998132538581992331931; + uint256 constant IC3y = 8770267058634669239940368085995619660634242300474370499696358454972533643989; - uint256 constant IC4x = 3424949706829139094762130849348758213607685703398467953662998823256566236244; - uint256 constant IC4y = 20776131504715448812668217699265276978354598594850017021969161581536196705937; + uint256 constant IC4x = 14810410121912189489184127875739569707133958214247367775293205552498453858109; + uint256 constant IC4y = 13846300784822170045421613402406794625007632979581126224687837059725261235172; - uint256 constant IC5x = 3970831602350572892412809975201509458389987288217988841588747256784441652970; - uint256 constant IC5y = 3624971867691904737017100203465529482295604173500708336951890003414509512053; + uint256 constant IC5x = 13626981813056543812377051685334012888751970918454296977729341028316762700584; + uint256 constant IC5y = 5354303765367236320647708927072767965975993175736575333727731518687415997857; - uint256 constant IC6x = 16067625434790836720253705210080775814704373819703497838457244891403307619086; - uint256 constant IC6y = 4402236853160007686855426650645080881239178431802635214503395383945489317032; + uint256 constant IC6x = 16704290353261878305863110383623117185297433218079337528199272616778179959116; + uint256 constant IC6y = 2700303256362168245131626887412264040955929843715716711831426080071539958788; - uint256 constant IC7x = 3357638249840997878527745089489392570695208559412488292612087209103966048460; - uint256 constant IC7y = 1505512227076358373490267049578907892550086250864004698131844400305799958050; + uint256 constant IC7x = 15122724046825935975226108364649646351034084301691421363663639866322683034105; + uint256 constant IC7y = 19933356900550003260952830798222953530461748473782412354764898181816417882667; // Memory data @@ -199,8 +199,6 @@ contract Groth16Verifier_CheckNullifierValue { checkField(calldataload(add(_pubSignals, 192))) - checkField(calldataload(add(_pubSignals, 224))) - // Validate all evaluations let isValid := checkPairing(_pA, _pB, _pC, _pubSignals, pMem) diff --git a/solidity/contracts/lib/verifier_check_nullifier_value_batch.sol b/solidity/contracts/lib/verifier_check_nullifier_value_batch.sol index c72962f..7adafd3 100644 --- a/solidity/contracts/lib/verifier_check_nullifier_value_batch.sol +++ b/solidity/contracts/lib/verifier_check_nullifier_value_batch.sol @@ -43,77 +43,77 @@ contract Groth16Verifier_CheckNullifierValueBatch { uint256 constant deltay2 = 8495653923123431417604973247489272438418190587263600148770280649306958101930; - uint256 constant IC0x = 15645827380555101758470301630806534541407460558949468184280712030131609063061; - uint256 constant IC0y = 16550491271816154144388034149107640878691715400344284166430225714906255329282; + uint256 constant IC0x = 11215632211605849777997006525456347967737448500007318091927705268733774154223; + uint256 constant IC0y = 17699952619297303965304183681916877388432635137985585988606559487142475405763; - uint256 constant IC1x = 6153483344859958434149301923794306045899659014824492062564883405233096082806; - uint256 constant IC1y = 15778815662361212202343010651437935635918903262380179566413075098354148176909; + uint256 constant IC1x = 11548095286197359121160733146834476640223930159466939844027933075934552511428; + uint256 constant IC1y = 6288656266975730553736144969554904041513279189257442776734466277026887428385; - uint256 constant IC2x = 18468020817925342275100340728145608977467411656024920219526108015706677819; - uint256 constant IC2y = 20028271733570389311888880081776622210185993429032585374918937586222421036392; + uint256 constant IC2x = 18926854554953490053576576035107942442382117200777788107144510370783807097697; + uint256 constant IC2y = 18289935522389488193993054449478068628556804995469571495694897572246135448973; - uint256 constant IC3x = 20691731807704860034373138504333743004410518356501737227733269745094687949588; - uint256 constant IC3y = 1319264540019786288319232148504987895927634039697112043623844977582622826692; + uint256 constant IC3x = 2771233727558080770853129885714002927147125934391829427537426622342329046758; + uint256 constant IC3y = 5214926352943362617799594830977548938122254343767107957731936384811679914924; - uint256 constant IC4x = 15142312234362262221912245115693733737728150893521056795442471741551910122053; - uint256 constant IC4y = 11399404852242987861643240338863635031525507023338898694340719971134303277049; + uint256 constant IC4x = 21847698266056433410747936199079865606982901377721262794677774638804474016719; + uint256 constant IC4y = 8147615275872120936254385749934320162961507021560542223066322259961345459136; - uint256 constant IC5x = 7629407377066530339698991515098413880229785623199975451819131278759207281512; - uint256 constant IC5y = 2560695882471994063584031088068261959488191566639496689436322570758140361851; + uint256 constant IC5x = 20677470849417460934074316550301050006619653890702542532155516395060068184532; + uint256 constant IC5y = 14951640248816265062700558139964650163968515368047361399041201551655167160143; - uint256 constant IC6x = 8496512421149256363711326441346248387384922138272454898401276205118073670069; - uint256 constant IC6y = 9598382270415521615662546436487090815783386747209319829750334535273139951619; + uint256 constant IC6x = 13552674142114362873571479903862068723991679433261012406669406589085738389659; + uint256 constant IC6y = 7981710903746946083354871005852277776743818441143999574738020051202535606933; - uint256 constant IC7x = 5926417128358719146299852019235658425613865932253894129280028204789610169034; - uint256 constant IC7y = 7226601286611624754127481535004061794115892927880976606394553693560424523093; + uint256 constant IC7x = 2843494076733793387882091326156241096225727929348442160495843068717543839521; + uint256 constant IC7y = 14557654223965043420646594567381219413527997179469070491574680444809195848971; - uint256 constant IC8x = 14253011321059518351090527885468001405762005813969528939154246573802588283399; - uint256 constant IC8y = 15344631899561233966963077053492014139945242986266350171181220375576883693071; + uint256 constant IC8x = 4175404132208645428143528244972201934610322248514230591679427294477775090476; + uint256 constant IC8y = 4013408769686153582064342212992839071277122314070152381839708135070908233405; - uint256 constant IC9x = 19405389969121953436442579301648714122407471813037773911405871895714361926306; - uint256 constant IC9y = 5156350149070001696589062707747381909924470550276248447214593804387444735149; + uint256 constant IC9x = 20373089047507286170686013342501109233678082808382044266512396006289848296548; + uint256 constant IC9y = 17414519037252783531098115688093063546013495710114297730709365743261124408934; - uint256 constant IC10x = 14706187145650489776715034411092408069039262440333579964078960528824685997273; - uint256 constant IC10y = 9351723794068506444099480518410596554842892604237039735261990632428424498442; + uint256 constant IC10x = 18404652336430160384100638626193336882585113518149833816959325645823341687636; + uint256 constant IC10y = 8137460239724975063676137530784339741015268295017803709669034144589360083276; - uint256 constant IC11x = 19580268659452972844085788497211106943600102277626701969016365010145417510051; - uint256 constant IC11y = 17892259870327851083506471379114348787961013148152914042025748168867607951918; + uint256 constant IC11x = 13387772462482787398891173736297802001331602227482843796433543930845834622870; + uint256 constant IC11y = 14251235131839391379589815502073622557073889987627793817902006298379525694305; - uint256 constant IC12x = 1368187844258725974571984010357593022197235678125484244830004603397524277131; - uint256 constant IC12y = 11689770507120473593171882218023027238180858278471059426010066331590214577458; + uint256 constant IC12x = 20865452764368968483277128844158136885156922937779917366127619931017305838384; + uint256 constant IC12y = 17853170680823374103828156105205829685852301408973246894017715214149058802045; - uint256 constant IC13x = 13287712015073561033909845382650846894849139649514115583937976829273226297697; - uint256 constant IC13y = 3939430636009527055304021582867525744150816103797934852056979340342893625279; + uint256 constant IC13x = 9853052414354858016630641887517965504857357355021183318544386710740404641437; + uint256 constant IC13y = 13146092501012325526897894082012191085118374563909694635147607538448073891621; - uint256 constant IC14x = 10783507502130178541889745165122149974956654644695976949110737257245146067992; - uint256 constant IC14y = 7255125571322345129880897792656244310326628931432725398368506928666720163008; + uint256 constant IC14x = 2826204081145110561887126072614799213904772886576324960398804191585387429754; + uint256 constant IC14y = 20321441752256535051701734841817178137635126863293665107747342993271525607814; - uint256 constant IC15x = 15371140816776210377837100749546367776777975416661035244674352159022864632172; - uint256 constant IC15y = 13898775526037620279429837257001020975978126821900304506267468805318602427097; + uint256 constant IC15x = 9264128410271638041318342513546840109915920917673351880950167980324310412014; + uint256 constant IC15y = 5380502298543509366643708116580810604911173595451307803675768078234246959789; - uint256 constant IC16x = 14426449469879908724779330900691315457884035732957138831637861015391383558876; - uint256 constant IC16y = 3451171756433536780316813170918271020431332608912271627875806152547283585184; + uint256 constant IC16x = 4479343358771134075447296531862885036260188197397900811748790404715264510048; + uint256 constant IC16y = 16673821339016242146065316462622452546805721830155001289853613360459978869727; - uint256 constant IC17x = 19803444206798798843904919208676690018525500115869773298952070002303455934201; - uint256 constant IC17y = 18911444302965650339696108648975621545327334935330378418452331498109810480671; + uint256 constant IC17x = 20771838221883342227665651895035860952654473843853849403306865012146234872629; + uint256 constant IC17y = 20110759151618177312269262403632221117051159160579155030673784750617199953714; - uint256 constant IC18x = 3008341434953029690045189802621401378237820736221686047893928949753270897956; - uint256 constant IC18y = 13350855518944994748544339040015123879049547159893360145908889087340298640177; + uint256 constant IC18x = 7874670996063895301022675254507504023996844454270681310245045360371548207593; + uint256 constant IC18y = 4906272562446411959996790191782933892624669175959999396258173204803057747802; - uint256 constant IC19x = 15900131335610921333626758802905131580301224709204974700316749114807486504053; - uint256 constant IC19y = 1729318865526374690262520452959657584315619085621871951602181249717700328088; + uint256 constant IC19x = 6718068758839848944456102553943243734192494940351219060147807098504340933145; + uint256 constant IC19y = 19749712309929432365633731307262416305583098811676296992735054736542353771846; - uint256 constant IC20x = 13845641379291366534634477557244199946623324282300268341071098653725180432075; - uint256 constant IC20y = 8182608586763810087289077337145591608275544483545503703707793249132806236594; + uint256 constant IC20x = 12176774966903129701010883373268971316874402759136524023543221961925717374009; + uint256 constant IC20y = 10316950245175186647318117251800593818959589497566969142905778576985501289094; - uint256 constant IC21x = 5343342400303496860861208898492010041508898844862497075734646763773996559494; - uint256 constant IC21y = 4017382599443690041437974102460647661050512673214397554371763568191322879855; + uint256 constant IC21x = 10783521488815019568722998972427903675610566048605720735071487149054891972189; + uint256 constant IC21y = 19897698431379210023931523484482075971373595776099016183701689207454616677220; - uint256 constant IC22x = 18257609592466037403188467385684967977123084669893222262201125210461209644509; - uint256 constant IC22y = 4336704889062162708468189423705402370938020424780356821278034794171415437454; + uint256 constant IC22x = 5686192372711372618497346248576535688658010637360628945740213576938981144374; + uint256 constant IC22y = 8257210265176086375186156384792077707461793999396533257754807652338899261851; - uint256 constant IC23x = 5631091906436527377164766154509610910409206369818965299775928097487273481563; - uint256 constant IC23y = 6763857674650635244980241690761230345878997034903998511217286241409348114171; + uint256 constant IC23x = 5606244713006994272354131277915058148426505191268835047965998884675502616031; + uint256 constant IC23y = 2348995245049377607506145290150107096011641146206436923515875214498125762021; // Memory data @@ -311,8 +311,6 @@ contract Groth16Verifier_CheckNullifierValueBatch { checkField(calldataload(add(_pubSignals, 704))) - checkField(calldataload(add(_pubSignals, 736))) - // Validate all evaluations let isValid := checkPairing(_pA, _pB, _pC, _pubSignals, pMem) diff --git a/solidity/contracts/lib/verifier_nf_anon.sol b/solidity/contracts/lib/verifier_nf_anon.sol index 560ba6b..5c0ab74 100644 --- a/solidity/contracts/lib/verifier_nf_anon.sol +++ b/solidity/contracts/lib/verifier_nf_anon.sol @@ -43,14 +43,14 @@ contract Groth16Verifier_NfAnon { uint256 constant deltay2 = 8495653923123431417604973247489272438418190587263600148770280649306958101930; - uint256 constant IC0x = 8896168657352135346852931425049121451414686792670862159598228223648574474816; - uint256 constant IC0y = 3445928520436873607114908053043484341123806826285361524855609990382159038574; + uint256 constant IC0x = 10020092930874300261989815110451890677858803515979509433662031865914072918226; + uint256 constant IC0y = 17070101185794415345355286346999709374848020479919874590476905964074414675269; - uint256 constant IC1x = 12747197512388676307230569341536923544501156514825459437594543270379647062147; - uint256 constant IC1y = 2023856853360183002608744687217746373426131324247248344310793476484287164484; + uint256 constant IC1x = 3016854710905203642733355095769727844360177340190579640278681028127715104344; + uint256 constant IC1y = 9782981420872624702200985986563400852904067131609181146236078534111835333347; - uint256 constant IC2x = 3572124471608987693279116866707919871663694495665223916115104182425153806409; - uint256 constant IC2y = 9980054201685895017487360544240987248099229202860587538985832327800899422700; + uint256 constant IC2x = 8026540857798483992461438269027385689642020173090622578932564876177211807450; + uint256 constant IC2y = 14111623716360882977581880238098907051633084770306352169299490213701026959554; // Memory data @@ -164,8 +164,6 @@ contract Groth16Verifier_NfAnon { checkField(calldataload(add(_pubSignals, 32))) - checkField(calldataload(add(_pubSignals, 64))) - // Validate all evaluations let isValid := checkPairing(_pA, _pB, _pC, _pubSignals, pMem) diff --git a/solidity/contracts/lib/verifier_nf_anon_nullifier.sol b/solidity/contracts/lib/verifier_nf_anon_nullifier.sol index 2c32716..ae24871 100644 --- a/solidity/contracts/lib/verifier_nf_anon_nullifier.sol +++ b/solidity/contracts/lib/verifier_nf_anon_nullifier.sol @@ -43,17 +43,17 @@ contract Groth16Verifier_NfAnonNullifier { uint256 constant deltay2 = 8495653923123431417604973247489272438418190587263600148770280649306958101930; - uint256 constant IC0x = 15122927331390279405439258032146487449250027476359233906619180855465373348241; - uint256 constant IC0y = 2718045126142014053720257881317305098803018579970809356897631096685372501122; + uint256 constant IC0x = 1850466847639060634404948347969036016875262442800831199585223676063607484668; + uint256 constant IC0y = 5662178717971815906611441896208998868499475684066306412423350073425653117131; - uint256 constant IC1x = 21391668661070512138766193982570587219164226159434666289060569284394104318882; - uint256 constant IC1y = 4859928570993601787638377720735137313229620109250558631239081427049061748842; + uint256 constant IC1x = 8774888538494050337883674636637208272398506056075530661626586829397859006583; + uint256 constant IC1y = 1583763613603549499951726198015830205128218111696136835698959694558808488054; - uint256 constant IC2x = 9238651205784637601498903748638349573597168502898133511394061527645140611343; - uint256 constant IC2y = 12605756568692259808122905477005610230025606897097532574582413706986915521373; + uint256 constant IC2x = 20873631781525799506250881528662457782718926069233700738254597852097385976433; + uint256 constant IC2y = 21436322362678356356877997860510575577638333767378180557423448006012318557325; - uint256 constant IC3x = 3892009176399630635248593186224953219648660590709191428333062867114110841830; - uint256 constant IC3y = 11124012146549484484524598757331252908477719206238132957074438811644969422613; + uint256 constant IC3x = 16778368608530321133354080546974520790336550324231545351923656573075653962439; + uint256 constant IC3y = 16981624837885417946667697563369553144779661269733523301503377826501899528934; // Memory data @@ -171,8 +171,6 @@ contract Groth16Verifier_NfAnonNullifier { checkField(calldataload(add(_pubSignals, 64))) - checkField(calldataload(add(_pubSignals, 96))) - // Validate all evaluations let isValid := checkPairing(_pA, _pB, _pC, _pubSignals, pMem) diff --git a/solidity/contracts/zeto_anon.sol b/solidity/contracts/zeto_anon.sol index e490d1c..59bd4b8 100644 --- a/solidity/contracts/zeto_anon.sol +++ b/solidity/contracts/zeto_anon.sol @@ -156,14 +156,7 @@ contract Zeto_Anon is IZeto, ZetoBase, ZetoFungibleWithdraw, UUPSUpgradeable { } processInputsAndOutputs(inputs, outputs); - - uint256[] memory inputArray = new uint256[](inputs.length); - uint256[] memory outputArray = new uint256[](outputs.length); - for (uint256 i = 0; i < inputs.length; ++i) { - inputArray[i] = inputs[i]; - outputArray[i] = outputs[i]; - } - emit UTXOTransfer(inputArray, outputArray, msg.sender, data); + emit UTXOTransfer(inputs, outputs, msg.sender, data); return true; } @@ -182,7 +175,8 @@ contract Zeto_Anon is IZeto, ZetoBase, ZetoFungibleWithdraw, UUPSUpgradeable { uint256 amount, uint256[] memory inputs, uint256 output, - Commonlib.Proof calldata proof + Commonlib.Proof calldata proof, + bytes calldata data ) public { // Check and pad inputs and outputs based on the max size uint256[] memory outputs = new uint256[](inputs.length); @@ -191,6 +185,7 @@ contract Zeto_Anon is IZeto, ZetoBase, ZetoFungibleWithdraw, UUPSUpgradeable { validateTransactionProposal(inputs, outputs, proof); _withdraw(amount, inputs, output, proof); processInputsAndOutputs(inputs, outputs); + emit UTXOWithdraw(amount, inputs, output, msg.sender, data); } function mint( diff --git a/solidity/contracts/zeto_anon_enc.sol b/solidity/contracts/zeto_anon_enc.sol index e620826..df91670 100644 --- a/solidity/contracts/zeto_anon_enc.sol +++ b/solidity/contracts/zeto_anon_enc.sol @@ -220,7 +220,8 @@ contract Zeto_AnonEnc is uint256 amount, uint256[] memory inputs, uint256 output, - Commonlib.Proof calldata proof + Commonlib.Proof calldata proof, + bytes calldata data ) public { uint256[] memory outputs = new uint256[](inputs.length); outputs[0] = output; @@ -229,6 +230,7 @@ contract Zeto_AnonEnc is validateTransactionProposal(inputs, outputs, proof); _withdraw(amount, inputs, output, proof); processInputsAndOutputs(inputs, outputs); + emit UTXOWithdraw(amount, inputs, output, msg.sender, data); } function mint( diff --git a/solidity/contracts/zeto_anon_enc_nullifier.sol b/solidity/contracts/zeto_anon_enc_nullifier.sol index 8477560..7a5e010 100644 --- a/solidity/contracts/zeto_anon_enc_nullifier.sol +++ b/solidity/contracts/zeto_anon_enc_nullifier.sol @@ -236,7 +236,8 @@ contract Zeto_AnonEncNullifier is uint256[] memory nullifiers, uint256 output, uint256 root, - Commonlib.Proof calldata proof + Commonlib.Proof calldata proof, + bytes calldata data ) public { uint256[] memory outputs = new uint256[](nullifiers.length); outputs[0] = output; @@ -249,6 +250,7 @@ contract Zeto_AnonEncNullifier is validateTransactionProposal(nullifiers, outputs, root); _withdrawWithNullifiers(amount, nullifiers, output, root, proof); processInputsAndOutputs(nullifiers, outputs); + emit UTXOWithdraw(amount, nullifiers, output, msg.sender, data); } function mint( diff --git a/solidity/contracts/zeto_anon_enc_nullifier_kyc.sol b/solidity/contracts/zeto_anon_enc_nullifier_kyc.sol index ee7ecad..54e86b9 100644 --- a/solidity/contracts/zeto_anon_enc_nullifier_kyc.sol +++ b/solidity/contracts/zeto_anon_enc_nullifier_kyc.sol @@ -251,7 +251,8 @@ contract Zeto_AnonEncNullifierKyc is uint256[] memory nullifiers, uint256 output, uint256 root, - Commonlib.Proof calldata proof + Commonlib.Proof calldata proof, + bytes calldata data ) public { uint256[] memory outputs = new uint256[](nullifiers.length); outputs[0] = output; @@ -264,6 +265,7 @@ contract Zeto_AnonEncNullifierKyc is validateTransactionProposal(nullifiers, outputs, root); _withdrawWithNullifiers(amount, nullifiers, output, root, proof); processInputsAndOutputs(nullifiers, outputs); + emit UTXOWithdraw(amount, nullifiers, output, msg.sender, data); } function mint( diff --git a/solidity/contracts/zeto_anon_enc_nullifier_non_repudiation.sol b/solidity/contracts/zeto_anon_enc_nullifier_non_repudiation.sol index 7079abe..d3da9db 100644 --- a/solidity/contracts/zeto_anon_enc_nullifier_non_repudiation.sol +++ b/solidity/contracts/zeto_anon_enc_nullifier_non_repudiation.sol @@ -287,7 +287,8 @@ contract Zeto_AnonEncNullifierNonRepudiation is uint256[] memory nullifiers, uint256 output, uint256 root, - Commonlib.Proof calldata proof + Commonlib.Proof calldata proof, + bytes calldata data ) public { uint256[] memory outputs = new uint256[](nullifiers.length); outputs[0] = output; @@ -300,6 +301,7 @@ contract Zeto_AnonEncNullifierNonRepudiation is validateTransactionProposal(nullifiers, outputs, root); _withdrawWithNullifiers(amount, nullifiers, output, root, proof); processInputsAndOutputs(nullifiers, outputs); + emit UTXOWithdraw(amount, nullifiers, output, msg.sender, data); } function mint( diff --git a/solidity/contracts/zeto_anon_nullifier.sol b/solidity/contracts/zeto_anon_nullifier.sol index ea2a75b..ea6809c 100644 --- a/solidity/contracts/zeto_anon_nullifier.sol +++ b/solidity/contracts/zeto_anon_nullifier.sol @@ -205,7 +205,8 @@ contract Zeto_AnonNullifier is uint256[] memory nullifiers, uint256 output, uint256 root, - Commonlib.Proof calldata proof + Commonlib.Proof calldata proof, + bytes calldata data ) public { uint256[] memory outputs = new uint256[](nullifiers.length); outputs[0] = output; @@ -218,6 +219,7 @@ contract Zeto_AnonNullifier is validateTransactionProposal(nullifiers, outputs, root); _withdrawWithNullifiers(amount, nullifiers, output, root, proof); processInputsAndOutputs(nullifiers, outputs); + emit UTXOWithdraw(amount, nullifiers, output, msg.sender, data); } function mint( diff --git a/solidity/contracts/zeto_anon_nullifier_kyc.sol b/solidity/contracts/zeto_anon_nullifier_kyc.sol index 58f8147..8ecb960 100644 --- a/solidity/contracts/zeto_anon_nullifier_kyc.sol +++ b/solidity/contracts/zeto_anon_nullifier_kyc.sol @@ -215,7 +215,8 @@ contract Zeto_AnonNullifierKyc is uint256[] memory nullifiers, uint256 output, uint256 root, - Commonlib.Proof calldata proof + Commonlib.Proof calldata proof, + bytes calldata data ) public { uint256[] memory outputs = new uint256[](nullifiers.length); outputs[0] = output; @@ -228,6 +229,7 @@ contract Zeto_AnonNullifierKyc is validateTransactionProposal(nullifiers, outputs, root); _withdrawWithNullifiers(amount, nullifiers, output, root, proof); processInputsAndOutputs(nullifiers, outputs); + emit UTXOWithdraw(amount, nullifiers, output, msg.sender, data); } function mint( diff --git a/solidity/package.json b/solidity/package.json index 212dea8..95c87cb 100644 --- a/solidity/package.json +++ b/solidity/package.json @@ -3,7 +3,7 @@ "version": "0.0.1", "description": "Zero knowledge proof based UTXO tokens toolkit for fungible or non-fungible assets", "main": "index.js", - "scripts": { + "scripts": { "prettier": "npx prettier contracts scripts ignition test --check", "prettier:fix": "npm run prettier -- --write", "pretest": "npm run prettier:fix", @@ -18,10 +18,9 @@ "@nomicfoundation/hardhat-ignition-ethers": "^0.15.0", "@nomicfoundation/hardhat-toolbox": "^5.0.0", "circomlibjs": "^0.1.7", - "hardhat": "^2.22.2", "maci-crypto": "1.1.1", "prettier": "^3.3.3", - "snarkjs": "^0.7.3", + "snarkjs": "0.7.5", "zeto-js": "file:../zkp/js" }, "dependencies": { diff --git a/solidity/test/zeto_anon.ts b/solidity/test/zeto_anon.ts index 1ba4573..789a567 100644 --- a/solidity/test/zeto_anon.ts +++ b/solidity/test/zeto_anon.ts @@ -151,7 +151,7 @@ describe("Zeto based fungible token with anonymity without encryption or nullifi // Alice withdraws her UTXOs to ERC20 tokens const tx = await zeto .connect(Alice.signer) - .withdraw(3, inputCommitments, outputCommitments[0], encodedProof); + .withdraw(3, inputCommitments, outputCommitments[0], encodedProof, "0x"); await tx.wait(); // Alice checks her ERC20 balance @@ -262,7 +262,7 @@ describe("Zeto based fungible token with anonymity without encryption or nullifi // Alice withdraws her UTXOs to ERC20 tokens const tx = await zeto .connect(Alice.signer) - .withdraw(80, inputCommitments, outputCommitments[0], encodedProof); + .withdraw(80, inputCommitments, outputCommitments[0], encodedProof, "0x"); await tx.wait(); // Alice checks her ERC20 balance @@ -329,7 +329,7 @@ describe("Zeto based fungible token with anonymity without encryption or nullifi await expect( zeto .connect(Alice.signer) - .withdraw(10, inputCommitments, outputCommitments[0], encodedProof), + .withdraw(10, inputCommitments, outputCommitments[0], encodedProof, "0x"), ).rejectedWith("UTXOAlreadySpent"); }); diff --git a/solidity/test/zeto_anon_enc.ts b/solidity/test/zeto_anon_enc.ts index 1e9c638..757586a 100644 --- a/solidity/test/zeto_anon_enc.ts +++ b/solidity/test/zeto_anon_enc.ts @@ -172,7 +172,7 @@ describe("Zeto based fungible token with anonymity and encryption", function () // Alice withdraws her UTXOs to ERC20 tokens const tx = await zeto .connect(Alice.signer) - .withdraw(3, inputCommitments, outputCommitments[0], encodedProof); + .withdraw(3, inputCommitments, outputCommitments[0], encodedProof, "0x"); await tx.wait(); // Alice checks her ERC20 balance @@ -283,7 +283,7 @@ describe("Zeto based fungible token with anonymity and encryption", function () // Alice withdraws her UTXOs to ERC20 tokens const tx = await zeto .connect(Alice.signer) - .withdraw(80, inputCommitments, outputCommitments[0], encodedProof); + .withdraw(80, inputCommitments, outputCommitments[0], encodedProof, "0x"); await tx.wait(); // Alice checks her ERC20 balance @@ -313,7 +313,7 @@ describe("Zeto based fungible token with anonymity and encryption", function () await expect( zeto .connect(Alice.signer) - .withdraw(10, inputCommitments, outputCommitments[0], encodedProof), + .withdraw(10, inputCommitments, outputCommitments[0], encodedProof, "0x"), ).rejectedWith("UTXOAlreadySpent"); }); diff --git a/solidity/test/zeto_anon_enc_nullifier.ts b/solidity/test/zeto_anon_enc_nullifier.ts index 261e361..e1c230d 100644 --- a/solidity/test/zeto_anon_enc_nullifier.ts +++ b/solidity/test/zeto_anon_enc_nullifier.ts @@ -256,6 +256,7 @@ describe("Zeto based fungible token with anonymity using nullifiers and encrypti withdrawCommitments[0], root.bigInt(), withdrawEncodedProof, + "0x" ); await tx.wait(); @@ -457,6 +458,7 @@ describe("Zeto based fungible token with anonymity using nullifiers and encrypti outputCommitments[0], root.bigInt(), encodedProof, + "0x" ); await tx.wait(); @@ -517,6 +519,7 @@ describe("Zeto based fungible token with anonymity using nullifiers and encrypti outputCommitments[0], root.bigInt(), encodedProof, + "0x" ), ).rejectedWith("UTXOAlreadySpent"); }); @@ -842,9 +845,7 @@ describe("Zeto based fungible token with anonymity using nullifiers and encrypti ); const results: ContractTransactionReceipt | null = await tx.wait(); console.log( - `Time to execute transaction: ${Date.now() - startTx}ms. Gas used: ${ - results?.gasUsed - }`, + `Time to execute transaction: ${Date.now() - startTx}ms. Gas used: ${results?.gasUsed}`, ); return results; } diff --git a/solidity/test/zeto_anon_enc_nullifier_kyc.ts b/solidity/test/zeto_anon_enc_nullifier_kyc.ts index cb46e80..4b808f0 100644 --- a/solidity/test/zeto_anon_enc_nullifier_kyc.ts +++ b/solidity/test/zeto_anon_enc_nullifier_kyc.ts @@ -318,6 +318,7 @@ describe("Zeto based fungible token with anonymity using nullifiers and encrypti withdrawCommitments[0], root.bigInt(), withdrawEncodedProof, + "0x" ); await tx.wait(); @@ -565,6 +566,7 @@ describe("Zeto based fungible token with anonymity using nullifiers and encrypti outputCommitments[0], root.bigInt(), encodedProof, + "0x" ); await tx.wait(); @@ -720,6 +722,7 @@ describe("Zeto based fungible token with anonymity using nullifiers and encrypti outputCommitments[0], root.bigInt(), encodedProof, + "0x" ); await tx.wait(); @@ -787,6 +790,7 @@ describe("Zeto based fungible token with anonymity using nullifiers and encrypti outputCommitments[0], root.bigInt(), encodedProof, + "0x" ), ).rejectedWith("UTXOAlreadySpent"); }); @@ -1186,9 +1190,7 @@ describe("Zeto based fungible token with anonymity using nullifiers and encrypti ); const results: ContractTransactionReceipt | null = await tx.wait(); console.log( - `Time to execute transaction: ${Date.now() - startTx}ms. Gas used: ${ - results?.gasUsed - }`, + `Time to execute transaction: ${Date.now() - startTx}ms. Gas used: ${results?.gasUsed}`, ); return results; } diff --git a/solidity/test/zeto_anon_enc_nullifier_non_repudiation.ts b/solidity/test/zeto_anon_enc_nullifier_non_repudiation.ts index 86a4976..6c371ba 100644 --- a/solidity/test/zeto_anon_enc_nullifier_non_repudiation.ts +++ b/solidity/test/zeto_anon_enc_nullifier_non_repudiation.ts @@ -312,6 +312,7 @@ describe("Zeto based fungible token with anonymity using nullifiers and encrypti withdrawCommitments[0], root.bigInt(), withdrawEncodedProof, + "0x" ); await tx.wait(); @@ -569,6 +570,7 @@ describe("Zeto based fungible token with anonymity using nullifiers and encrypti outputCommitments[0], root.bigInt(), encodedProof, + "0x" ); await tx.wait(); @@ -629,6 +631,7 @@ describe("Zeto based fungible token with anonymity using nullifiers and encrypti outputCommitments[0], root.bigInt(), encodedProof, + "0x" ), ).rejectedWith("UTXOAlreadySpent"); }); @@ -951,9 +954,7 @@ describe("Zeto based fungible token with anonymity using nullifiers and encrypti ); const results: ContractTransactionReceipt | null = await tx.wait(); console.log( - `Time to execute transaction: ${Date.now() - startTx}ms. Gas used: ${ - results?.gasUsed - }`, + `Time to execute transaction: ${Date.now() - startTx}ms. Gas used: ${results?.gasUsed}`, ); return results; } diff --git a/solidity/test/zeto_anon_nullifier.ts b/solidity/test/zeto_anon_nullifier.ts index 7bdd963..cfa2b47 100644 --- a/solidity/test/zeto_anon_nullifier.ts +++ b/solidity/test/zeto_anon_nullifier.ts @@ -228,6 +228,7 @@ describe("Zeto based fungible token with anonymity using nullifiers without encr withdrawCommitments[0], root.bigInt(), withdrawEncodedProof, + "0x" ); await tx.wait(); @@ -429,6 +430,7 @@ describe("Zeto based fungible token with anonymity using nullifiers without encr outputCommitments[0], root.bigInt(), encodedProof, + "0x" ); await tx.wait(); @@ -488,6 +490,7 @@ describe("Zeto based fungible token with anonymity using nullifiers without encr outputCommitments[0], root.bigInt(), encodedProof, + "0x" ), ).rejectedWith("UTXOAlreadySpent"); }); @@ -785,9 +788,7 @@ describe("Zeto based fungible token with anonymity using nullifiers without encr ); const results: ContractTransactionReceipt | null = await tx.wait(); console.log( - `Time to execute transaction: ${Date.now() - startTx}ms. Gas used: ${ - results?.gasUsed - }`, + `Time to execute transaction: ${Date.now() - startTx}ms. Gas used: ${results?.gasUsed}`, ); return results; } diff --git a/solidity/test/zeto_anon_nullifier_kyc.ts b/solidity/test/zeto_anon_nullifier_kyc.ts index 2a6c622..6ef0ae2 100644 --- a/solidity/test/zeto_anon_nullifier_kyc.ts +++ b/solidity/test/zeto_anon_nullifier_kyc.ts @@ -290,6 +290,7 @@ describe("Zeto based fungible token with anonymity, KYC, using nullifiers withou withdrawCommitments[0], root.bigInt(), withdrawEncodedProof, + "0x" ); await tx.wait(); @@ -536,6 +537,7 @@ describe("Zeto based fungible token with anonymity, KYC, using nullifiers withou outputCommitments[0], root.bigInt(), encodedProof, + "0x" ); await tx.wait(); @@ -691,6 +693,7 @@ describe("Zeto based fungible token with anonymity, KYC, using nullifiers withou outputCommitments[0], root.bigInt(), encodedProof, + "0x" ); await tx.wait(); @@ -756,6 +759,7 @@ describe("Zeto based fungible token with anonymity, KYC, using nullifiers withou outputCommitments[0], root.bigInt(), encodedProof, + "0x" ), ).rejectedWith("UTXOAlreadySpent"); }); @@ -1133,8 +1137,7 @@ describe("Zeto based fungible token with anonymity, KYC, using nullifiers withou ); const results: ContractTransactionReceipt | null = await tx.wait(); console.log( - `Time to execute transaction: ${Date.now() - startTx}ms. Gas used: ${ - results?.gasUsed + `Time to execute transaction: ${Date.now() - startTx}ms. Gas used: ${results?.gasUsed }`, ); return results; diff --git a/zkp/circuits/anon.circom b/zkp/circuits/anon.circom index 5cd2421..b272ff7 100644 --- a/zkp/circuits/anon.circom +++ b/zkp/circuits/anon.circom @@ -13,7 +13,7 @@ // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. -pragma circom 2.1.4; +pragma circom 2.1.9; include "./basetokens/anon_base.circom"; diff --git a/zkp/circuits/anon_batch.circom b/zkp/circuits/anon_batch.circom index 101ee83..47ac1fc 100644 --- a/zkp/circuits/anon_batch.circom +++ b/zkp/circuits/anon_batch.circom @@ -13,7 +13,7 @@ // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. -pragma circom 2.1.4; +pragma circom 2.1.9; include "./basetokens/anon_base.circom"; diff --git a/zkp/circuits/anon_enc.circom b/zkp/circuits/anon_enc.circom index d2e6480..129bdff 100644 --- a/zkp/circuits/anon_enc.circom +++ b/zkp/circuits/anon_enc.circom @@ -13,7 +13,7 @@ // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. -pragma circom 2.1.4; +pragma circom 2.1.9; include "./basetokens/anon_enc_base.circom"; diff --git a/zkp/circuits/anon_enc_batch.circom b/zkp/circuits/anon_enc_batch.circom index 7d589d5..57d250d 100644 --- a/zkp/circuits/anon_enc_batch.circom +++ b/zkp/circuits/anon_enc_batch.circom @@ -13,7 +13,7 @@ // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. -pragma circom 2.1.4; +pragma circom 2.1.9; include "./basetokens/anon_enc_base.circom"; diff --git a/zkp/circuits/anon_enc_nullifier.circom b/zkp/circuits/anon_enc_nullifier.circom index 76e3e8a..212e2a6 100644 --- a/zkp/circuits/anon_enc_nullifier.circom +++ b/zkp/circuits/anon_enc_nullifier.circom @@ -13,7 +13,7 @@ // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. -pragma circom 2.1.4; +pragma circom 2.1.9; include "./basetokens/anon_enc_nullifier_base.circom"; diff --git a/zkp/circuits/anon_enc_nullifier_batch.circom b/zkp/circuits/anon_enc_nullifier_batch.circom index 7844d29..4fd3670 100644 --- a/zkp/circuits/anon_enc_nullifier_batch.circom +++ b/zkp/circuits/anon_enc_nullifier_batch.circom @@ -13,7 +13,7 @@ // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. -pragma circom 2.1.4; +pragma circom 2.1.9; include "./basetokens/anon_enc_nullifier_base.circom"; diff --git a/zkp/circuits/anon_enc_nullifier_kyc.circom b/zkp/circuits/anon_enc_nullifier_kyc.circom index 41f1c3b..82264d6 100644 --- a/zkp/circuits/anon_enc_nullifier_kyc.circom +++ b/zkp/circuits/anon_enc_nullifier_kyc.circom @@ -13,7 +13,7 @@ // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. -pragma circom 2.1.4; +pragma circom 2.1.9; include "./basetokens/anon_enc_nullifier_kyc_base.circom"; diff --git a/zkp/circuits/anon_enc_nullifier_kyc_batch.circom b/zkp/circuits/anon_enc_nullifier_kyc_batch.circom index a6e4ab5..b39c35e 100644 --- a/zkp/circuits/anon_enc_nullifier_kyc_batch.circom +++ b/zkp/circuits/anon_enc_nullifier_kyc_batch.circom @@ -13,7 +13,7 @@ // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. -pragma circom 2.1.4; +pragma circom 2.1.9; include "./basetokens/anon_enc_nullifier_kyc_base.circom"; diff --git a/zkp/circuits/anon_enc_nullifier_non_repudiation.circom b/zkp/circuits/anon_enc_nullifier_non_repudiation.circom index be0f2b6..d30dea8 100644 --- a/zkp/circuits/anon_enc_nullifier_non_repudiation.circom +++ b/zkp/circuits/anon_enc_nullifier_non_repudiation.circom @@ -13,7 +13,7 @@ // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. -pragma circom 2.1.4; +pragma circom 2.1.9; include "./basetokens/anon_enc_nullifier_non_repudiation_base.circom"; diff --git a/zkp/circuits/anon_enc_nullifier_non_repudiation_batch.circom b/zkp/circuits/anon_enc_nullifier_non_repudiation_batch.circom index 797e73a..d623146 100644 --- a/zkp/circuits/anon_enc_nullifier_non_repudiation_batch.circom +++ b/zkp/circuits/anon_enc_nullifier_non_repudiation_batch.circom @@ -13,7 +13,7 @@ // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. -pragma circom 2.1.4; +pragma circom 2.1.9; include "./basetokens/anon_enc_nullifier_non_repudiation_base.circom"; diff --git a/zkp/circuits/anon_nullifier.circom b/zkp/circuits/anon_nullifier.circom index 283a31f..7bb3e45 100644 --- a/zkp/circuits/anon_nullifier.circom +++ b/zkp/circuits/anon_nullifier.circom @@ -13,7 +13,7 @@ // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. -pragma circom 2.1.4; +pragma circom 2.1.9; include "./basetokens/anon_nullifier_base.circom"; diff --git a/zkp/circuits/anon_nullifier_batch.circom b/zkp/circuits/anon_nullifier_batch.circom index 930a233..0be3eea 100644 --- a/zkp/circuits/anon_nullifier_batch.circom +++ b/zkp/circuits/anon_nullifier_batch.circom @@ -13,7 +13,7 @@ // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. -pragma circom 2.1.4; +pragma circom 2.1.9; include "./basetokens/anon_nullifier_base.circom"; diff --git a/zkp/circuits/anon_nullifier_kyc.circom b/zkp/circuits/anon_nullifier_kyc.circom index a29fc8e..cf97bae 100644 --- a/zkp/circuits/anon_nullifier_kyc.circom +++ b/zkp/circuits/anon_nullifier_kyc.circom @@ -13,7 +13,7 @@ // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. -pragma circom 2.1.4; +pragma circom 2.1.9; include "./basetokens/anon_nullifier_kyc_base.circom"; diff --git a/zkp/circuits/anon_nullifier_kyc_batch.circom b/zkp/circuits/anon_nullifier_kyc_batch.circom index 55ac0f6..8634852 100644 --- a/zkp/circuits/anon_nullifier_kyc_batch.circom +++ b/zkp/circuits/anon_nullifier_kyc_batch.circom @@ -13,7 +13,7 @@ // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. -pragma circom 2.1.4; +pragma circom 2.1.9; include "./basetokens/anon_nullifier_kyc_base.circom"; diff --git a/zkp/circuits/basetokens/anon_base.circom b/zkp/circuits/basetokens/anon_base.circom index 04f46d2..bb0fdeb 100644 --- a/zkp/circuits/basetokens/anon_base.circom +++ b/zkp/circuits/basetokens/anon_base.circom @@ -13,7 +13,7 @@ // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. -pragma circom 2.1.4; +pragma circom 2.1.9; include "../lib/check-positive.circom"; include "../lib/check-hashes.circom"; @@ -40,33 +40,15 @@ template Zeto(nInputs, nOutputs) { // for the sender's private key. This step demonstrates // the sender really owns the private key for the input // UTXOs - var inputOwnerPublicKey[2]; - component pub = BabyPbk(); - pub.in <== inputOwnerPrivateKey; - inputOwnerPublicKey[0] = pub.Ax; - inputOwnerPublicKey[1] = pub.Ay; + var inputOwnerPubKeyAx, inputOwnerPubKeyAy; + (inputOwnerPubKeyAx, inputOwnerPubKeyAy) = BabyPbk()(in <== inputOwnerPrivateKey); + var inputOwnerPublicKeys[nInputs][2]; for (var i = 0; i < nInputs; i++) { - inputOwnerPublicKeys[i][0] = inputOwnerPublicKey[0]; - inputOwnerPublicKeys[i][1] = inputOwnerPublicKey[1]; + inputOwnerPublicKeys[i]= [inputOwnerPubKeyAx, inputOwnerPubKeyAy]; } - - component checkPositives = CheckPositive(nOutputs); - checkPositives.outputValues <== outputValues; - - component checkInputHashes = CheckHashes(nInputs); - checkInputHashes.commitments <== inputCommitments; - checkInputHashes.values <== inputValues; - checkInputHashes.salts <== inputSalts; - checkInputHashes.ownerPublicKeys <== inputOwnerPublicKeys; - - component checkOutputHashes = CheckHashes(nOutputs); - checkOutputHashes.commitments <== outputCommitments; - checkOutputHashes.values <== outputValues; - checkOutputHashes.salts <== outputSalts; - checkOutputHashes.ownerPublicKeys <== outputOwnerPublicKeys; - - component checkSum = CheckSum(nInputs, nOutputs); - checkSum.inputValues <== inputValues; - checkSum.outputValues <== outputValues; + CheckPositive(nOutputs)(outputValues <== outputValues); + CheckHashes(nInputs)(commitments <== inputCommitments, values <== inputValues, salts <== inputSalts, ownerPublicKeys <== inputOwnerPublicKeys); + CheckHashes(nOutputs)(commitments <== outputCommitments, values <== outputValues, salts <== outputSalts, ownerPublicKeys <== outputOwnerPublicKeys); + CheckSum(nInputs, nOutputs)(inputValues <== inputValues, outputValues <== outputValues); } diff --git a/zkp/circuits/basetokens/anon_enc_base.circom b/zkp/circuits/basetokens/anon_enc_base.circom index fd3de0e..86e57ac 100644 --- a/zkp/circuits/basetokens/anon_enc_base.circom +++ b/zkp/circuits/basetokens/anon_enc_base.circom @@ -13,7 +13,7 @@ // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. -pragma circom 2.1.4; +pragma circom 2.1.9; include "../lib/check-positive.circom"; include "../lib/check-hashes.circom"; @@ -51,43 +51,22 @@ template Zeto(nInputs, nOutputs) { // for the sender's private key. This step demonstrates // the sender really owns the private key for the input // UTXOs - var inputOwnerPublicKey[2]; - component pub = BabyPbk(); - pub.in <== inputOwnerPrivateKey; - inputOwnerPublicKey[0] = pub.Ax; - inputOwnerPublicKey[1] = pub.Ay; + + var inputOwnerPubKeyAx, inputOwnerPubKeyAy; + (inputOwnerPubKeyAx, inputOwnerPubKeyAy) = BabyPbk()(in <== inputOwnerPrivateKey); + var inputOwnerPublicKeys[nInputs][2]; for (var i = 0; i < nInputs; i++) { - inputOwnerPublicKeys[i][0] = inputOwnerPublicKey[0]; - inputOwnerPublicKeys[i][1] = inputOwnerPublicKey[1]; + inputOwnerPublicKeys[i]= [inputOwnerPubKeyAx, inputOwnerPubKeyAy]; } - component checkPositives = CheckPositive(nOutputs); - checkPositives.outputValues <== outputValues; + CheckPositive(nOutputs)(outputValues <== outputValues); - component checkInputHashes = CheckHashes(nInputs); - checkInputHashes.commitments <== inputCommitments; - checkInputHashes.values <== inputValues; - checkInputHashes.salts <== inputSalts; - checkInputHashes.ownerPublicKeys <== inputOwnerPublicKeys; + CheckHashes(nInputs)(commitments <== inputCommitments, values <== inputValues, salts <== inputSalts, ownerPublicKeys <== inputOwnerPublicKeys); - component checkOutputHashes = CheckHashes(nOutputs); - checkOutputHashes.commitments <== outputCommitments; - checkOutputHashes.values <== outputValues; - checkOutputHashes.salts <== outputSalts; - checkOutputHashes.ownerPublicKeys <== outputOwnerPublicKeys; + CheckHashes(nOutputs)(commitments <== outputCommitments, values <== outputValues, salts <== outputSalts, ownerPublicKeys <== outputOwnerPublicKeys); - component checkSum = CheckSum(nInputs, nOutputs); - checkSum.inputValues <== inputValues; - checkSum.outputValues <== outputValues; + CheckSum(nInputs, nOutputs)(inputValues <== inputValues, outputValues <== outputValues); - component encryptOutputs = EncryptOutputs(nOutputs); - encryptOutputs.ecdhPrivateKey <== ecdhPrivateKey; - encryptOutputs.encryptionNonce <== encryptionNonce; - encryptOutputs.outputValues <== outputValues; - encryptOutputs.outputSalts <== outputSalts; - encryptOutputs.outputOwnerPublicKeys <== outputOwnerPublicKeys; - - encryptOutputs.ecdhPublicKey ==> ecdhPublicKey; - encryptOutputs.cipherTexts ==> cipherTexts; + (ecdhPublicKey,cipherTexts ) <== EncryptOutputs(nOutputs)(ecdhPrivateKey <== ecdhPrivateKey, outputValues <== outputValues, outputSalts <== outputSalts, outputOwnerPublicKeys <== outputOwnerPublicKeys, encryptionNonce <== encryptionNonce); } diff --git a/zkp/circuits/basetokens/anon_enc_nullifier_base.circom b/zkp/circuits/basetokens/anon_enc_nullifier_base.circom index 2b228c3..807be5e 100644 --- a/zkp/circuits/basetokens/anon_enc_nullifier_base.circom +++ b/zkp/circuits/basetokens/anon_enc_nullifier_base.circom @@ -13,7 +13,7 @@ // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. -pragma circom 2.1.4; +pragma circom 2.1.9; include "../lib/check-positive.circom"; include "../lib/check-hashes.circom"; @@ -59,59 +59,30 @@ template Zeto(nInputs, nOutputs, nSMTLevels) { // for the sender's private key. This step demonstrates // the sender really owns the private key for the input // UTXOs - var inputOwnerPublicKey[2]; - component pub = BabyPbk(); - pub.in <== inputOwnerPrivateKey; - inputOwnerPublicKey[0] = pub.Ax; - inputOwnerPublicKey[1] = pub.Ay; + var inputOwnerPubKeyAx, inputOwnerPubKeyAy; + (inputOwnerPubKeyAx, inputOwnerPubKeyAy) = BabyPbk()(in <== inputOwnerPrivateKey); + var inputOwnerPublicKeys[nInputs][2]; for (var i = 0; i < nInputs; i++) { - inputOwnerPublicKeys[i][0] = inputOwnerPublicKey[0]; - inputOwnerPublicKeys[i][1] = inputOwnerPublicKey[1]; + inputOwnerPublicKeys[i]= [inputOwnerPubKeyAx, inputOwnerPubKeyAy]; } - component checkPositives = CheckPositive(nOutputs); - checkPositives.outputValues <== outputValues; + CheckPositive(nOutputs)(outputValues <== outputValues); + + CheckHashes(nInputs)(commitments <== inputCommitments, values <== inputValues, salts <== inputSalts, ownerPublicKeys <== inputOwnerPublicKeys); - component checkInputHashes = CheckHashes(nInputs); - checkInputHashes.commitments <== inputCommitments; - checkInputHashes.values <== inputValues; - checkInputHashes.salts <== inputSalts; - checkInputHashes.ownerPublicKeys <== inputOwnerPublicKeys; + CheckHashes(nOutputs)(commitments <== outputCommitments, values <== outputValues, salts <== outputSalts, ownerPublicKeys <== outputOwnerPublicKeys); - component checkOutputHashes = CheckHashes(nOutputs); - checkOutputHashes.commitments <== outputCommitments; - checkOutputHashes.values <== outputValues; - checkOutputHashes.salts <== outputSalts; - checkOutputHashes.ownerPublicKeys <== outputOwnerPublicKeys; + CheckNullifiers(nInputs)(nullifiers <== nullifiers, values <== inputValues, salts <== inputSalts, ownerPrivateKey <== inputOwnerPrivateKey); - component checkNullifiers = CheckNullifiers(nInputs); - checkNullifiers.nullifiers <== nullifiers; - checkNullifiers.values <== inputValues; - checkNullifiers.salts <== inputSalts; - checkNullifiers.ownerPrivateKey <== inputOwnerPrivateKey; + CheckSum(nInputs, nOutputs)(inputValues <== inputValues, outputValues <== outputValues); - component checkSum = CheckSum(nInputs, nOutputs); - checkSum.inputValues <== inputValues; - checkSum.outputValues <== outputValues; // With the above steps, we demonstrated that the nullifiers // are securely bound to the input commitments. Now we need to // demonstrate that the input commitments belong to the Sparse // Merkle Tree with the root `root`. - component checkSMTProof = CheckSMTProof(nInputs, nSMTLevels); - checkSMTProof.root <== root; - checkSMTProof.merkleProof <== merkleProof; - checkSMTProof.enabled <== enabled; - checkSMTProof.leafNodeIndexes <== inputCommitments; + CheckSMTProof(nInputs, nSMTLevels)(root <== root, merkleProof <== merkleProof, enabled <== enabled, leafNodeIndexes <== inputCommitments); - component encryptOutputs = EncryptOutputs(nOutputs); - encryptOutputs.ecdhPrivateKey <== ecdhPrivateKey; - encryptOutputs.encryptionNonce <== encryptionNonce; - encryptOutputs.outputValues <== outputValues; - encryptOutputs.outputSalts <== outputSalts; - encryptOutputs.outputOwnerPublicKeys <== outputOwnerPublicKeys; - - encryptOutputs.ecdhPublicKey ==> ecdhPublicKey; - encryptOutputs.cipherTexts ==> cipherTexts; + (ecdhPublicKey, cipherTexts) <== EncryptOutputs(nOutputs)(ecdhPrivateKey <== ecdhPrivateKey, outputValues <== outputValues, outputSalts <== outputSalts, outputOwnerPublicKeys <== outputOwnerPublicKeys, encryptionNonce <== encryptionNonce); } diff --git a/zkp/circuits/basetokens/anon_enc_nullifier_kyc_base.circom b/zkp/circuits/basetokens/anon_enc_nullifier_kyc_base.circom index 2de3bcd..6d0cdcf 100644 --- a/zkp/circuits/basetokens/anon_enc_nullifier_kyc_base.circom +++ b/zkp/circuits/basetokens/anon_enc_nullifier_kyc_base.circom @@ -13,7 +13,7 @@ // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. -pragma circom 2.1.4; +pragma circom 2.1.9; include "../lib/check-positive.circom"; include "../lib/check-hashes.circom"; @@ -62,85 +62,44 @@ template Zeto(nInputs, nOutputs, nUTXOSMTLevels, nIdentitiesSMTLevels) { // for the sender's private key. This step demonstrates // the sender really owns the private key for the input // UTXOs - var inputOwnerPublicKey[2]; - component pub = BabyPbk(); - pub.in <== inputOwnerPrivateKey; - inputOwnerPublicKey[0] = pub.Ax; - inputOwnerPublicKey[1] = pub.Ay; + var inputOwnerPubKeyAx, inputOwnerPubKeyAy; + (inputOwnerPubKeyAx, inputOwnerPubKeyAy) = BabyPbk()(in <== inputOwnerPrivateKey); + var inputOwnerPublicKeys[nInputs][2]; for (var i = 0; i < nInputs; i++) { - inputOwnerPublicKeys[i][0] = inputOwnerPublicKey[0]; - inputOwnerPublicKeys[i][1] = inputOwnerPublicKey[1]; + inputOwnerPublicKeys[i]= [inputOwnerPubKeyAx, inputOwnerPubKeyAy]; } - component checkPositives = CheckPositive(nOutputs); - checkPositives.outputValues <== outputValues; + CheckPositive(nOutputs)(outputValues <== outputValues); - component checkInputHashes = CheckHashes(nInputs); - checkInputHashes.commitments <== inputCommitments; - checkInputHashes.values <== inputValues; - checkInputHashes.salts <== inputSalts; - checkInputHashes.ownerPublicKeys <== inputOwnerPublicKeys; + CheckHashes(nInputs)(commitments <== inputCommitments, values <== inputValues, salts <== inputSalts, ownerPublicKeys <== inputOwnerPublicKeys); - component checkOutputHashes = CheckHashes(nOutputs); - checkOutputHashes.commitments <== outputCommitments; - checkOutputHashes.values <== outputValues; - checkOutputHashes.salts <== outputSalts; - checkOutputHashes.ownerPublicKeys <== outputOwnerPublicKeys; + CheckHashes(nOutputs)(commitments <== outputCommitments, values <== outputValues, salts <== outputSalts, ownerPublicKeys <== outputOwnerPublicKeys); - component checkNullifiers = CheckNullifiers(nInputs); - checkNullifiers.nullifiers <== nullifiers; - checkNullifiers.values <== inputValues; - checkNullifiers.salts <== inputSalts; - checkNullifiers.ownerPrivateKey <== inputOwnerPrivateKey; + CheckNullifiers(nInputs)(nullifiers <== nullifiers, values <== inputValues, salts <== inputSalts, ownerPrivateKey <== inputOwnerPrivateKey); - component checkSum = CheckSum(nInputs, nOutputs); - checkSum.inputValues <== inputValues; - checkSum.outputValues <== outputValues; + CheckSum(nInputs, nOutputs)(inputValues <== inputValues, outputValues <== outputValues); // With the above steps, we demonstrated that the nullifiers // are securely bound to the input commitments. Now we need to // demonstrate that the input commitments belong to the Sparse // Merkle Tree with the root `root`. - component checkUTXOSMTProof = CheckSMTProof(nInputs, nUTXOSMTLevels); - checkUTXOSMTProof.root <== utxosRoot; - checkUTXOSMTProof.merkleProof <== utxosMerkleProof; - checkUTXOSMTProof.enabled <== enabled; - checkUTXOSMTProof.leafNodeIndexes <== inputCommitments; + CheckSMTProof(nInputs, nUTXOSMTLevels)(root <== utxosRoot, merkleProof <== utxosMerkleProof, enabled <== enabled, leafNodeIndexes <== inputCommitments); // Then, we need to check that the owner public keys // for the inputs and outputs are included in the identities // Sparse Merkle Tree with the root `identitiesRoot`. var ownerPublicKeyHashes[nOutputs + 1]; - component hash1 = Poseidon(2); - hash1.inputs[0] <== inputOwnerPublicKey[0]; - hash1.inputs[1] <== inputOwnerPublicKey[1]; - ownerPublicKeyHashes[0] = hash1.out; + ownerPublicKeyHashes[0] = Poseidon(2)(inputs <== [inputOwnerPubKeyAx, inputOwnerPubKeyAy]); - component hashes[nOutputs]; var identitiesMTPCheckEnabled[nOutputs + 1]; identitiesMTPCheckEnabled[0] = 1; for (var i = 0; i < nOutputs; i++) { - hashes[i] = Poseidon(2); - hashes[i].inputs[0] <== outputOwnerPublicKeys[i][0]; - hashes[i].inputs[1] <== outputOwnerPublicKeys[i][1]; - ownerPublicKeyHashes[i+1] = hashes[i].out; + ownerPublicKeyHashes[i+1] = Poseidon(2)(inputs <== outputOwnerPublicKeys[i]); identitiesMTPCheckEnabled[i+1] = 1; } - component checkIdentitiesSMTProof = CheckSMTProof(nOutputs + 1, nIdentitiesSMTLevels); - checkIdentitiesSMTProof.root <== identitiesRoot; - checkIdentitiesSMTProof.merkleProof <== identitiesMerkleProof; - checkIdentitiesSMTProof.enabled <== identitiesMTPCheckEnabled; - checkIdentitiesSMTProof.leafNodeIndexes <== ownerPublicKeyHashes; + CheckSMTProof(nOutputs + 1, nIdentitiesSMTLevels)(root <== identitiesRoot, merkleProof <== identitiesMerkleProof, enabled <== identitiesMTPCheckEnabled, leafNodeIndexes <== ownerPublicKeyHashes); - component encryptOutputs = EncryptOutputs(nOutputs); - encryptOutputs.ecdhPrivateKey <== ecdhPrivateKey; - encryptOutputs.encryptionNonce <== encryptionNonce; - encryptOutputs.outputValues <== outputValues; - encryptOutputs.outputSalts <== outputSalts; - encryptOutputs.outputOwnerPublicKeys <== outputOwnerPublicKeys; - - encryptOutputs.ecdhPublicKey ==> ecdhPublicKey; - encryptOutputs.cipherTexts ==> cipherTexts; + (ecdhPublicKey, cipherTexts) <== EncryptOutputs(nOutputs)(ecdhPrivateKey <== ecdhPrivateKey, outputValues <== outputValues, outputSalts <== outputSalts, outputOwnerPublicKeys <== outputOwnerPublicKeys, encryptionNonce <== encryptionNonce); } \ No newline at end of file diff --git a/zkp/circuits/basetokens/anon_enc_nullifier_non_repudiation_base.circom b/zkp/circuits/basetokens/anon_enc_nullifier_non_repudiation_base.circom index a06e420..d9a7ed0 100644 --- a/zkp/circuits/basetokens/anon_enc_nullifier_non_repudiation_base.circom +++ b/zkp/circuits/basetokens/anon_enc_nullifier_non_repudiation_base.circom @@ -13,7 +13,7 @@ // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. -pragma circom 2.1.4; +pragma circom 2.1.9; include "../lib/check-positive.circom"; include "../lib/check-hashes.circom"; @@ -75,98 +75,61 @@ template Zeto(nInputs, nOutputs, nSMTLevels) { // for the sender's private key. This step demonstrates // the sender really owns the private key for the input // UTXOs - var inputOwnerPublicKey[2]; - component pub = BabyPbk(); - pub.in <== inputOwnerPrivateKey; - inputOwnerPublicKey[0] = pub.Ax; - inputOwnerPublicKey[1] = pub.Ay; + var inputOwnerPubKeyAx, inputOwnerPubKeyAy; + (inputOwnerPubKeyAx, inputOwnerPubKeyAy) = BabyPbk()(in <== inputOwnerPrivateKey); + var inputOwnerPublicKeys[nInputs][2]; for (var i = 0; i < nInputs; i++) { - inputOwnerPublicKeys[i][0] = inputOwnerPublicKey[0]; - inputOwnerPublicKeys[i][1] = inputOwnerPublicKey[1]; + inputOwnerPublicKeys[i] = [inputOwnerPubKeyAx, inputOwnerPubKeyAy]; } - component checkPositives = CheckPositive(nOutputs); - checkPositives.outputValues <== outputValues; + CheckPositive(nOutputs)(outputValues <== outputValues); - component checkInputHashes = CheckHashes(nInputs); - checkInputHashes.commitments <== inputCommitments; - checkInputHashes.values <== inputValues; - checkInputHashes.salts <== inputSalts; - checkInputHashes.ownerPublicKeys <== inputOwnerPublicKeys; + CheckHashes(nInputs)(commitments <== inputCommitments, values <== inputValues, salts <== inputSalts, ownerPublicKeys <== inputOwnerPublicKeys); - component checkOutputHashes = CheckHashes(nOutputs); - checkOutputHashes.commitments <== outputCommitments; - checkOutputHashes.values <== outputValues; - checkOutputHashes.salts <== outputSalts; - checkOutputHashes.ownerPublicKeys <== outputOwnerPublicKeys; + CheckHashes(nOutputs)(commitments <== outputCommitments, values <== outputValues, salts <== outputSalts, ownerPublicKeys <== outputOwnerPublicKeys); - component checkNullifiers = CheckNullifiers(nInputs); - checkNullifiers.nullifiers <== nullifiers; - checkNullifiers.values <== inputValues; - checkNullifiers.salts <== inputSalts; - checkNullifiers.ownerPrivateKey <== inputOwnerPrivateKey; + CheckNullifiers(nInputs)(nullifiers <== nullifiers, values <== inputValues, salts <== inputSalts, ownerPrivateKey <== inputOwnerPrivateKey); - component checkSum = CheckSum(nInputs, nOutputs); - checkSum.inputValues <== inputValues; - checkSum.outputValues <== outputValues; + CheckSum(nInputs, nOutputs)(inputValues <== inputValues, outputValues <== outputValues); // With the above steps, we demonstrated that the nullifiers // are securely bound to the input commitments. Now we need to // demonstrate that the input commitments belong to the Sparse // Merkle Tree with the root `root`. - component checkSMTProof = CheckSMTProof(nInputs, nSMTLevels); - checkSMTProof.root <== root; - checkSMTProof.merkleProof <== merkleProof; - checkSMTProof.enabled <== enabled; - checkSMTProof.leafNodeIndexes <== inputCommitments; + CheckSMTProof(nInputs, nSMTLevels)(root <== root, merkleProof <== merkleProof, enabled <== enabled, leafNodeIndexes <== inputCommitments); // Generate cipher text for output utxos - component encryptOutputs = EncryptOutputs(nOutputs); - encryptOutputs.ecdhPrivateKey <== ecdhPrivateKey; - encryptOutputs.encryptionNonce <== encryptionNonce; - encryptOutputs.outputValues <== outputValues; - encryptOutputs.outputSalts <== outputSalts; - encryptOutputs.outputOwnerPublicKeys <== outputOwnerPublicKeys; - - encryptOutputs.ecdhPublicKey ==> ecdhPublicKey; - encryptOutputs.cipherTexts ==> cipherTexts; + (ecdhPublicKey, cipherTexts) <== EncryptOutputs(nOutputs)(ecdhPrivateKey <== ecdhPrivateKey, outputValues <== outputValues, outputSalts <== outputSalts, outputOwnerPublicKeys <== outputOwnerPublicKeys, encryptionNonce <== encryptionNonce); // generate shared secret for the authority var sharedSecretAuthority[2]; - component ecdhAuth = Ecdh(); - ecdhAuth.privKey <== ecdhPrivateKey; - ecdhAuth.pubKey[0] <== authorityPublicKey[0]; - ecdhAuth.pubKey[1] <== authorityPublicKey[1]; - sharedSecretAuthority[0] = ecdhAuth.sharedKey[0]; - sharedSecretAuthority[1] = ecdhAuth.sharedKey[1]; - - - // encrypt the values for the authority - component encryptAuth = SymmetricEncrypt(2 + 2 * nInputs + 4 * nOutputs); - encryptAuth.plainText[0] <== inputOwnerPublicKey[0]; - encryptAuth.plainText[1] <== inputOwnerPublicKey[1]; + (sharedSecretAuthority) = Ecdh()(privKey <== ecdhPrivateKey, pubKey <== authorityPublicKey); + // prepare text to be created for the authority + var plainText[2 + 2 * nInputs + 4 * nOutputs]; + plainText[0] = inputOwnerPubKeyAx; + plainText[1] = inputOwnerPubKeyAy; var idx1 = 2; for (var i = 0; i < nInputs; i++) { - encryptAuth.plainText[idx1] <== inputValues[i]; + plainText[idx1] = inputValues[i]; idx1++; - encryptAuth.plainText[idx1] <== inputSalts[i]; + plainText[idx1] = inputSalts[i]; idx1++; } for (var i = 0; i < nOutputs; i++) { - encryptAuth.plainText[idx1] <== outputOwnerPublicKeys[i][0]; + plainText[idx1] = outputOwnerPublicKeys[i][0]; idx1++; - encryptAuth.plainText[idx1] <== outputOwnerPublicKeys[i][1]; + plainText[idx1] = outputOwnerPublicKeys[i][1]; idx1++; } for (var i = 0; i < nOutputs; i++) { - encryptAuth.plainText[idx1] <== outputValues[i]; + plainText[idx1] = outputValues[i]; idx1++; - encryptAuth.plainText[idx1] <== outputSalts[i]; + plainText[idx1] = outputSalts[i]; idx1++; } - encryptAuth.key <== sharedSecretAuthority; - encryptAuth.nonce <== encryptionNonce; - encryptAuth.cipherText ==> cipherTextAuthority; + + // encrypt the values for the authority + cipherTextAuthority <== SymmetricEncrypt(2 + 2 * nInputs + 4 * nOutputs)(plainText <== plainText, key <== sharedSecretAuthority, nonce <== encryptionNonce); } \ No newline at end of file diff --git a/zkp/circuits/basetokens/anon_nullifier_base.circom b/zkp/circuits/basetokens/anon_nullifier_base.circom index 1005bbd..d7d1f99 100644 --- a/zkp/circuits/basetokens/anon_nullifier_base.circom +++ b/zkp/circuits/basetokens/anon_nullifier_base.circom @@ -13,7 +13,7 @@ // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. -pragma circom 2.1.4; +pragma circom 2.1.9; include "../lib/check-positive.circom"; include "../lib/check-hashes.circom"; @@ -49,49 +49,27 @@ template Zeto(nInputs, nOutputs, nSMTLevels) { // for the sender's private key. This step demonstrates // the sender really owns the private key for the input // UTXOs - var inputOwnerPublicKey[2]; - component pub = BabyPbk(); - pub.in <== inputOwnerPrivateKey; - inputOwnerPublicKey[0] = pub.Ax; - inputOwnerPublicKey[1] = pub.Ay; + var inputOwnerPubKeyAx, inputOwnerPubKeyAy; + (inputOwnerPubKeyAx, inputOwnerPubKeyAy) = BabyPbk()(in <== inputOwnerPrivateKey); + var inputOwnerPublicKeys[nInputs][2]; for (var i = 0; i < nInputs; i++) { - inputOwnerPublicKeys[i][0] = inputOwnerPublicKey[0]; - inputOwnerPublicKeys[i][1] = inputOwnerPublicKey[1]; + inputOwnerPublicKeys[i] = [inputOwnerPubKeyAx, inputOwnerPubKeyAy]; } - component checkPositives = CheckPositive(nOutputs); - checkPositives.outputValues <== outputValues; + CheckPositive(nOutputs)(outputValues <== outputValues); - component checkInputHashes = CheckHashes(nInputs); - checkInputHashes.commitments <== inputCommitments; - checkInputHashes.values <== inputValues; - checkInputHashes.salts <== inputSalts; - checkInputHashes.ownerPublicKeys <== inputOwnerPublicKeys; + CheckHashes(nInputs)(commitments <== inputCommitments, values <== inputValues, salts <== inputSalts, ownerPublicKeys <== inputOwnerPublicKeys); - component checkOutputHashes = CheckHashes(nOutputs); - checkOutputHashes.commitments <== outputCommitments; - checkOutputHashes.values <== outputValues; - checkOutputHashes.salts <== outputSalts; - checkOutputHashes.ownerPublicKeys <== outputOwnerPublicKeys; + CheckHashes(nOutputs)(commitments <== outputCommitments, values <== outputValues, salts <== outputSalts, ownerPublicKeys <== outputOwnerPublicKeys); - component checkNullifiers = CheckNullifiers(nInputs); - checkNullifiers.nullifiers <== nullifiers; - checkNullifiers.values <== inputValues; - checkNullifiers.salts <== inputSalts; - checkNullifiers.ownerPrivateKey <== inputOwnerPrivateKey; + CheckNullifiers(nInputs)(nullifiers <== nullifiers, values <== inputValues, salts <== inputSalts, ownerPrivateKey <== inputOwnerPrivateKey); - component checkSum = CheckSum(nInputs, nOutputs); - checkSum.inputValues <== inputValues; - checkSum.outputValues <== outputValues; + CheckSum(nInputs, nOutputs)(inputValues <== inputValues, outputValues <== outputValues); // With the above steps, we demonstrated that the nullifiers // are securely bound to the input commitments. Now we need to // demonstrate that the input commitments belong to the Sparse // Merkle Tree with the root `root`. - component checkSMTProof = CheckSMTProof(nInputs, nSMTLevels); - checkSMTProof.root <== root; - checkSMTProof.merkleProof <== merkleProof; - checkSMTProof.enabled <== enabled; - checkSMTProof.leafNodeIndexes <== inputCommitments; + CheckSMTProof(nInputs, nSMTLevels)(root <== root, merkleProof <== merkleProof, enabled <== enabled, leafNodeIndexes <== inputCommitments); } diff --git a/zkp/circuits/basetokens/anon_nullifier_kyc_base.circom b/zkp/circuits/basetokens/anon_nullifier_kyc_base.circom index 5346e2a..c5d3147 100644 --- a/zkp/circuits/basetokens/anon_nullifier_kyc_base.circom +++ b/zkp/circuits/basetokens/anon_nullifier_kyc_base.circom @@ -13,7 +13,7 @@ // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. -pragma circom 2.1.4; +pragma circom 2.1.9; include "../lib/check-positive.circom"; include "../lib/check-hashes.circom"; @@ -53,75 +53,42 @@ template Zeto(nInputs, nOutputs, nUTXOSMTLevels, nIdentitiesSMTLevels) { // for the sender's private key. This step demonstrates // the sender really owns the private key for the input // UTXOs - var inputOwnerPublicKey[2]; - component pub = BabyPbk(); - pub.in <== inputOwnerPrivateKey; - inputOwnerPublicKey[0] = pub.Ax; - inputOwnerPublicKey[1] = pub.Ay; + var inputOwnerPubKeyAx, inputOwnerPubKeyAy; + (inputOwnerPubKeyAx, inputOwnerPubKeyAy) = BabyPbk()(in <== inputOwnerPrivateKey); + var inputOwnerPublicKeys[nInputs][2]; for (var i = 0; i < nInputs; i++) { - inputOwnerPublicKeys[i][0] = inputOwnerPublicKey[0]; - inputOwnerPublicKeys[i][1] = inputOwnerPublicKey[1]; + inputOwnerPublicKeys[i] = [inputOwnerPubKeyAx, inputOwnerPubKeyAy]; } - component checkPositives = CheckPositive(nOutputs); - checkPositives.outputValues <== outputValues; + CheckPositive(nOutputs)(outputValues <== outputValues); - component checkInputHashes = CheckHashes(nInputs); - checkInputHashes.commitments <== inputCommitments; - checkInputHashes.values <== inputValues; - checkInputHashes.salts <== inputSalts; - checkInputHashes.ownerPublicKeys <== inputOwnerPublicKeys; + CheckHashes(nInputs)(commitments <== inputCommitments, values <== inputValues, salts <== inputSalts, ownerPublicKeys <== inputOwnerPublicKeys); - component checkOutputHashes = CheckHashes(nOutputs); - checkOutputHashes.commitments <== outputCommitments; - checkOutputHashes.values <== outputValues; - checkOutputHashes.salts <== outputSalts; - checkOutputHashes.ownerPublicKeys <== outputOwnerPublicKeys; + CheckHashes(nOutputs)(commitments <== outputCommitments, values <== outputValues, salts <== outputSalts, ownerPublicKeys <== outputOwnerPublicKeys); - component checkNullifiers = CheckNullifiers(nInputs); - checkNullifiers.nullifiers <== nullifiers; - checkNullifiers.values <== inputValues; - checkNullifiers.salts <== inputSalts; - checkNullifiers.ownerPrivateKey <== inputOwnerPrivateKey; + CheckNullifiers(nInputs)(nullifiers <== nullifiers, values <== inputValues, salts <== inputSalts, ownerPrivateKey <== inputOwnerPrivateKey); - component checkSum = CheckSum(nInputs, nOutputs); - checkSum.inputValues <== inputValues; - checkSum.outputValues <== outputValues; + CheckSum(nInputs, nOutputs)(inputValues <== inputValues, outputValues <== outputValues); // With the above steps, we demonstrated that the nullifiers // are securely bound to the input commitments. Now we need to // demonstrate that the input commitments belong to the Sparse // Merkle Tree with the root `root`. - component checkUTXOSMTProof = CheckSMTProof(nInputs, nUTXOSMTLevels); - checkUTXOSMTProof.root <== utxosRoot; - checkUTXOSMTProof.merkleProof <== utxosMerkleProof; - checkUTXOSMTProof.enabled <== enabled; - checkUTXOSMTProof.leafNodeIndexes <== inputCommitments; + CheckSMTProof(nInputs, nUTXOSMTLevels)(root <== utxosRoot, merkleProof <== utxosMerkleProof, enabled <== enabled, leafNodeIndexes <== inputCommitments); // Finally, we need to demonstrate that the owner public keys // for the inputs and outputs are included in the identities // Sparse Merkle Tree with the root `identitiesRoot`. var ownerPublicKeyHashes[nOutputs + 1]; - component hash1 = Poseidon(2); - hash1.inputs[0] <== inputOwnerPublicKey[0]; - hash1.inputs[1] <== inputOwnerPublicKey[1]; - ownerPublicKeyHashes[0] = hash1.out; + ownerPublicKeyHashes[0] = Poseidon(2)(inputs <== [inputOwnerPubKeyAx, inputOwnerPubKeyAy]); - component hashes[nOutputs]; var identitiesMTPCheckEnabled[nOutputs + 1]; identitiesMTPCheckEnabled[0] = 1; for (var i = 0; i < nOutputs; i++) { - hashes[i] = Poseidon(2); - hashes[i].inputs[0] <== outputOwnerPublicKeys[i][0]; - hashes[i].inputs[1] <== outputOwnerPublicKeys[i][1]; - ownerPublicKeyHashes[i+1] = hashes[i].out; + ownerPublicKeyHashes[i+1] = Poseidon(2)(inputs <== outputOwnerPublicKeys[i]); identitiesMTPCheckEnabled[i+1] = 1; } - component checkIdentitiesSMTProof = CheckSMTProof(nOutputs + 1, nIdentitiesSMTLevels); - checkIdentitiesSMTProof.root <== identitiesRoot; - checkIdentitiesSMTProof.merkleProof <== identitiesMerkleProof; - checkIdentitiesSMTProof.enabled <== identitiesMTPCheckEnabled; - checkIdentitiesSMTProof.leafNodeIndexes <== ownerPublicKeyHashes; + CheckSMTProof(nOutputs + 1, nIdentitiesSMTLevels)(root <== identitiesRoot, merkleProof <== identitiesMerkleProof, enabled <== identitiesMTPCheckEnabled, leafNodeIndexes <== ownerPublicKeyHashes); } \ No newline at end of file diff --git a/zkp/circuits/check_hashes_value.circom b/zkp/circuits/check_hashes_value.circom index 5f1dc73..efc610d 100644 --- a/zkp/circuits/check_hashes_value.circom +++ b/zkp/circuits/check_hashes_value.circom @@ -13,7 +13,7 @@ // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. -pragma circom 2.1.4; +pragma circom 2.1.9; include "./lib/check-positive.circom"; include "./lib/check-hashes.circom"; @@ -25,14 +25,9 @@ template Zeto(nOutputs) { signal input outputOwnerPublicKeys[nOutputs][2]; signal output out; - component checkPositives = CheckPositive(nOutputs); - checkPositives.outputValues <== outputValues; + CheckPositive(nOutputs)(outputValues <== outputValues); - component checkHashesValue = CheckHashes(nOutputs); - checkHashesValue.commitments <== outputCommitments; - checkHashesValue.values <== outputValues; - checkHashesValue.salts <== outputSalts; - checkHashesValue.ownerPublicKeys <== outputOwnerPublicKeys; + CheckHashes(nOutputs)(commitments <== outputCommitments, values <== outputValues, salts <== outputSalts, ownerPublicKeys <== outputOwnerPublicKeys); // calculate the sum of output values and set to the output var sumOutputs = 0; diff --git a/zkp/circuits/check_inputs_outputs_value.circom b/zkp/circuits/check_inputs_outputs_value.circom index ae7834b..f469d64 100644 --- a/zkp/circuits/check_inputs_outputs_value.circom +++ b/zkp/circuits/check_inputs_outputs_value.circom @@ -13,7 +13,7 @@ // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. -pragma circom 2.1.4; +pragma circom 2.1.9; include "./lib/check-inputs-outputs-value-base.circom"; diff --git a/zkp/circuits/check_inputs_outputs_value_batch.circom b/zkp/circuits/check_inputs_outputs_value_batch.circom index 643ab3b..02231d0 100644 --- a/zkp/circuits/check_inputs_outputs_value_batch.circom +++ b/zkp/circuits/check_inputs_outputs_value_batch.circom @@ -13,7 +13,7 @@ // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. -pragma circom 2.1.4; +pragma circom 2.1.9; include "./lib/check-inputs-outputs-value-base.circom"; diff --git a/zkp/circuits/check_nullifier_value.circom b/zkp/circuits/check_nullifier_value.circom index 54c30f3..d9434c8 100644 --- a/zkp/circuits/check_nullifier_value.circom +++ b/zkp/circuits/check_nullifier_value.circom @@ -13,7 +13,7 @@ // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. -pragma circom 2.1.4; +pragma circom 2.1.9; include "./lib/check-nullifier-value-base.circom"; diff --git a/zkp/circuits/check_nullifier_value_batch.circom b/zkp/circuits/check_nullifier_value_batch.circom index 6a2c44a..5fab9ac 100644 --- a/zkp/circuits/check_nullifier_value_batch.circom +++ b/zkp/circuits/check_nullifier_value_batch.circom @@ -13,7 +13,7 @@ // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. -pragma circom 2.1.4; +pragma circom 2.1.9; include "./lib/check-nullifier-value-base.circom"; diff --git a/zkp/circuits/check_nullifiers.circom b/zkp/circuits/check_nullifiers.circom index 106b0f5..102e11d 100644 --- a/zkp/circuits/check_nullifiers.circom +++ b/zkp/circuits/check_nullifiers.circom @@ -13,7 +13,7 @@ // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. -pragma circom 2.1.4; +pragma circom 2.1.9; include "./lib/check-hashes.circom"; include "./lib/check-nullifiers.circom"; @@ -38,28 +38,17 @@ template Zeto(numInputs) { // for the sender's private key. This step demonstrates // the sender really owns the private key for the input // UTXOs - var inputOwnerPublicKey[2]; - component pub = BabyPbk(); - pub.in <== inputOwnerPrivateKey; - inputOwnerPublicKey[0] = pub.Ax; - inputOwnerPublicKey[1] = pub.Ay; + var inputOwnerPubKeyAx, inputOwnerPubKeyAy; + (inputOwnerPubKeyAx, inputOwnerPubKeyAy) = BabyPbk()(in <== inputOwnerPrivateKey); + var inputOwnerPublicKeys[numInputs][2]; for (var i = 0; i < numInputs; i++) { - inputOwnerPublicKeys[i][0] = inputOwnerPublicKey[0]; - inputOwnerPublicKeys[i][1] = inputOwnerPublicKey[1]; + inputOwnerPublicKeys[i] = [inputOwnerPubKeyAx, inputOwnerPubKeyAy]; } - component checkInputHashes = CheckHashes(numInputs); - checkInputHashes.commitments <== inputCommitments; - checkInputHashes.values <== inputValues; - checkInputHashes.salts <== inputSalts; - checkInputHashes.ownerPublicKeys <== inputOwnerPublicKeys; + CheckHashes(numInputs)(commitments <== inputCommitments, values <== inputValues, salts <== inputSalts, ownerPublicKeys <== inputOwnerPublicKeys); - component checkNullifiers = CheckNullifiers(numInputs); - checkNullifiers.nullifiers <== nullifiers; - checkNullifiers.values <== inputValues; - checkNullifiers.salts <== inputSalts; - checkNullifiers.ownerPrivateKey <== inputOwnerPrivateKey; + CheckNullifiers(numInputs)(nullifiers <== nullifiers, values <== inputValues, salts <== inputSalts, ownerPrivateKey <== inputOwnerPrivateKey); } component main { public [ nullifiers, inputCommitments ] } = Zeto(2); \ No newline at end of file diff --git a/zkp/circuits/gen.js b/zkp/circuits/gen.js index cd65bc2..d15b714 100644 --- a/zkp/circuits/gen.js +++ b/zkp/circuits/gen.js @@ -151,7 +151,7 @@ const processCircuit = async (circuit, ptau, skipSolidityGenaration) => { } const { stdout: ctOut, stderr: ctErr } = await execAsync( - `circom ${circomInput} --output ${provingKeysRoot} --r1cs`, + `circom --O2 ${circomInput} --output ${provingKeysRoot} --r1cs`, ); if (verbose) { if (ctOut) { @@ -159,7 +159,7 @@ const processCircuit = async (circuit, ptau, skipSolidityGenaration) => { const { stdout: csOut } = await execAsync( `npx snarkjs r1cs print ${provingKeysRoot}/${circuit}.r1cs ${circuitsRoot}/${circuit}.sym `, ); - log(circuit, "constraints:\n" + csOut); + // log(circuit, "constraints:\n" + csOut); } if (ctErr) { log(circuit, "constraint error:\n" + ctErr); @@ -175,7 +175,7 @@ const processCircuit = async (circuit, ptau, skipSolidityGenaration) => { ); if (verbose) { if (pkOut) { - log(circuit, "test proving key generation output:\n" + pkOut); + // log(circuit, "test proving key generation output:\n" + pkOut); } if (pkErr) { log(circuit, "test proving key generation error:\n" + pkErr); @@ -190,7 +190,7 @@ const processCircuit = async (circuit, ptau, skipSolidityGenaration) => { ); if (verbose) { if (vkOut) { - log(circuit, "verification key export output:\n" + vkOut); + // log(circuit, "verification key export output:\n" + vkOut); } if (vkErr) { log(circuit, "verification key export error:\n" + vkErr); diff --git a/zkp/circuits/lib/check-hashes-tokenid-uri.circom b/zkp/circuits/lib/check-hashes-tokenid-uri.circom index a097be1..aa279c4 100644 --- a/zkp/circuits/lib/check-hashes-tokenid-uri.circom +++ b/zkp/circuits/lib/check-hashes-tokenid-uri.circom @@ -13,7 +13,7 @@ // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. -pragma circom 2.1.4; +pragma circom 2.1.9; include "../node_modules/circomlib/circuits/poseidon.circom"; include "../node_modules/circomlib/circuits/comparators.circom"; @@ -34,27 +34,20 @@ template CheckHashesForTokenIdAndUri(numInputs) { signal input ownerPublicKeys[numInputs][2]; // hash the input values - component inputHashes[numInputs]; - component checkEquals[numInputs]; - component checkZero[numInputs]; for (var i = 0; i < numInputs; i++) { // perform the hash calculation even though they are not needed when the input // commitment at the current index is 0; this is because in zkp circuits we // must always perform the same computation (have the the same constraints) - inputHashes[i] = Poseidon(5); - inputHashes[i].inputs[0] <== tokenIds[i]; - inputHashes[i].inputs[1] <== tokenUris[i]; - inputHashes[i].inputs[2] <== salts[i]; - inputHashes[i].inputs[3] <== ownerPublicKeys[i][0]; - inputHashes[i].inputs[4] <== ownerPublicKeys[i][1]; + var calculatedHash; + calculatedHash = Poseidon(5)([tokenIds[i], tokenUris[i], salts[i], ownerPublicKeys[i][0], ownerPublicKeys[i][1]]); // check that the input commitments match the calculated hashes - checkZero[i] = IsZero(); - checkZero[i].in <== commitments[i]; - checkEquals[i] = IsEqual(); - checkEquals[i].in[0] <== commitments[i]; - // ensure when commitment is 0, compare with 0 - checkEquals[i].in[1] <== (1 - checkZero[i].out) * inputHashes[i].out; - checkEquals[i].out === 1; + var isCommitmentZero; + isCommitmentZero = IsZero()(in <== commitments[i]); + + var isHashEqual; + isHashEqual = IsEqual()(in <== [commitments[i], (1 - isCommitmentZero) * calculatedHash /* ensure when commitment is 0, compare with 0 */]); + + isHashEqual === 1; } } diff --git a/zkp/circuits/lib/check-hashes.circom b/zkp/circuits/lib/check-hashes.circom index fc5c434..4311c90 100644 --- a/zkp/circuits/lib/check-hashes.circom +++ b/zkp/circuits/lib/check-hashes.circom @@ -13,7 +13,7 @@ // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. -pragma circom 2.1.4; +pragma circom 2.1.9; include "../node_modules/circomlib/circuits/poseidon.circom"; include "../node_modules/circomlib/circuits/comparators.circom"; @@ -30,26 +30,20 @@ template CheckHashes(numInputs) { signal input ownerPublicKeys[numInputs][2]; // hash the input values - component inputHashes[numInputs]; - component checkEquals[numInputs]; - component checkZero[numInputs]; for (var i = 0; i < numInputs; i++) { // perform the hash calculation even though they are not needed when the input // commitment at the current index is 0; this is because in zkp circuits we // must always perform the same computation (have the the same constraints) - inputHashes[i] = Poseidon(4); - inputHashes[i].inputs[0] <== values[i]; - inputHashes[i].inputs[1] <== salts[i]; - inputHashes[i].inputs[2] <== ownerPublicKeys[i][0]; - inputHashes[i].inputs[3] <== ownerPublicKeys[i][1]; + var calculatedHash; + calculatedHash = Poseidon(4)([values[i], salts[i], ownerPublicKeys[i][0], ownerPublicKeys[i][1]]); // check that the input commitments match the calculated hashes - checkZero[i] = IsZero(); - checkZero[i].in <== commitments[i]; - checkEquals[i] = IsEqual(); - checkEquals[i].in[0] <== commitments[i]; - // ensure when commitment is 0, compare with 0 - checkEquals[i].in[1] <== (1 - checkZero[i].out) * inputHashes[i].out; - checkEquals[i].out === 1; + var isCommitmentZero; + isCommitmentZero = IsZero()(in <== commitments[i]); + + var isHashEqual; + isHashEqual = IsEqual()(in <== [commitments[i], (1 - isCommitmentZero) * calculatedHash /* ensure when commitment is 0, compare with 0 */]); + + isHashEqual === 1; } } diff --git a/zkp/circuits/lib/check-inputs-outputs-value-base.circom b/zkp/circuits/lib/check-inputs-outputs-value-base.circom index debfd35..f38ca5c 100644 --- a/zkp/circuits/lib/check-inputs-outputs-value-base.circom +++ b/zkp/circuits/lib/check-inputs-outputs-value-base.circom @@ -13,7 +13,7 @@ // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. -pragma circom 2.1.4; +pragma circom 2.1.9; include "./check-positive.circom"; include "./check-hashes.circom"; @@ -47,31 +47,19 @@ template CheckInputsOutputsValue(numInputs, numOutputs) { // for the sender's private key. This step demonstrates // the sender really owns the private key for the input // UTXOs - var inputOwnerPublicKey[2]; - component pub = BabyPbk(); - pub.in <== inputOwnerPrivateKey; - inputOwnerPublicKey[0] = pub.Ax; - inputOwnerPublicKey[1] = pub.Ay; + var inputOwnerPubKeyAx, inputOwnerPubKeyAy; + (inputOwnerPubKeyAx, inputOwnerPubKeyAy) = BabyPbk()(in <== inputOwnerPrivateKey); + var inputOwnerPublicKeys[numInputs][2]; for (var i = 0; i < numInputs; i++) { - inputOwnerPublicKeys[i][0] = inputOwnerPublicKey[0]; - inputOwnerPublicKeys[i][1] = inputOwnerPublicKey[1]; + inputOwnerPublicKeys[i] = [inputOwnerPubKeyAx, inputOwnerPubKeyAy]; } - component checkPositives = CheckPositive(numOutputs); - checkPositives.outputValues <== outputValues; + CheckPositive(numOutputs)(outputValues <== outputValues); - component checkInputHashes = CheckHashes(numInputs); - checkInputHashes.commitments <== inputCommitments; - checkInputHashes.values <== inputValues; - checkInputHashes.salts <== inputSalts; - checkInputHashes.ownerPublicKeys <== inputOwnerPublicKeys; + CheckHashes(numInputs)(commitments <== inputCommitments, values <== inputValues, salts <== inputSalts, ownerPublicKeys <== inputOwnerPublicKeys); - component checkOutputHashes = CheckHashes(numOutputs); - checkOutputHashes.commitments <== outputCommitments; - checkOutputHashes.values <== outputValues; - checkOutputHashes.salts <== outputSalts; - checkOutputHashes.ownerPublicKeys <== outputOwnerPublicKeys; + CheckHashes(numOutputs)(commitments <== outputCommitments, values <== outputValues, salts <== outputSalts, ownerPublicKeys <== outputOwnerPublicKeys); // check that the sum of input values is greater than or equal to the sum of output values var sumInputs = 0; @@ -84,10 +72,10 @@ template CheckInputsOutputsValue(numInputs, numOutputs) { } // check that the sum of input values is greater than the sum of output values - component checkSum = GreaterEqThan(100); - checkSum.in[0] <== sumInputs; - checkSum.in[1] <== sumOutputs; - checkSum.out === 1; + var greaterEqThan; + greaterEqThan = GreaterEqThan(100)(in <== [sumInputs, sumOutputs]); + + greaterEqThan === 1; // return the remainder as output out <== sumInputs - sumOutputs; diff --git a/zkp/circuits/lib/check-nullifier-tokenid-uri.circom b/zkp/circuits/lib/check-nullifier-tokenid-uri.circom index f37985b..ce3cd33 100644 --- a/zkp/circuits/lib/check-nullifier-tokenid-uri.circom +++ b/zkp/circuits/lib/check-nullifier-tokenid-uri.circom @@ -13,7 +13,7 @@ // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. -pragma circom 2.1.4; +pragma circom 2.1.9; include "../node_modules/circomlib/circuits/poseidon.circom"; include "../node_modules/circomlib/circuits/comparators.circom"; @@ -38,23 +38,17 @@ template CheckNullifierForTokenIdAndUri(numInputs) { signal input ownerPrivateKey; // calculate the nullifier values from the input values - component nullifierHashes[numInputs]; - component checkEquals[numInputs]; - component checkZero[numInputs]; for (var i = 0; i < numInputs; i++) { - nullifierHashes[i] = Poseidon(4); - nullifierHashes[i].inputs[0] <== tokenIds[i]; - nullifierHashes[i].inputs[1] <== tokenUris[i]; - nullifierHashes[i].inputs[2] <== salts[i]; - nullifierHashes[i].inputs[3] <== ownerPrivateKey; + var calculatedHash; + calculatedHash = Poseidon(4)([tokenIds[i], tokenUris[i], salts[i], ownerPrivateKey]); // check that the nullifiers match the calculated hashes - checkZero[i] = IsZero(); - checkZero[i].in <== nullifiers[i]; - checkEquals[i] = IsEqual(); - checkEquals[i].in[0] <== nullifiers[i]; - // ensure when nullifier is 0, compare with 0 - checkEquals[i].in[1] <== (1 - checkZero[i].out) * nullifierHashes[i].out; - checkEquals[i].out === 1; + var isNullifierZero; + isNullifierZero = IsZero()(in <== nullifiers[i]); + + var isHashEqual; + isHashEqual = IsEqual()(in <== [nullifiers[i], (1 - isNullifierZero) * calculatedHash /* ensure when nullifier is 0, compare with 0 */]); + + isHashEqual === 1; } } diff --git a/zkp/circuits/lib/check-nullifier-value-base.circom b/zkp/circuits/lib/check-nullifier-value-base.circom index 9bbd81a..eb86da9 100644 --- a/zkp/circuits/lib/check-nullifier-value-base.circom +++ b/zkp/circuits/lib/check-nullifier-value-base.circom @@ -13,7 +13,7 @@ // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. -pragma circom 2.1.4; +pragma circom 2.1.9; include "./check-positive.circom"; include "./check-hashes.circom"; @@ -53,47 +53,27 @@ template CheckNullifiersInputsOutputsValue(numInputs, numOutputs, nSMTLevels) { // for the sender's private key. This step demonstrates // the sender really owns the private key for the input // UTXOs - var inputOwnerPublicKey[2]; - component pub = BabyPbk(); - pub.in <== inputOwnerPrivateKey; - inputOwnerPublicKey[0] = pub.Ax; - inputOwnerPublicKey[1] = pub.Ay; + var inputOwnerPubKeyAx, inputOwnerPubKeyAy; + (inputOwnerPubKeyAx, inputOwnerPubKeyAy) = BabyPbk()(in <== inputOwnerPrivateKey); + var inputOwnerPublicKeys[numInputs][2]; for (var i = 0; i < numInputs; i++) { - inputOwnerPublicKeys[i][0] = inputOwnerPublicKey[0]; - inputOwnerPublicKeys[i][1] = inputOwnerPublicKey[1]; + inputOwnerPublicKeys[i] = [inputOwnerPubKeyAx, inputOwnerPubKeyAy]; } - component checkPositives = CheckPositive(numOutputs); - checkPositives.outputValues <== outputValues; + CheckPositive(numOutputs)(outputValues <== outputValues); - component checkInputHashes = CheckHashes(numInputs); - checkInputHashes.commitments <== inputCommitments; - checkInputHashes.values <== inputValues; - checkInputHashes.salts <== inputSalts; - checkInputHashes.ownerPublicKeys <== inputOwnerPublicKeys; + CheckHashes(numInputs)(commitments <== inputCommitments, values <== inputValues, salts <== inputSalts, ownerPublicKeys <== inputOwnerPublicKeys); - component checkNullifiers = CheckNullifiers(numInputs); - checkNullifiers.nullifiers <== nullifiers; - checkNullifiers.values <== inputValues; - checkNullifiers.salts <== inputSalts; - checkNullifiers.ownerPrivateKey <== inputOwnerPrivateKey; + CheckNullifiers(numInputs)(nullifiers <== nullifiers, values <== inputValues, salts <== inputSalts, ownerPrivateKey <== inputOwnerPrivateKey); - component checkOutputHashes = CheckHashes(numOutputs); - checkOutputHashes.commitments <== outputCommitments; - checkOutputHashes.values <== outputValues; - checkOutputHashes.salts <== outputSalts; - checkOutputHashes.ownerPublicKeys <== outputOwnerPublicKeys; + CheckHashes(numOutputs)(commitments <== outputCommitments, values <== outputValues, salts <== outputSalts, ownerPublicKeys <== outputOwnerPublicKeys); // With the above steps, we demonstrated that the nullifiers // are securely bound to the input commitments. Now we need to // demonstrate that the input commitments belong to the Sparse // Merkle Tree with the root `root`. - component checkSMTProof = CheckSMTProof(numInputs, nSMTLevels); - checkSMTProof.root <== root; - checkSMTProof.merkleProof <== merkleProof; - checkSMTProof.enabled <== enabled; - checkSMTProof.leafNodeIndexes <== inputCommitments; + CheckSMTProof(numInputs, nSMTLevels)(root <== root, merkleProof <== merkleProof, enabled <== enabled, leafNodeIndexes <== inputCommitments); // check that the sum of input values equals the sum of output values var sumInputs = 0; @@ -106,10 +86,10 @@ template CheckNullifiersInputsOutputsValue(numInputs, numOutputs, nSMTLevels) { } // check that the sum of input values is greater than the sum of output values - component checkSum = GreaterEqThan(100); - checkSum.in[0] <== sumInputs; - checkSum.in[1] <== sumOutputs; - checkSum.out === 1; + var greaterEqThan; + greaterEqThan = GreaterEqThan(100)(in <== [sumInputs, sumOutputs]); + + greaterEqThan === 1; out <== sumInputs - sumOutputs; } diff --git a/zkp/circuits/lib/check-nullifiers.circom b/zkp/circuits/lib/check-nullifiers.circom index d04adb8..5f9a4e0 100644 --- a/zkp/circuits/lib/check-nullifiers.circom +++ b/zkp/circuits/lib/check-nullifiers.circom @@ -13,7 +13,7 @@ // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. -pragma circom 2.1.4; +pragma circom 2.1.9; include "../node_modules/circomlib/circuits/poseidon.circom"; include "../node_modules/circomlib/circuits/comparators.circom"; @@ -36,22 +36,18 @@ template CheckNullifiers(numInputs) { signal input ownerPrivateKey; // calculate the nullifier values from the input values - component nullifierHashes[numInputs]; - component checkEquals[numInputs]; - component checkZero[numInputs]; + for (var i = 0; i < numInputs; i++) { - nullifierHashes[i] = Poseidon(3); - nullifierHashes[i].inputs[0] <== values[i]; - nullifierHashes[i].inputs[1] <== salts[i]; - nullifierHashes[i].inputs[2] <== ownerPrivateKey; + var calculatedHash; + calculatedHash = Poseidon(3)(inputs <== [values[i], salts[i], ownerPrivateKey]); // check that the nullifiers match the calculated hashes - checkZero[i] = IsZero(); - checkZero[i].in <== nullifiers[i]; - checkEquals[i] = IsEqual(); - checkEquals[i].in[0] <== nullifiers[i]; - // ensure when nullifier is 0, compare with 0 - checkEquals[i].in[1] <== (1 - checkZero[i].out) * nullifierHashes[i].out; - checkEquals[i].out === 1; + var isNullifierZero; + isNullifierZero = IsZero()(in <== nullifiers[i]); + + var isHashEqual; + isHashEqual = IsEqual()(in <== [nullifiers[i], (1 - isNullifierZero) * calculatedHash /* ensure when nullifier is 0, compare with 0 */]); + + isHashEqual === 1; } } diff --git a/zkp/circuits/lib/check-positive.circom b/zkp/circuits/lib/check-positive.circom index 123aa50..ca61b43 100644 --- a/zkp/circuits/lib/check-positive.circom +++ b/zkp/circuits/lib/check-positive.circom @@ -13,7 +13,7 @@ // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. -pragma circom 2.1.4; +pragma circom 2.1.9; include "../node_modules/circomlib/circuits/poseidon.circom"; include "../node_modules/circomlib/circuits/comparators.circom"; @@ -29,11 +29,10 @@ template CheckPositive(numOutputs) { signal input outputValues[numOutputs]; // check that the output values are within the expected range. we don't allow negative values - component positive[numOutputs]; for (var i = 0; i < numOutputs; i++) { - positive[i] = GreaterEqThan(100); - positive[i].in[0] <== outputValues[i]; - positive[i].in[1] <== 0; - positive[i].out === 1; + var greaterEqThanZero; + greaterEqThanZero = GreaterEqThan(100)(in <== [outputValues[i], 0]); + + greaterEqThanZero === 1; } } \ No newline at end of file diff --git a/zkp/circuits/lib/check-smt-proof.circom b/zkp/circuits/lib/check-smt-proof.circom index a90099b..67eb043 100644 --- a/zkp/circuits/lib/check-smt-proof.circom +++ b/zkp/circuits/lib/check-smt-proof.circom @@ -13,7 +13,7 @@ // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. -pragma circom 2.1.4; +pragma circom 2.1.9; include "../node_modules/circomlib/circuits/smt/smtverifier.circom"; @@ -26,23 +26,14 @@ template CheckSMTProof(numInputs, nSMTLevels) { signal input merkleProof[numInputs][nSMTLevels]; signal input enabled[numInputs]; - component smtVerifier[numInputs]; for (var i = 0; i < numInputs; i++) { - smtVerifier[i] = SMTVerifier(nSMTLevels); - smtVerifier[i].enabled <== enabled[i]; - smtVerifier[i].root <== root; + var siblings[nSMTLevels]; for (var j = 0; j < nSMTLevels; j++) { - smtVerifier[i].siblings[j] <== merkleProof[i][j]; + siblings[j] = merkleProof[i][j]; } - smtVerifier[i].key <== leafNodeIndexes[i]; - smtVerifier[i].value <== leafNodeIndexes[i]; - // 0: inclusion proof, 1: exclusion proof - smtVerifier[i].fnc <== 0; - // these last values are only used in exclusion proofs. + // The old values are only used in exclusion proofs. // As such they are always 0 for inclusion proofs. // TODO: update when exclusion proofs are supported - smtVerifier[i].oldKey <== 0; - smtVerifier[i].oldValue <== 0; - smtVerifier[i].isOld0 <== 0; + SMTVerifier(nSMTLevels)(enabled <== enabled[i], root <== root, siblings <== siblings, key <== leafNodeIndexes[i], value <== leafNodeIndexes[i], fnc <== 0 /* 0: inclusion proof, 1: exclusion proof */, oldKey <== 0, oldValue <== 0, isOld0 <== 0); } } diff --git a/zkp/circuits/lib/check-sum.circom b/zkp/circuits/lib/check-sum.circom index 913a569..4a1f31b 100644 --- a/zkp/circuits/lib/check-sum.circom +++ b/zkp/circuits/lib/check-sum.circom @@ -13,7 +13,7 @@ // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. -pragma circom 2.1.4; +pragma circom 2.1.9; include "../node_modules/circomlib/circuits/poseidon.circom"; include "../node_modules/circomlib/circuits/comparators.circom"; @@ -34,8 +34,8 @@ template CheckSum(numInputs, numOutputs) { sumOutputs = sumOutputs + outputValues[i]; } - component checkEqual = IsEqual(); - checkEqual.in[0] <== sumInputs; - checkEqual.in[1] <== sumOutputs; - checkEqual.out === 1; + var isSumEqual; + isSumEqual = IsEqual()(in <== [sumInputs, sumOutputs]); + + isSumEqual === 1; } \ No newline at end of file diff --git a/zkp/circuits/lib/ecdh.circom b/zkp/circuits/lib/ecdh.circom index 8647bf7..e41675f 100644 --- a/zkp/circuits/lib/ecdh.circom +++ b/zkp/circuits/lib/ecdh.circom @@ -1,4 +1,4 @@ -pragma circom 2.1.4; +pragma circom 2.1.9; // Copyright © 2024 Kaleido, Inc. // @@ -27,8 +27,8 @@ template Ecdh() { signal output sharedKey[2]; - component privBits = Num2Bits(253); - privBits.in <== privKey; + var privBits[253]; + privBits = Num2Bits(253)(in <== privKey); // calculate the receiver's public key raised to the power of the sender's private key. // - Given the receiver's public key g^r ("r" is the receiver's private key) @@ -36,14 +36,5 @@ template Ecdh() { // - The receiver can derive the same shared secret by raising the sender's public key // to the power of the receiver's private key: (g^s)^r // - The shared secret is the same in both cases: g^(r*s) = g^(s*r) - component mulFix = EscalarMulAny(253); - mulFix.p[0] <== pubKey[0]; - mulFix.p[1] <== pubKey[1]; - - for (var i = 0; i < 253; i++) { - mulFix.e[i] <== privBits.out[i]; - } - - sharedKey[0] <== mulFix.out[0]; - sharedKey[1] <== mulFix.out[1]; + sharedKey <== EscalarMulAny(253)(p <== pubKey, e <== privBits); } \ No newline at end of file diff --git a/zkp/circuits/lib/encrypt-outputs.circom b/zkp/circuits/lib/encrypt-outputs.circom index 67f7535..bd11400 100644 --- a/zkp/circuits/lib/encrypt-outputs.circom +++ b/zkp/circuits/lib/encrypt-outputs.circom @@ -1,4 +1,4 @@ -pragma circom 2.1.4; +pragma circom 2.1.9; include "./ecdh.circom"; include "./encrypt.circom"; @@ -21,32 +21,14 @@ template EncryptOutputs(numOutputs) { // the output for the list of encrypted output UTXOs cipher texts signal output cipherTexts[numOutputs][4]; - component ecdh[numOutputs]; - component encrypt[numOutputs]; - for (var i = 0; i < numOutputs; i++) { // generate shared secret var sharedSecret[2]; - ecdh[i] = Ecdh(); - ecdh[i].privKey <== ecdhPrivateKey; - ecdh[i].pubKey[0] <== outputOwnerPublicKeys[i][0]; - ecdh[i].pubKey[1] <== outputOwnerPublicKeys[i][1]; - sharedSecret[0] = ecdh[i].sharedKey[0]; - sharedSecret[1] = ecdh[i].sharedKey[1]; + sharedSecret = Ecdh()(privKey <== ecdhPrivateKey, pubKey <== outputOwnerPublicKeys[i]); // encrypt the value for the output UTXOs - encrypt[i] = SymmetricEncrypt(2); - encrypt[i].plainText[0] <== outputValues[i]; - encrypt[i].plainText[1] <== outputSalts[i]; - encrypt[i].key <== sharedSecret; - encrypt[i].nonce <== encryptionNonce; - for (var j = 0; j < 4; j++) { - encrypt[i].cipherText[j] ==> cipherTexts[i][j]; - } + cipherTexts[i] <== SymmetricEncrypt(2)(plainText <== [outputValues[i], outputSalts[i]], key <== sharedSecret, nonce <== encryptionNonce); } - component ecdhPub = BabyPbk(); - ecdhPub.in <== ecdhPrivateKey; - ecdhPublicKey[0] <== ecdhPub.Ax; - ecdhPublicKey[1] <== ecdhPub.Ay; + (ecdhPublicKey[0], ecdhPublicKey[1]) <== BabyPbk()(in <== ecdhPrivateKey); } diff --git a/zkp/circuits/lib/encrypt.circom b/zkp/circuits/lib/encrypt.circom index 0f109fe..6435a3b 100644 --- a/zkp/circuits/lib/encrypt.circom +++ b/zkp/circuits/lib/encrypt.circom @@ -13,7 +13,7 @@ // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. -pragma circom 2.1.4; +pragma circom 2.1.9; include "../node_modules/circomlib/circuits/comparators.circom"; include "../node_modules/circomlib/circuits/poseidon.circom"; @@ -29,10 +29,9 @@ template SymmetricEncrypt(length) { var two128 = 2 ** 128; // nonce must be < 2^128 - component lt = LessThan(252); - lt.in[0] <== nonce; - lt.in[1] <== two128; - lt.out === 1; + var lessThanTwo128; + lessThanTwo128 = LessThan(252)(in <== [nonce, two128]); + lessThanTwo128 === 1; // the number of plain text messages must be multiple of 3 // pad the array with zeros if necessary. @@ -57,31 +56,21 @@ template SymmetricEncrypt(length) { var n = l \ 3; // create the initial state: [0, key[0], key[1], nonce + (length * 2^128)] - component rounds[n + 1]; - rounds[0] = PoseidonEx(4, 4); - rounds[0].initialState <== 0; - rounds[0].inputs[0] <== 0; - rounds[0].inputs[1] <== key[0]; - rounds[0].inputs[2] <== key[1]; - rounds[0].inputs[3] <== nonce + (length * two128); + var roundResults[n + 1][4]; + roundResults[0] = PoseidonEx(4, 4)(initialState <== 0, inputs <== [0, key[0], key[1], nonce + (length * two128)]); for (var i = 0; i < n; i++) { - rounds[i + 1] = PoseidonEx(4, 4); - rounds[i + 1].initialState <== 0; - rounds[i + 1].inputs[0] <== rounds[i].out[0]; + // release three elements of the ciphertext + cipherText[i * 3] <== roundResults[i][1] + messages[i * 3]; + cipherText[i * 3 + 1] <== roundResults[i][2] + messages[i * 3 + 1]; + cipherText[i * 3 + 2] <== roundResults[i][3] + messages[i * 3 + 2]; - // Absorb three elements of message, setting them to the + // For the inputs, absorb three elements of message, setting them to the // corresponding inputs of the next round - rounds[i + 1].inputs[1] <== rounds[i].out[1] + messages[i * 3]; - rounds[i + 1].inputs[2] <== rounds[i].out[2] + messages[i * 3 + 1]; - rounds[i + 1].inputs[3] <== rounds[i].out[3] + messages[i * 3 + 2]; + roundResults[i +1] = PoseidonEx(4, 4)(initialState <== 0, inputs <== [roundResults[i][0], cipherText[i * 3], cipherText[i * 3 + 1], cipherText[i * 3 + 2]]); - // release three elements of the ciphertext - cipherText[i * 3] <== rounds[i + 1].inputs[1]; - cipherText[i * 3 + 1] <== rounds[i + 1].inputs[2]; - cipherText[i * 3 + 2] <== rounds[i + 1].inputs[3]; } // Iterate Poseidon on the state one last time - cipherText[l] <== rounds[n].out[1]; + cipherText[l] <== roundResults[n][1]; } diff --git a/zkp/circuits/lib/poseidon-ex.circom b/zkp/circuits/lib/poseidon-ex.circom index 67e6475..d4129e4 100644 --- a/zkp/circuits/lib/poseidon-ex.circom +++ b/zkp/circuits/lib/poseidon-ex.circom @@ -1,4 +1,4 @@ -pragma circom 2.1.4; +pragma circom 2.1.9; include "../node_modules/circomlib/circuits/poseidon.circom"; @@ -6,15 +6,5 @@ template TestPoseidonEx() { signal input inputs[4]; signal output out[4]; - component poseidon = PoseidonEx(4, 4); - poseidon.initialState <== 0; - poseidon.inputs[0] <== inputs[0]; - poseidon.inputs[1] <== inputs[1]; - poseidon.inputs[2] <== inputs[2]; - poseidon.inputs[3] <== inputs[3]; - - out[0] <== poseidon.out[0]; - out[1] <== poseidon.out[1]; - out[2] <== poseidon.out[2]; - out[3] <== poseidon.out[3]; + out <== PoseidonEx(4, 4)(initialState <== 0, inputs <== inputs); } \ No newline at end of file diff --git a/zkp/circuits/lib/poseidon.circom b/zkp/circuits/lib/poseidon.circom index 84b95ef..53dc21d 100644 --- a/zkp/circuits/lib/poseidon.circom +++ b/zkp/circuits/lib/poseidon.circom @@ -1,4 +1,4 @@ -pragma circom 2.1.4; +pragma circom 2.1.9; include "../node_modules/circomlib/circuits/poseidon.circom"; @@ -8,10 +8,5 @@ template TestPoseidon() { signal input c; signal output out; - component poseidon = Poseidon(3); - poseidon.inputs[0] <== a; - poseidon.inputs[1] <== b; - poseidon.inputs[2] <== c; - - out <== poseidon.out; + out <== Poseidon(3)(inputs <== [a, b, c]); } \ No newline at end of file diff --git a/zkp/circuits/nf_anon.circom b/zkp/circuits/nf_anon.circom index 944f7b3..abfc8b4 100644 --- a/zkp/circuits/nf_anon.circom +++ b/zkp/circuits/nf_anon.circom @@ -13,7 +13,7 @@ // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. -pragma circom 2.1.4; +pragma circom 2.1.9; include "./lib/check-hashes-tokenid-uri.circom"; include "./lib/ecdh.circom"; @@ -40,30 +40,17 @@ template Zeto(nInputs, nOutputs) { // for the sender's private key. This step demonstrates // the sender really owns the private key for the input // UTXOs - var senderPublicKey[2]; - component pub = BabyPbk(); - pub.in <== inputOwnerPrivateKey; - senderPublicKey[0] = pub.Ax; - senderPublicKey[1] = pub.Ay; + var inputOwnerPubKeyAx, inputOwnerPubKeyAy; + (inputOwnerPubKeyAx, inputOwnerPubKeyAy) = BabyPbk()(in <== inputOwnerPrivateKey); + var inputOwnerPublicKeys[nInputs][2]; for (var i = 0; i < nInputs; i++) { - inputOwnerPublicKeys[i][0] = senderPublicKey[0]; - inputOwnerPublicKeys[i][1] = senderPublicKey[1]; + inputOwnerPublicKeys[i]= [inputOwnerPubKeyAx, inputOwnerPubKeyAy]; } - component checkInputHashes = CheckHashesForTokenIdAndUri(nInputs); - checkInputHashes.tokenIds <== tokenIds; - checkInputHashes.tokenUris <== tokenUris; - checkInputHashes.commitments <== inputCommitments; - checkInputHashes.salts <== inputSalts; - checkInputHashes.ownerPublicKeys <== inputOwnerPublicKeys; + CheckHashesForTokenIdAndUri(nInputs)(tokenIds <== tokenIds, tokenUris <== tokenUris, commitments <== inputCommitments, salts <== inputSalts, ownerPublicKeys <== inputOwnerPublicKeys); - component checkOutputHashes = CheckHashesForTokenIdAndUri(nOutputs); - checkOutputHashes.tokenIds <== tokenIds; - checkOutputHashes.tokenUris <== tokenUris; - checkOutputHashes.commitments <== outputCommitments; - checkOutputHashes.salts <== outputSalts; - checkOutputHashes.ownerPublicKeys <== outputOwnerPublicKeys; + CheckHashesForTokenIdAndUri(nOutputs)(tokenIds <== tokenIds, tokenUris <== tokenUris, commitments <== outputCommitments, salts <== outputSalts, ownerPublicKeys <== outputOwnerPublicKeys); } component main { public [ inputCommitments, outputCommitments ] } = Zeto(1, 1); \ No newline at end of file diff --git a/zkp/circuits/nf_anon_nullifier.circom b/zkp/circuits/nf_anon_nullifier.circom index 52c6864..45eca7b 100644 --- a/zkp/circuits/nf_anon_nullifier.circom +++ b/zkp/circuits/nf_anon_nullifier.circom @@ -13,7 +13,7 @@ // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. -pragma circom 2.1.4; +pragma circom 2.1.9; include "./lib/check-nullifier-tokenid-uri.circom"; include "./lib/check-hashes-tokenid-uri.circom"; @@ -41,52 +41,22 @@ template Zeto(nSMTLevels) { signal input outputOwnerPublicKey[2]; signal input outputSalt; - var tokenIds[1] = [tokenId]; - var tokenUris[1] = [tokenUri]; - var inputCommitments[1] = [inputCommitment]; - var inputSalts[1] = [inputSalt]; - var nullifiers[1] = [nullifier]; - var outputCommitments[1] = [outputCommitment]; - var outputSalts[1] = [outputSalt]; - var outputOwnerPublicKeys[1][2] = [outputOwnerPublicKey]; - // derive the sender's public key from the secret input // for the sender's private key. This step demonstrates // the sender really owns the private key for the input // UTXOs - var senderPublicKey[2]; - component pub = BabyPbk(); - pub.in <== inputOwnerPrivateKey; - senderPublicKey[0] = pub.Ax; - senderPublicKey[1] = pub.Ay; - var inputOwnerPublicKeys[1][2] = [senderPublicKey]; + var inputOwnerPubKeyAx, inputOwnerPubKeyAy; + (inputOwnerPubKeyAx, inputOwnerPubKeyAy) = BabyPbk()(in <== inputOwnerPrivateKey); + + var inputOwnerPublicKeys[1][2] = [[inputOwnerPubKeyAx, inputOwnerPubKeyAy]]; - component checkInputHashes = CheckHashesForTokenIdAndUri(1); - checkInputHashes.tokenIds <== tokenIds; - checkInputHashes.tokenUris <== tokenUris; - checkInputHashes.commitments <== inputCommitments; - checkInputHashes.salts <== inputSalts; - checkInputHashes.ownerPublicKeys <== inputOwnerPublicKeys; + CheckHashesForTokenIdAndUri(1)(tokenIds <== [tokenId], tokenUris <== [tokenUri], commitments <== [inputCommitment], salts <== [inputSalt], ownerPublicKeys <== inputOwnerPublicKeys); - component checkOutputHashes = CheckHashesForTokenIdAndUri(1); - checkOutputHashes.tokenIds <== tokenIds; - checkOutputHashes.tokenUris <== tokenUris; - checkOutputHashes.commitments <== outputCommitments; - checkOutputHashes.salts <== outputSalts; - checkOutputHashes.ownerPublicKeys <== outputOwnerPublicKeys; + CheckHashesForTokenIdAndUri(1)(tokenIds <== [tokenId], tokenUris <== [tokenUri], commitments <== [outputCommitment], salts <== [outputSalt], ownerPublicKeys <== [outputOwnerPublicKey]); - component checkHashesSum = CheckNullifierForTokenIdAndUri(1); - checkHashesSum.nullifiers <== nullifiers; - checkHashesSum.tokenIds <== tokenIds; - checkHashesSum.tokenUris <== tokenUris; - checkHashesSum.salts <== inputSalts; - checkHashesSum.ownerPrivateKey <== inputOwnerPrivateKey; + CheckNullifierForTokenIdAndUri(1)(nullifiers <== [nullifier], tokenIds <== [tokenId], tokenUris <== [tokenUri], salts <== [inputSalt], ownerPrivateKey <== inputOwnerPrivateKey); - component checkSMTProof = CheckSMTProof(1, nSMTLevels); - checkSMTProof.root <== root; - checkSMTProof.merkleProof <== [merkleProof]; - checkSMTProof.enabled <== [1]; - checkSMTProof.leafNodeIndexes <== inputCommitments; + CheckSMTProof(1, nSMTLevels)(root <== root, merkleProof <== [merkleProof], enabled <== [1], leafNodeIndexes <== [inputCommitment]); } component main { public [ nullifier, outputCommitment, root ] } = Zeto(64); \ No newline at end of file diff --git a/zkp/circuits/package.json b/zkp/circuits/package.json index d4ae515..1ace1da 100644 --- a/zkp/circuits/package.json +++ b/zkp/circuits/package.json @@ -12,7 +12,7 @@ "devDependencies": { "axios": "^1.7.3", "p-limit": "^6.1.0", - "snarkjs": "^0.7.4", + "snarkjs": "0.7.5", "yargs": "^17.7.2" } } diff --git a/zkp/js/package.json b/zkp/js/package.json index ac13d06..782ec27 100644 --- a/zkp/js/package.json +++ b/zkp/js/package.json @@ -23,6 +23,6 @@ "circomlibjs": "^0.1.7", "mocha": "^10.2.0", "prettier": "^3.3.3", - "snarkjs": "^0.7.4" + "snarkjs": "0.7.5" } } diff --git a/zkp/js/test/anon_enc_nullifier_kyc.js b/zkp/js/test/anon_enc_nullifier_kyc.js index 3a6ebd9..5ad53f4 100644 --- a/zkp/js/test/anon_enc_nullifier_kyc.js +++ b/zkp/js/test/anon_enc_nullifier_kyc.js @@ -352,7 +352,7 @@ describe("main circuit tests for Zeto fungible tokens with encryption and anonym err = e; } // console.log(err); - expect(err).to.match(/Error in template Zeto_267 line: 135/); - expect(err).to.match(/Error in template CheckSMTProof_253 line: 46/); + expect(err).to.match(/Error in template Zeto_267 line: 102/); + expect(err).to.match(/Error in template CheckSMTProof_253 line: 37/); }); }); diff --git a/zkp/js/test/anon_nullifier_kyc.js b/zkp/js/test/anon_nullifier_kyc.js index 80b0e38..124b5bc 100644 --- a/zkp/js/test/anon_nullifier_kyc.js +++ b/zkp/js/test/anon_nullifier_kyc.js @@ -299,6 +299,6 @@ describe("main circuit tests for Zeto fungible tokens with anonymity, KYC, using error = e; } // console.log(error); - expect(error).to.match(/Error in template CheckSMTProof_253 line: 46/); + expect(error).to.match(/Error in template CheckSMTProof_253 line: 37/); }); }); diff --git a/zkp/js/test/check_hashes_value.js b/zkp/js/test/check_hashes_value.js index 95cb134..630d8a6 100644 --- a/zkp/js/test/check_hashes_value.js +++ b/zkp/js/test/check_hashes_value.js @@ -107,7 +107,7 @@ describe('check_hashes_value circuit tests', () => { error = e; } // console.log(error); - expect(error).to.match(/Error in template CheckHashes_80 line: 53/); // hash check failed + expect(error).to.match(/Error in template CheckHashes_80 line: 47/); // hash check failed }); it('should fail to generate a witness because of negative values in output commitments', async () => { @@ -136,7 +136,7 @@ describe('check_hashes_value circuit tests', () => { error = e; } // console.log(error); - expect(error).to.match(/Error in template CheckPositive_3 line: 37/); // positive range check failed + expect(error).to.match(/Error in template CheckPositive_3 line: 36/); // positive range check failed }); it('should fail to generate a witness because of using the inverse of a negative value in output commitments', async () => { @@ -166,7 +166,7 @@ describe('check_hashes_value circuit tests', () => { error = e; } // console.log(error); - expect(error).to.match(/Error in template CheckPositive_3 line: 37/); // positive range check failed + expect(error).to.match(/Error in template CheckPositive_3 line: 36/); // positive range check failed }); it('should fail to generate a witness because a larger than MAX_VALUE is used in output', async () => { diff --git a/zkp/js/test/check_nullifiers.js b/zkp/js/test/check_nullifiers.js index 648645e..86efb23 100644 --- a/zkp/js/test/check_nullifiers.js +++ b/zkp/js/test/check_nullifiers.js @@ -150,6 +150,6 @@ describe("check_nullifiers circuit tests", () => { err = e; } // console.log(err); - expect(err).to.match(/Error in template Zeto_159 line: 62/); + expect(err).to.match(/Error in template Zeto_159 line: 51/); }); }); diff --git a/zkp/js/test/circuits/check-hashes-tokenid-uri.circom b/zkp/js/test/circuits/check-hashes-tokenid-uri.circom index 8706bd9..504d406 100644 --- a/zkp/js/test/circuits/check-hashes-tokenid-uri.circom +++ b/zkp/js/test/circuits/check-hashes-tokenid-uri.circom @@ -13,7 +13,7 @@ // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. -pragma circom 2.1.4; +pragma circom 2.1.9; include "../../../circuits/lib/check-hashes-tokenid-uri.circom"; diff --git a/zkp/js/test/circuits/check-hashes.circom b/zkp/js/test/circuits/check-hashes.circom index 2c45859..607e701 100644 --- a/zkp/js/test/circuits/check-hashes.circom +++ b/zkp/js/test/circuits/check-hashes.circom @@ -13,7 +13,7 @@ // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. -pragma circom 2.1.4; +pragma circom 2.1.9; include "../../../circuits/lib/check-hashes.circom"; diff --git a/zkp/js/test/circuits/check-nullifier-tokenid-uri.circom b/zkp/js/test/circuits/check-nullifier-tokenid-uri.circom index 9486379..e786535 100644 --- a/zkp/js/test/circuits/check-nullifier-tokenid-uri.circom +++ b/zkp/js/test/circuits/check-nullifier-tokenid-uri.circom @@ -13,7 +13,7 @@ // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. -pragma circom 2.1.4; +pragma circom 2.1.9; include "../../../circuits/lib/check-nullifier-tokenid-uri.circom"; diff --git a/zkp/js/test/circuits/check-nullifiers.circom b/zkp/js/test/circuits/check-nullifiers.circom index 85ec043..f42a503 100644 --- a/zkp/js/test/circuits/check-nullifiers.circom +++ b/zkp/js/test/circuits/check-nullifiers.circom @@ -13,7 +13,7 @@ // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. -pragma circom 2.1.4; +pragma circom 2.1.9; include "../../../circuits/lib/check-nullifiers.circom"; diff --git a/zkp/js/test/circuits/check-positive.circom b/zkp/js/test/circuits/check-positive.circom index 1b2c8d4..c9eb265 100644 --- a/zkp/js/test/circuits/check-positive.circom +++ b/zkp/js/test/circuits/check-positive.circom @@ -13,7 +13,7 @@ // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. -pragma circom 2.1.4; +pragma circom 2.1.9; include "../../../circuits/lib/check-positive.circom"; diff --git a/zkp/js/test/circuits/check-smt-proof.circom b/zkp/js/test/circuits/check-smt-proof.circom index 0a292db..cee7046 100644 --- a/zkp/js/test/circuits/check-smt-proof.circom +++ b/zkp/js/test/circuits/check-smt-proof.circom @@ -13,7 +13,7 @@ // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. -pragma circom 2.1.4; +pragma circom 2.1.9; include "../../../circuits/lib/check-smt-proof.circom"; diff --git a/zkp/js/test/circuits/check-sum.circom b/zkp/js/test/circuits/check-sum.circom index b81037e..62ca46a 100644 --- a/zkp/js/test/circuits/check-sum.circom +++ b/zkp/js/test/circuits/check-sum.circom @@ -13,7 +13,7 @@ // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. -pragma circom 2.1.4; +pragma circom 2.1.9; include "../../../circuits/lib/check-sum.circom"; diff --git a/zkp/js/test/circuits/ecdh.circom b/zkp/js/test/circuits/ecdh.circom index bf9fdc3..09ed416 100644 --- a/zkp/js/test/circuits/ecdh.circom +++ b/zkp/js/test/circuits/ecdh.circom @@ -13,7 +13,7 @@ // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. -pragma circom 2.1.4; +pragma circom 2.1.9; include "../../../circuits/lib/ecdh.circom"; diff --git a/zkp/js/test/circuits/encrypt.circom b/zkp/js/test/circuits/encrypt.circom index 06254c2..66239f6 100644 --- a/zkp/js/test/circuits/encrypt.circom +++ b/zkp/js/test/circuits/encrypt.circom @@ -13,7 +13,7 @@ // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. -pragma circom 2.1.4; +pragma circom 2.1.9; include "../../../circuits/lib/encrypt.circom"; diff --git a/zkp/js/test/circuits/poseidon-ex.circom b/zkp/js/test/circuits/poseidon-ex.circom index a49da25..29b8d33 100644 --- a/zkp/js/test/circuits/poseidon-ex.circom +++ b/zkp/js/test/circuits/poseidon-ex.circom @@ -1,4 +1,4 @@ -pragma circom 2.1.4; +pragma circom 2.1.9; include "../../../circuits/lib/poseidon-ex.circom"; diff --git a/zkp/js/test/circuits/poseidon.circom b/zkp/js/test/circuits/poseidon.circom index eb4ff99..861c14f 100644 --- a/zkp/js/test/circuits/poseidon.circom +++ b/zkp/js/test/circuits/poseidon.circom @@ -1,4 +1,4 @@ -pragma circom 2.1.4; +pragma circom 2.1.9; include "../../../circuits/lib/poseidon.circom"; diff --git a/zkp/js/test/lib/check-hashes-tokenid-uri.js b/zkp/js/test/lib/check-hashes-tokenid-uri.js index eecaf58..77cd9b2 100644 --- a/zkp/js/test/lib/check-hashes-tokenid-uri.js +++ b/zkp/js/test/lib/check-hashes-tokenid-uri.js @@ -118,7 +118,7 @@ describe("check-hashes-tokenid-uri circuit tests", () => { } // console.log(error); expect(error).to.match( - /Error in template CheckHashesForTokenIdAndUri_76 line: 58/, + /Error in template CheckHashesForTokenIdAndUri_76 line: 51/, ); }); }); diff --git a/zkp/js/test/lib/check-hashes.js b/zkp/js/test/lib/check-hashes.js index 5979280..a744c43 100644 --- a/zkp/js/test/lib/check-hashes.js +++ b/zkp/js/test/lib/check-hashes.js @@ -158,6 +158,6 @@ describe("check-hashes circuit tests", () => { error = e; } // console.log(error); - expect(error).to.match(/Error in template CheckHashes_76 line: 53/); // hash check failed + expect(error).to.match(/Error in template CheckHashes_76 line: 47/); // hash check failed }); }); diff --git a/zkp/js/test/lib/check-nullifier-tokenid-uri.js b/zkp/js/test/lib/check-nullifier-tokenid-uri.js index 23d5787..b40c668 100644 --- a/zkp/js/test/lib/check-nullifier-tokenid-uri.js +++ b/zkp/js/test/lib/check-nullifier-tokenid-uri.js @@ -119,7 +119,7 @@ describe("check-nullifier-tokenid-uri circuit tests", () => { } // console.log(error); expect(error).to.match( - /Error in template CheckNullifierForTokenIdAndUri_76 line: 58/, + /Error in template CheckNullifierForTokenIdAndUri_76 line: 52/, ); }); }); diff --git a/zkp/js/test/lib/check-positive.js b/zkp/js/test/lib/check-positive.js index abc2634..2f008ca 100644 --- a/zkp/js/test/lib/check-positive.js +++ b/zkp/js/test/lib/check-positive.js @@ -66,7 +66,7 @@ describe("check-positive circuit tests", () => { error = e; } // console.log(error); - expect(error).to.match(/Error in template CheckPositive_3 line: 37/); // positive range check failed + expect(error).to.match(/Error in template CheckPositive_3 line: 36/); // positive range check failed }); it("should fail to generate a witness because of using the inverse of a negative value in output commitments", async () => { @@ -90,7 +90,7 @@ describe("check-positive circuit tests", () => { error = e; } // console.log(error); - expect(error).to.match(/Error in template CheckPositive_3 line: 37/); // positive range check failed + expect(error).to.match(/Error in template CheckPositive_3 line: 36/); // positive range check failed }); it("should fail to generate a witness because a larger than MAX_VALUE is used in output", async () => { diff --git a/zkp/js/test/nf_anon.js b/zkp/js/test/nf_anon.js index 5193025..9aed2f9 100644 --- a/zkp/js/test/nf_anon.js +++ b/zkp/js/test/nf_anon.js @@ -154,9 +154,9 @@ describe("main circuit tests for Zeto non-fungible tokens with anonymity without error = e; } // console.log(error); - expect(error).to.match(/Error in template Zeto_89 line: 66/); + expect(error).to.match(/Error in template Zeto_89 line: 53/); expect(error).to.match( - /Error in template CheckHashesForTokenIdAndUri_88 line: 58/, + /Error in template CheckHashesForTokenIdAndUri_88 line: 51/, ); }); @@ -210,9 +210,9 @@ describe("main circuit tests for Zeto non-fungible tokens with anonymity without error = e; } // console.log(error); - expect(error).to.match(/Error in template Zeto_89 line: 66/); + expect(error).to.match(/Error in template Zeto_89 line: 53/); expect(error).to.match( - /Error in template CheckHashesForTokenIdAndUri_88 line: 58/, + /Error in template CheckHashesForTokenIdAndUri_88 line: 51/, ); }); }); diff --git a/zkp/js/test/nf_anon_nullifier.js b/zkp/js/test/nf_anon_nullifier.js index 8244a57..e5ed360 100644 --- a/zkp/js/test/nf_anon_nullifier.js +++ b/zkp/js/test/nf_anon_nullifier.js @@ -194,9 +194,9 @@ describe("main circuit tests for Zeto non-fungible tokens with anonymity using n err = e; } // console.log(err); - expect(err).to.match(/Error in template Zeto_319 line: 76/); + expect(err).to.match(/Error in template Zeto_319 line: 55/); expect(err).to.match( - /Error in template CheckHashesForTokenIdAndUri_88 line: 58/, + /Error in template CheckHashesForTokenIdAndUri_88 line: 51/, ); }); @@ -262,9 +262,9 @@ describe("main circuit tests for Zeto non-fungible tokens with anonymity using n err = e; } // console.log(err); - expect(err).to.match(/Error in template Zeto_319 line: 76/); + expect(err).to.match(/Error in template Zeto_319 line: 55/); expect(err).to.match( - /Error in template CheckHashesForTokenIdAndUri_88 line: 58/, + /Error in template CheckHashesForTokenIdAndUri_88 line: 51/, ); }); @@ -331,7 +331,7 @@ describe("main circuit tests for Zeto non-fungible tokens with anonymity using n } // console.log(err); expect(err).to.match( - /Error in template CheckHashesForTokenIdAndUri_88 line: 58/, + /Error in template CheckHashesForTokenIdAndUri_88 line: 51/, ); }); @@ -398,7 +398,7 @@ describe("main circuit tests for Zeto non-fungible tokens with anonymity using n } // console.log(err); expect(err).to.match( - /Error in template CheckHashesForTokenIdAndUri_88 line: 58/, + /Error in template CheckHashesForTokenIdAndUri_88 line: 51/, ); }); });