New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Non Membership Proofs #76
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
utACK
@wanseob Could you help finding an additional reviewer to give feedbacks to Blake and approve this circuit PR?
bcc06e2
to
f311f3f
Compare
@BlakeMScurr
|
@@ -2,6 +2,8 @@ pragma circom 2.0.2; | |||
|
|||
include "node_modules/circom-ecdsa/circuits/zk-identity/eth.circom"; | |||
include "node_modules/circom-ecdsa/circuits/ecdsa.circom"; | |||
include "node_modules/circom-ecdsa/node_modules/circomlib/circuits/bitify.circom"; | |||
include "node_modules/circom-ecdsa/node_modules/circomlib/circuits/comparators.circom"; // TODO: fix insane dependency twiddling |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I believe comparators
already include bitify
. That's why you are getting duplicate dependency error.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
🤔
I see that comparators does include bitify...
It doesn't cause an error locally though.
So I am not sure...
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Circuit looks good to me. Just a question on the practical side though, how do we actually obtain the two adjacent addresses in raw form for comparison in a non-inclusion proof? Does that mean we have a server that actually stores these addresses in raw (instead of hashed) form?
Hey @socathie, yes the idea is that someone would be storing this in full unhashed form. The main use case for a non-membership proof that we could think of is a blacklist for a mixer (like tornado cash). In that case some kind of censor would publish a list of disallowed addresses and freely share them. Now that I think about it, maybe there needs to be a mechanism to make sure they're sharing the full tree, but that would probably be a smart contract where they can manually add addresses to a merkle tree. But either way, for the purposes of withdrawing, you can assume that the blacklist would be published somewhere. |
I see. It makes a lot of sense now! |
…s/e2e-zk-ecdsa into non-membership
@r1oga I had the same issue with |
@r1oga So we have a timeout issue here. We have so many tests that there we seem to be hitting a ~30 minute limit on the github action. I have set the internal jest timeout to over 2 hours (lmao), so it's not that. It takes ~50 minutes for me to run the whole test suite locally, and it all passes: |
@BlakeMScurr Github Action jobs can execute for up to 6h so the test should be able to complete within that time. For now let's ignore this and merge. I can confirm I could run the test successfully locally too. |
This adds a circuit for making zk proofs of non membership in a merkle tree.
It also provides a TS class for preprocessing the tree to easily get the relevant data.
The tests show that our circuits accept some arbitrary valid non membership proof.
This stackexchange post explains the algorithm well.