Merge pull request #77 from Rate-Limiting-Nullifier/feat/rlnIdentifie…

…r-as-input-in-circuit-wrapper

feat: make rlnIdentifier inputs

src/circuit-wrapper.ts

@@ -59,13 +59,9 @@ export class RLNProver {
 
   finalZkeyPath: string
 
-  // app configs
-  rlnIdentifier: bigint
-
-  constructor(wasmFilePath: string, finalZkeyPath: string, rlnIdentifier: bigint) {
+  constructor(wasmFilePath: string, finalZkeyPath: string) {
     this.wasmFilePath = wasmFilePath
     this.finalZkeyPath = finalZkeyPath
-    this.rlnIdentifier = rlnIdentifier
   }
 
   /**
@@ -74,6 +70,7 @@ export class RLNProver {
    * @returns The full SnarkJS proof.
    */
   public async generateProof(args: {
+    rlnIdentifier: bigint;
     identitySecret: bigint;
     userMessageLimit: bigint;
     messageId: bigint;
@@ -88,7 +85,7 @@ export class RLNProver {
       pathElements: args.merkleProof.siblings,
       identityPathIndex: args.merkleProof.pathIndices,
       x: args.x,
-      externalNullifier: calculateExternalNullifier(args.epoch, this.rlnIdentifier),
+      externalNullifier: calculateExternalNullifier(args.epoch, args.rlnIdentifier),
     }
     const { proof, publicSignals } = await groth16.fullProve(
       witness,
@@ -109,7 +106,7 @@ export class RLNProver {
     return {
       snarkProof,
       epoch: args.epoch,
-      rlnIdentifier: this.rlnIdentifier,
+      rlnIdentifier: args.rlnIdentifier,
     }
   }
 }
@@ -121,31 +118,28 @@ export class RLNVerifier {
   // system configs
   verificationKey: VerificationKey
 
-  // app configs
-  rlnIdentifier: bigint
-
-  constructor(verificationKey: VerificationKey, rlnIdentifier: bigint) {
+  constructor(verificationKey: VerificationKey) {
     this.verificationKey = verificationKey
-    this.rlnIdentifier = rlnIdentifier
   }
 
   /**
    * Verifies a RLN full proof.
+   * @param rlnIdentifier unique identifier for a RLN app.
    * @param fullProof The SnarkJS full proof.
    * @returns True if the proof is valid, false otherwise.
    * @throws Error if the proof is using different parameters.
    */
-  public async verifyProof(rlnRullProof: RLNFullProof): Promise<boolean> {
+  public async verifyProof(rlnIdentifier: bigint, rlnRullProof: RLNFullProof): Promise<boolean> {
     const expectedExternalNullifier = calculateExternalNullifier(
       BigInt(rlnRullProof.epoch),
-      this.rlnIdentifier,
+      rlnIdentifier,
     )
     const actualExternalNullifier = rlnRullProof.snarkProof.publicSignals.externalNullifier
     if (expectedExternalNullifier !== BigInt(actualExternalNullifier)) {
       throw new Error(
         `External nullifier does not match: expectedExternalNullifier=${expectedExternalNullifier}, ` +
           `actualExternalNullifier=${actualExternalNullifier}, epoch=${rlnRullProof.epoch}, ` +
-          `this.rlnIdentifier=${this.rlnIdentifier}`,
+          `this.rlnIdentifier=${rlnIdentifier}`,
       )
     }
 

src/rln.ts

@@ -194,17 +194,10 @@ export class RLN implements IRLN {
     this.cache = args.cache ? args.cache : new MemoryCache(args.cacheSize)
 
     if (args.wasmFilePath !== undefined && args.finalZkeyPath !== undefined) {
-      this.prover = new RLNProver(
-        args.wasmFilePath,
-        args.finalZkeyPath,
-        args.rlnIdentifier,
-      )
+      this.prover = new RLNProver(args.wasmFilePath, args.finalZkeyPath)
     }
     if (args.verificationKey !== undefined) {
-      this.verifier = new RLNVerifier(
-        args.verificationKey,
-        args.rlnIdentifier,
-      )
+      this.verifier = new RLNVerifier(args.verificationKey)
     }
   }
 
@@ -325,6 +318,7 @@ export class RLN implements IRLN {
     const messageID = await this.messageIDCounter.getMessageIDAndIncrement(epoch)
     const userMessageLimit = await this.registry.getMessageLimit(this.identityCommitment)
     return this.prover.generateProof({
+      rlnIdentifier: this.rlnIdentifier,
       identitySecret: this.identitySecret,
       userMessageLimit: userMessageLimit,
       messageId: messageID,
@@ -369,7 +363,7 @@ export class RLN implements IRLN {
       return false
     }
     // Verify snark proof
-    return this.verifier.verifyProof(proof)
+    return this.verifier.verifyProof(rlnIdentifier, proof)
   }
 
   /**
@@ -382,7 +376,7 @@ export class RLN implements IRLN {
     if (this.verifier === undefined) {
       throw new Error('Verifier is not initialized')
     }
-    if (!await this.verifier.verifyProof(proof)) {
+    if (!await this.verifier.verifyProof(this.rlnIdentifier, proof)) {
       throw new Error('Invalid proof')
     }
     const { snarkProof, epoch } = proof

tests/circuit-wrapper.test.ts

@@ -10,8 +10,8 @@ const LIMIT_BIT_SIZE = 16
 
 describe("RLN", function () {
     const rlnIdentifier = fieldFactory()
-    const rlnProver = new RLNProver(rlnParams.wasmFilePath, rlnParams.finalZkeyPath, rlnIdentifier)
-    const rlnVerifier = new RLNVerifier(rlnParams.verificationKey, rlnIdentifier)
+    const rlnProver = new RLNProver(rlnParams.wasmFilePath, rlnParams.finalZkeyPath)
+    const rlnVerifier = new RLNVerifier(rlnParams.verificationKey)
     const identitySecret = fieldFactory()
     const identityCommitment = poseidon([identitySecret])
     const leaves = [identityCommitment]
@@ -24,14 +24,15 @@ describe("RLN", function () {
     it("should generate valid proof", async function () {
         const merkleProof = generateMerkleProof(rlnIdentifier, leaves, treeDepth, 0)
         const proof = await rlnProver.generateProof({
+            rlnIdentifier,
             identitySecret,
             userMessageLimit,
             messageId,
             merkleProof,
             x,
             epoch,
         })
-        expect(await rlnVerifier.verifyProof(proof)).toBeTruthy()
+        expect(await rlnVerifier.verifyProof(rlnIdentifier, proof)).toBeTruthy()
     });
 });
 

tests/rln.test.ts

@@ -1,4 +1,4 @@
-import { RLN, RLNFullProof } from "../src";
+import { IRLNRegistry, RLN, RLNFullProof } from "../src";
 import { Status } from "../src/cache";
 import { rlnParams, withdrawParams } from "./configs";
 import { MemoryMessageIDCounter } from "../src/message-id-counter";