Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

adding tests for public signal tampering #96

Merged
merged 1 commit into from
Oct 11, 2024
Merged

adding tests for public signal tampering #96

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
30 changes: 26 additions & 4 deletions zkp/js/integration-test/anon.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -46,7 +46,7 @@ describe("main circuit tests for Zeto fungible tokens with anonymity without enc
receiver.pubKey = keypair.pubKey;
});

it("should generate a valid proof that can be verified successfully", async () => {
it("should generate a valid proof that can be verified successfully and fail when public signals are tampered", async () => {
const inputValues = [15, 100];
const outputValues = [115, 0];
// create two input UTXOs, each has their own salt, but same owner
Expand Down Expand Up @@ -98,12 +98,34 @@ describe("main circuit tests for Zeto fungible tokens with anonymity without enc
);
console.log("Proving time: ", (Date.now() - startTime) / 1000, "s");

const success = await groth16.verify(verificationKey, publicSignals, proof);
let verifyResult = await groth16.verify(
verificationKey,
publicSignals,
proof,
);
expect(verifyResult).to.be.true;
// console.log('inputCommitments', inputCommitments);
// console.log('outputCommitments', outputCommitments);
// console.log('senderPublicKey', sender.pubKey);
// console.log('receiverPublicKey', receiver.pubKey);
// console.log('publicSignals', publicSignals);
expect(success, true);
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

note: the syntax of this check was incorrect, so it didn't enforce the boolean check.

// console.log("public signals", publicSignals);
const tamperedOutputHash = poseidonHash([
BigInt(100),
salt3,
...receiver.pubKey,
]);
let tamperedPublicSignals = publicSignals.map((ps) =>
ps.toString() === outputCommitments[0].toString()
? tamperedOutputHash
: ps,
);
// console.log("tampered public signals", tamperedPublicSignals);

verifyResult = await groth16.verify(
verificationKey,
tamperedPublicSignals,
proof,
);
expect(verifyResult).to.be.false;
}).timeout(60000);
});
30 changes: 26 additions & 4 deletions zkp/js/integration-test/anon_enc.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -52,7 +52,7 @@ describe("main circuit tests for Zeto fungible tokens with anonymity with encryp
receiver.pubKey = keypair.pubKey;
});

it("should generate a valid proof that can be verified successfully", async () => {
it("should generate a valid proof that can be verified successfully and fail when public signals are tampered", async () => {
const inputValues = [115, 0];
const outputValues = [115, 0];
// create two input UTXOs, each has their own salt, but same owner
Expand Down Expand Up @@ -102,13 +102,35 @@ describe("main circuit tests for Zeto fungible tokens with anonymity with encryp
);
console.log("Proving time: ", (Date.now() - startTime) / 1000, "s");

const success = await groth16.verify(verificationKey, publicSignals, proof);
let verifyResult = await groth16.verify(
verificationKey,
publicSignals,
proof,
);
expect(verifyResult).to.be.true;
// console.log('inputCommitments', inputCommitments);
// console.log('outputCommitments', outputCommitments);
// console.log('senderPublicKey', sender.pubKey);
// console.log('receiverPublicKey', receiver.pubKey);
// console.log('encryptionNonce', encryptionNonce);
// console.log('publicSignals', publicSignals);
expect(success, true);
// console.log("publicSignals", publicSignals);
const tamperedOutputHash = poseidonHash([
BigInt(100),
salt3,
...receiver.pubKey,
]);
let tamperedPublicSignals = publicSignals.map((ps) =>
ps.toString() === outputCommitments[0].toString()
? tamperedOutputHash
: ps,
);
// console.log("tampered public signals", tamperedPublicSignals);

verifyResult = await groth16.verify(
verificationKey,
tamperedPublicSignals,
proof,
);
expect(verifyResult).to.be.false;
}).timeout(60000);
});
31 changes: 26 additions & 5 deletions zkp/js/integration-test/anon_enc_nullifier.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -70,7 +70,7 @@ describe("main circuit tests for Zeto fungible tokens with encryption and anonym
smtBob = new Merkletree(storage2, true, SMT_HEIGHT);
});

it("should generate a valid proof that can be verified successfully", async () => {
it("should generate a valid proof that can be verified successfully and fail when public signals are tampered", async () => {
const inputValues = [15, 100];
const outputValues = [80, 35];
// create two input UTXOs, each has their own salt, but same owner
Expand Down Expand Up @@ -166,13 +166,34 @@ describe("main circuit tests for Zeto fungible tokens with encryption and anonym
);
console.log("Proving time: ", (Date.now() - startTime) / 1000, "s");

const success = await groth16.verify(verificationKey, publicSignals, proof);
let verifyResult = await groth16.verify(
verificationKey,
publicSignals,
proof,
);
expect(verifyResult).to.be.true;
// console.log('nullifiers', nullifiers);
// console.log('inputCommitments', inputCommitments);
// console.log('outputCommitments', outputCommitments);
// console.log('root', proof1.root.bigInt());
// console.log('encryptionNonce', encryptionNonce);
// console.log('publicSignals', publicSignals);
expect(success, true);
// console.log('public signals', publicSignals);
const tamperedOutputHash = poseidonHash([
BigInt(100),
salt3,
...Bob.pubKey,
]);
let tamperedPublicSignals = publicSignals.map((ps) =>
ps.toString() === outputCommitments[0].toString()
? tamperedOutputHash
: ps,
);
// console.log("tampered public signals", tamperedPublicSignals);

verifyResult = await groth16.verify(
verificationKey,
tamperedPublicSignals,
proof,
);
expect(verifyResult).to.be.false;
}).timeout(600000);
});
30 changes: 26 additions & 4 deletions zkp/js/integration-test/anon_enc_nullifier_kyc.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -85,7 +85,7 @@ describe("main circuit tests for Zeto fungible tokens with encryption and anonym
await smtKYC.add(identity2, identity2);
});

it("should generate a valid proof that can be verified successfully", async () => {
it("should generate a valid proof that can be verified successfully and fail when public signals are tampered", async () => {
const inputValues = [32, 40];
const outputValues = [20, 52];

Expand Down Expand Up @@ -201,14 +201,36 @@ describe("main circuit tests for Zeto fungible tokens with encryption and anonym
);
console.log("Proving time: ", (Date.now() - startTime) / 1000, "s");

const success = await groth16.verify(verificationKey, publicSignals, proof);
let verifyResult = await groth16.verify(
verificationKey,
publicSignals,
proof,
);
expect(verifyResult).to.be.true;
// console.log('nullifiers', nullifiers);
// console.log('inputCommitments', inputCommitments);
// console.log('outputCommitments', outputCommitments);
// console.log('utxo root', proof1.root.bigInt());
// console.log('identitiesRoot', proof3.root.bigInt());
// console.log('encryptionNonce', encryptionNonce);
// console.log('publicSignals', publicSignals);
expect(success, true);
// console.log('public signals', publicSignals);
const tamperedOutputHash = poseidonHash([
BigInt(100),
salt3,
...Bob.pubKey,
]);
let tamperedPublicSignals = publicSignals.map((ps) =>
ps.toString() === outputCommitments[0].toString()
? tamperedOutputHash
: ps,
);
// console.log("tampered public signals", tamperedPublicSignals);

verifyResult = await groth16.verify(
verificationKey,
tamperedPublicSignals,
proof,
);
expect(verifyResult).to.be.false;
}).timeout(600000);
});
31 changes: 26 additions & 5 deletions zkp/js/integration-test/anon_enc_nullifier_non_repudiation.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -76,7 +76,7 @@ describe("main circuit tests for Zeto fungible tokens with encryption fro non-re
smtBob = new Merkletree(storage2, true, SMT_HEIGHT);
});

it("should generate a valid proof that can be verified successfully", async () => {
it("should generate a valid proof that can be verified successfully and fail when public signals are tampered", async () => {
const inputValues = [15, 100];
const outputValues = [80, 35];
// create two input UTXOs, each has their own salt, but same owner
Expand Down Expand Up @@ -172,15 +172,36 @@ describe("main circuit tests for Zeto fungible tokens with encryption fro non-re
witness,
);
console.log("Proving time: ", (Date.now() - startTime) / 1000, "s");

const success = await groth16.verify(verificationKey, publicSignals, proof);
let verifyResult = await groth16.verify(
verificationKey,
publicSignals,
proof,
);
expect(verifyResult).to.be.true;
// console.log('nullifiers', nullifiers);
// console.log('inputCommitments', inputCommitments);
// console.log('outputCommitments', outputCommitments);
// console.log('root', proof1.root.bigInt());
// console.log('encryptionNonce', encryptionNonce);
// console.log('authorityPublicKey', Regulator.pubKey);
// console.log('publicSignals', publicSignals);
expect(success, true);
// console.log('public signals', publicSignals);
const tamperedOutputHash = poseidonHash([
BigInt(100),
salt3,
...Bob.pubKey,
]);
let tamperedPublicSignals = publicSignals.map((ps) =>
ps.toString() === outputCommitments[0].toString()
? tamperedOutputHash
: ps,
);
// console.log("tampered public signals", tamperedPublicSignals);

verifyResult = await groth16.verify(
verificationKey,
tamperedPublicSignals,
proof,
);
expect(verifyResult).to.be.false;
}).timeout(600000);
});
30 changes: 26 additions & 4 deletions zkp/js/integration-test/anon_nullifier.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -59,7 +59,7 @@ describe("main circuit tests for Zeto fungible tokens with anonymity using nulli
smtBob = new Merkletree(storage2, true, SMT_HEIGHT);
});

it("should generate a valid proof that can be verified successfully", async () => {
it("should generate a valid proof that can be verified successfully and fail when public signals are tampered", async () => {
const inputValues = [15, 100];
const outputValues = [80, 35];
// create two input UTXOs, each has their own salt, but same owner
Expand Down Expand Up @@ -147,12 +147,34 @@ describe("main circuit tests for Zeto fungible tokens with anonymity using nulli
);
console.log("Proving time: ", (Date.now() - startTime) / 1000, "s");

const success = await groth16.verify(verificationKey, publicSignals, proof);
let verifyResult = await groth16.verify(
verificationKey,
publicSignals,
proof,
);
expect(verifyResult).to.be.true;
// console.log('nullifiers', nullifiers);
// console.log('inputCommitments', inputCommitments);
// console.log('outputCommitments', outputCommitments);
// console.log('root', proof1.root.bigInt());
// console.log('publicSignals', publicSignals);
expect(success, true);
// console.log('public signals', publicSignals);
const tamperedOutputHash = poseidonHash([
BigInt(100),
salt3,
...Bob.pubKey,
]);
let tamperedPublicSignals = publicSignals.map((ps) =>
ps.toString() === outputCommitments[0].toString()
? tamperedOutputHash
: ps,
);
// console.log("tampered public signals", tamperedPublicSignals);

verifyResult = await groth16.verify(
verificationKey,
tamperedPublicSignals,
proof,
);
expect(verifyResult).to.be.false;
}).timeout(600000);
});
30 changes: 26 additions & 4 deletions zkp/js/integration-test/anon_nullifier_kyc.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -74,7 +74,7 @@ describe("main circuit tests for Zeto fungible tokens with anonymity, KYC, using
await smtKYC.add(identity2, identity2);
});

it("should generate a valid proof that can be verified successfully", async () => {
it("should generate a valid proof that can be verified successfully and fail when public signals are tampered", async () => {
const inputValues = [32, 40];
const outputValues = [20, 52];

Expand Down Expand Up @@ -181,13 +181,35 @@ describe("main circuit tests for Zeto fungible tokens with anonymity, KYC, using
);
console.log("Proving time: ", (Date.now() - startTime) / 1000, "s");

const success = await groth16.verify(verificationKey, publicSignals, proof);
let verifyResult = await groth16.verify(
verificationKey,
publicSignals,
proof,
);
expect(verifyResult).to.be.true;
// console.log('nullifiers', nullifiers);
// console.log('inputCommitments', inputCommitments);
// console.log('outputCommitments', outputCommitments);
// console.log('utxo root', proof1.root.bigInt());
// console.log('identitiesRoot', proof3.root.bigInt());
// console.log('publicSignals', publicSignals);
expect(success, true);
// console.log('public signals', publicSignals);
const tamperedOutputHash = poseidonHash([
BigInt(100),
salt3,
...Bob.pubKey,
]);
let tamperedPublicSignals = publicSignals.map((ps) =>
ps.toString() === outputCommitments[0].toString()
? tamperedOutputHash
: ps,
);
// console.log("tampered public signals", tamperedPublicSignals);

verifyResult = await groth16.verify(
verificationKey,
tamperedPublicSignals,
proof,
);
expect(verifyResult).to.be.false;
}).timeout(600000);
});
30 changes: 26 additions & 4 deletions zkp/js/integration-test/check_hashes_value.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -32,7 +32,7 @@ describe("check-hashes-value circuit tests", () => {
sender.pubKey = keypair.pubKey;
});

it("should return true for valid witness", async () => {
it("should return true for valid witness and false when public signals are tampered", async () => {
const outputValues = [200];

// create the output UTXO
Expand Down Expand Up @@ -73,10 +73,32 @@ describe("check-hashes-value circuit tests", () => {
witness,
);
console.log("Proving time: ", (Date.now() - startTime) / 1000, "s");
const success = await groth16.verify(verificationKey, publicSignals, proof);
expect(success, true);
let verifyResult = await groth16.verify(
verificationKey,
publicSignals,
proof,
);
expect(verifyResult).to.be.true;
// console.log('output commitments', outputCommitments);
// console.log('output values', outputValues);
// console.log('public signals', publicSignals);
// console.log("public signals", publicSignals);
const tamperedOutputHash = poseidonHash([
BigInt(100),
salt1,
...sender.pubKey,
]);
let tamperedPublicSignals = publicSignals.map((ps) =>
ps.toString() === outputCommitments[0].toString()
? tamperedOutputHash
: ps,
);
// console.log("tampered public signals", tamperedPublicSignals);

verifyResult = await groth16.verify(
verificationKey,
tamperedPublicSignals,
proof,
);
expect(verifyResult).to.be.false;
}).timeout(20000);
});
Loading
Loading