Merge pull request #203 from zk-passport/refactor-circuits

Refactor circuits
zk-passport · Sep 20, 2024 · 752ec37 · 752ec37
2 parents 07c7ba7 + 2cd404c
commit 752ec37
Show file tree

Hide file tree

Showing 143 changed files with 5,511 additions and 4,516 deletions.
diff --git a/.github/workflows/action.yml b/.github/workflows/action.yml
@@ -40,9 +40,9 @@ jobs:
       - name: Setup Rust
         uses: dtolnay/rust-toolchain@stable
 
-      - name: Download Circom Binary v2.1.8
+      - name: Download Circom Binary v2.1.9
         run: |
-          wget -qO /home/runner/work/circom https://github.com/iden3/circom/releases/download/v2.1.8/circom-linux-amd64
+          wget -qO /home/runner/work/circom https://github.com/iden3/circom/releases/download/v2.1.9/circom-linux-amd64
           chmod +x /home/runner/work/circom
           sudo mv /home/runner/work/circom /bin/circom
 

diff --git a/circuits/README.md b/circuits/README.md
@@ -31,7 +31,7 @@ The `disclose` circuit is used for the following:
 1. Verify that a user knows a secret e.g., he is able to reconstruct one leaf of the merkle tree (a check of the merkle roots will be performed on-chain)
 2. Passport expiry is verified
 3. A range check is performed over the age of the user
-4. The output is multiplied by an input bitmap to allow the user to disclose only what they want to disclose.
+4. The output is multiplied by an input selector_dg1 to allow the user to disclose only what they want to disclose.
 5. Final output is packed.
 
 Any application that wants to use OpenPassport can actually build its own `disclose` circuit.

diff --git a/circuits/circuits/disclose/disclose.circom b/circuits/circuits/disclose/disclose.circom
@@ -1,25 +1,26 @@
-pragma circom 2.1.5;
+pragma circom 2.1.9;
 
 include "circomlib/circuits/poseidon.circom";
-include "@zk-email/circuits/utils/bytes.circom";
-include "../utils/isOlderThan.circom";
-include "../utils/isValid.circom";
+include "../utils/other/bytes.circom";
+include "../utils/passport/date/isOlderThan.circom";
+include "../utils/passport/date/isValid.circom";
 include "binary-merkle-root.circom";
-include "../utils/isValid.circom";
 
 template DISCLOSE() {
-    signal input mrz[93];
-    signal input bitmap[90]; // 88 for MRZ + 2 for majority
+    signal input dg1[93];
+    signal input selector_dg1[88]; // 88 for MRZ
+    signal input selector_older_than;
     signal input current_date[6]; // YYMMDD - num
     signal input majority[2]; // YY - ASCII
     signal output revealedData_packed[3];
+    signal output older_than[2];
     signal output nullifier;
 
     // Verify validity of the passport
     component isValid = IsValid();
     isValid.currDate <== current_date;
     for (var i = 0; i < 6; i++) {
-        isValid.validityDateASCII[i] <== mrz[70 + i];
+        isValid.validityDateASCII[i] <== dg1[70 + i];
     }
 
     1 === isValid.out;
@@ -29,23 +30,24 @@ template DISCLOSE() {
     isOlderThan.majorityASCII <== majority;
     for (var i = 0; i < 6; i++) {
         isOlderThan.currDate[i] <== current_date[i];
-        isOlderThan.birthDateASCII[i] <== mrz[62 + i];
+        isOlderThan.birthDateASCII[i] <== dg1[62 + i];
     }
 
-    signal older_than[2];
-    older_than[0] <== isOlderThan.out * majority[0];
-    older_than[1] <== isOlderThan.out * majority[1];
+    signal older_than_verified[2];
+    older_than_verified[0] <== isOlderThan.out * majority[0];
+    older_than_verified[1] <== isOlderThan.out * majority[1];
 
-    // constrain bitmap to be 0s or 1s
-    for (var i = 0; i < 90; i++) {
-        bitmap[i] * (bitmap[i] - 1) === 0;
+    // constrain selector_dg1 to be 0s or 1s
+    for (var i = 0; i < 88; i++) {
+        selector_dg1[i] * (selector_dg1[i] - 1) === 0;
     }
 
-    signal revealedData[90];
+    signal revealedData[88];
     for (var i = 0; i < 88; i++) {
-        revealedData[i] <== mrz[5+i] * bitmap[i];
+        revealedData[i] <== dg1[5+i] * selector_dg1[i];
     }
-    revealedData[88] <== older_than[0] * bitmap[88];
-    revealedData[89] <== older_than[1] * bitmap[89];
-    revealedData_packed <== PackBytes(90)(revealedData);
+    older_than[0] <== older_than_verified[0] * selector_older_than;
+    older_than[1] <== older_than_verified[1] * selector_older_than;
+
+    revealedData_packed <== PackBytes(88)(revealedData);
 }
diff --git a/circuits/circuits/disclose/vc_and_disclose.circom b/circuits/circuits/disclose/vc_and_disclose.circom
@@ -1,32 +1,36 @@
-pragma circom 2.1.5;
+pragma circom 2.1.9;
 
 include "./verify_commitment.circom";
 include "./disclose.circom";
 
-template VC_AND_DISCLOSE(nLevels) {
+template VC_AND_DISCLOSE( nLevels) {
+
     signal input secret;
     signal input attestation_id;
     signal input pubkey_leaf;
-    signal input mrz[93];
+    signal input dg1[93];
+    signal input dg2_hash[64];
 
     signal input merkle_root;
     signal input merkletree_size;
     signal input path[nLevels];
     signal input siblings[nLevels];
 
-    signal input bitmap[90]; // 88 for MRZ + 2 for majority
+    signal input selector_dg1[88]; // 88 for MRZ
+    signal input selector_older_than;
     signal input scope;
     signal input current_date[6]; // YYMMDD - num
     signal input majority[2]; // YY - ASCII
     signal input user_identifier;
 
     // verify commitment is part of the merkle tree
-    VERIFY_COMMITMENT(nLevels)(secret, attestation_id, pubkey_leaf, mrz, merkle_root, merkletree_size, path, siblings);
+    VERIFY_COMMITMENT(nLevels)(secret, attestation_id, pubkey_leaf, dg1, dg2_hash, merkle_root, merkletree_size, path, siblings);
 
     // verify passport validity and disclose optional data
     component disclose = DISCLOSE();
-    disclose.mrz <== mrz;
-    disclose.bitmap <== bitmap;
+    disclose.dg1 <== dg1;
+    disclose.selector_dg1 <== selector_dg1;
+    disclose.selector_older_than <== selector_older_than;
     disclose.current_date <== current_date;
     disclose.majority <== majority;
 
@@ -36,6 +40,7 @@ template VC_AND_DISCLOSE(nLevels) {
     poseidon_nullifier.inputs[1] <== scope;
     signal output nullifier <== poseidon_nullifier.out;
     signal output revealedData_packed[3] <== disclose.revealedData_packed;
+    signal output older_than[2] <== disclose.older_than;
 }
 
 component main { public [ merkle_root, scope, user_identifier, current_date, attestation_id] } = VC_AND_DISCLOSE(16);
diff --git a/circuits/circuits/disclose/verify_commitment.circom b/circuits/circuits/disclose/verify_commitment.circom
@@ -1,23 +1,24 @@
-pragma circom 2.1.5;
+pragma circom 2.1.9;
 
 include "circomlib/circuits/poseidon.circom";
-include "@zk-email/circuits/utils/bytes.circom";
+include "../utils/other/bytes.circom";
 include "binary-merkle-root.circom";
-include "../utils/computeCommitment.circom";
+include "../utils/passport/computeCommitment.circom";
+
+template VERIFY_COMMITMENT( nLevels) {
 
-template VERIFY_COMMITMENT(nLevels) {
     signal input secret;
     signal input attestation_id;
     signal input pubkey_leaf;
-    signal input mrz[93];
+    signal input dg1[93];
+    signal input dg2_hash[64];
 
     signal input merkle_root;
     signal input merkletree_size;
     signal input path[nLevels];
     signal input siblings[nLevels];
 
-    signal commitment <== ComputeCommitment()(secret, attestation_id, pubkey_leaf, mrz);
-
+    signal commitment <== ComputeCommitment()(secret, attestation_id, pubkey_leaf, dg1, dg2_hash);
     // Verify commitment inclusion
     signal computedRoot <== BinaryMerkleRoot(nLevels)(commitment, merkletree_size, path, siblings);
     merkle_root === computedRoot;

diff --git a/circuits/circuits/dsc/dsc_rsa_65537_sha1.circom b/circuits/circuits/dsc/dsc_rsa_65537_sha1.circom
diff --git a/circuits/circuits/dsc/dsc_rsa_65537_sha256.circom b/circuits/circuits/dsc/dsc_rsa_65537_sha256.circom