From 0674fa2ac0201abb0337b0fd7a51d97ab3a26f7d Mon Sep 17 00:00:00 2001
From: thomaslavaur <thomas19.lavaur@gmail.com>
Date: Tue, 18 Nov 2025 08:26:15 +0100
Subject: [PATCH] reflect nomos-pocs change on the circuits (add compression to
 nullifier, public keys and reward voucher)

---
 blend/generate_inputs_for_poq.py             | 4 ++--
 blend/poq.circom                             | 2 +-
 ledger/notes.circom                          | 3 ++-
 mantle/generate_inputs_for_pol.py            | 2 +-
 mantle/generate_inputs_for_proof_of_claim.py | 2 +-
 mantle/poc.circom                            | 4 ++--
 6 files changed, 9 insertions(+), 8 deletions(-)

diff --git a/blend/generate_inputs_for_poq.py b/blend/generate_inputs_for_poq.py
index 9134667..dee86ea 100644
--- a/blend/generate_inputs_for_poq.py
+++ b/blend/generate_inputs_for_poq.py
@@ -221,7 +221,7 @@ if not core_or_leader in [0,1]:
 # 1) Core‐node registry Merkle‐proof
 # pick a random core_sk and derive its public key
 core_sk   = F(randrange(0,p,1))
-pk_core   = poseidon2_hash([ F(1296193216988918402894), core_sk ])
+pk_core   = Compression([ F(1296193216988918402894), core_sk ])
 core_selectors = randrange(0,2**20,1)
 core_selectors = format(int(core_selectors),'020b')
 core_nodes = [F(randrange(0,p,1)) for i in range(20)]
@@ -264,7 +264,7 @@ for i in range(25):
     else:
         secret_root = Compression([slot_secret_path[i],secret_root])
 sk = poseidon2_hash([F(256174383281726064679014503048630094),starting_slot,secret_root])
-pk = poseidon2_hash([F(1296193216988918402894),sk])
+pk = Compression([F(1296193216988918402894),sk])
 
 note_id = poseidon2_hash([F(65580641562429851895355409762135920462),tx_hash,output_number,value,pk])
 ticket = poseidon2_hash([F(13887241025832268),F(epoch_nonce),F(slot_number),note_id,sk])
diff --git a/blend/poq.circom b/blend/poq.circom
index 158f4c5..67a90d2 100644
--- a/blend/poq.circom
+++ b/blend/poq.circom
@@ -125,7 +125,7 @@ template ProofOfQuota(nLevelsPK, nLevelsPol, bitsQuota) {
 
 
     // Derive key_nullifier
-    component nf = Poseidon2_hash(2);
+    component nf = Compression();
     component dstNF = KEY_NULLIFIER_V1();
     nf.inp[0] <== dstNF.out;
     nf.inp[1] <== selection_randomness.out;
diff --git a/ledger/notes.circom b/ledger/notes.circom
index 3d34fe2..589c19e 100644
--- a/ledger/notes.circom
+++ b/ledger/notes.circom
@@ -2,6 +2,7 @@
 pragma circom 2.1.9;
 
 include "../hash_bn/poseidon2_hash.circom";
+include "../hash_bn/poseidon2_perm.circom";
 include "../misc/constants.circom";
 
 template derive_secret_key(){
@@ -22,7 +23,7 @@ template derive_public_key(){
     signal input secret_key;
     signal output out;
 
-    component hash = Poseidon2_hash(2);
+    component hash = Compression();
     component dst = NOMOS_KDF();
     hash.inp[0] <== dst.out;
     hash.inp[1] <== secret_key;
diff --git a/mantle/generate_inputs_for_pol.py b/mantle/generate_inputs_for_pol.py
index 408146d..db65f56 100755
--- a/mantle/generate_inputs_for_pol.py
+++ b/mantle/generate_inputs_for_pol.py
@@ -245,7 +245,7 @@ for i in range(25):
     else:
         secret_root = Compression([slot_secret_path[i],secret_root])
 sk = poseidon2_hash([F(256174383281726064679014503048630094),starting_slot,secret_root])
-pk = poseidon2_hash([F(1296193216988918402894),sk])
+pk = Compression([F(1296193216988918402894),sk])
 
 note_id = poseidon2_hash([F(65580641562429851895355409762135920462),tx_hash,output_number,value,pk])
 ticket = poseidon2_hash([F(13887241025832268),F(epoch_nonce),F(slot_number),note_id,sk])
diff --git a/mantle/generate_inputs_for_proof_of_claim.py b/mantle/generate_inputs_for_proof_of_claim.py
index cf2318b..d607373 100755
--- a/mantle/generate_inputs_for_proof_of_claim.py
+++ b/mantle/generate_inputs_for_proof_of_claim.py
@@ -208,7 +208,7 @@ def PoseidonSponge(data, capacity, output_len):
 
 
 secret_voucher = F(randrange(0,p,1))
-reward_voucher = poseidon2_hash([F(1668646695034522932676805048878418),secret_voucher])
+reward_voucher = Compression([F(1668646695034522932676805048878418),secret_voucher])
 
 merkle_nodes = [F(randrange(0,p,1)) for i in range(32)]
 selectors = randrange(0,2**32,1)
diff --git a/mantle/poc.circom b/mantle/poc.circom
index 5a79e2f..5f09826 100644
--- a/mantle/poc.circom
+++ b/mantle/poc.circom
@@ -9,7 +9,7 @@ template derive_voucher_nullifier(){
     signal input secret_voucher;
     signal output out;
 
-    component hash = Poseidon2_hash(2);
+    component hash = Compression();
     component dst = VOUCHER_NF();
     hash.inp[0] <== dst.out;
     hash.inp[1] <== secret_voucher;
@@ -21,7 +21,7 @@ template derive_reward_voucher(){
     signal input secret_voucher;
     signal output out;
 
-    component hash = Poseidon2_hash(2);
+    component hash = Compression(   );
     component dst = REWARD_VOUCHER();
     hash.inp[0] <== dst.out;
     hash.inp[1] <== secret_voucher;