fix DSTs

2026-01-09 08:33:09 +00:00 · 2025-03-26 13:40:49 +01:00 · 2025-03-26 13:40:49 +01:00 · 4ca8f52ced
commit 4ca8f52ced
parent 7e78eb812d
3 changed files with 24 additions and 16 deletions
--- a/circom_circuits/ledger/notes.circom
+++ b/circom_circuits/ledger/notes.circom
@ -15,7 +15,8 @@ template commitment(){
    signal output out;

    component hash = Poseidon2_hash(7);
-    hash.inp[0] <== 78797779839578798469956777;        //78797779839578798469956777 = NOMOS_NOTE_CM in ASCII
+    // int.from_bytes(hashlib.sha256(b"NOMOS_NOTE_CM").digest()[:-1], "little") = 181645510297841241569044198526601622686169271532834574969543446901055041748
+    hash.inp[0] <== 181645510297841241569044198526601622686169271532834574969543446901055041748;
    hash.inp[1] <== state;
    hash.inp[2] <== value;
    hash.inp[3] <== unit;
@ -32,7 +33,8 @@ template nullifier(){
    signal output out;

    component hash = Poseidon2_hash(3);
-    hash.inp[0] <==  78797779839578798469957870;    //78797779839578798469957870 = NOMOS_NOTE_NF in ASCII
+    // int.from_bytes(hashlib.sha256(b"NOMOS_NOTE_NF").digest()[:-1], "little") = 310945536431723660304787929213143698356852257431717126117833288836338828411
+    hash.inp[0] <==  310945536431723660304787929213143698356852257431717126117833288836338828411;
    hash.inp[1] <== commitment;
    hash.inp[2] <== secret_key;

@ -44,7 +46,8 @@ template derive_public_key(){
    signal output out;

    component hash = Poseidon2_hash(2);
-    hash.inp[0] <== 787977798395756870;         // 787977798395756870 = NOMOS_KDF in ASCII
+    // int.from_bytes(hashlib.sha256(b"NOMOS_KDF").digest()[:-1], "little") = 355994159511987982411097843485998670968942801951585260613801918349630142543
+    hash.inp[0] <== 355994159511987982411097843485998670968942801951585260613801918349630142543;
    hash.inp[1] <== secret_key;
    out <== hash.out;
 }
--- a/circom_circuits/proof_of_leadership/PoL_payment.circom
+++ b/circom_circuits/proof_of_leadership/PoL_payment.circom
@ -15,7 +15,8 @@ template ticket_calculator(){
    signal output out;

    component hash = Poseidon2_hash(5);
-    hash.inp[0] <== 76696568;       // 76696568 = LEAD in ASCII
+    // int.from_bytes(hashlib.sha256(b"LEAD").digest()[:-1], "little") = 137836078329650723736739065075984465408055658421620421917147974048265460598
+    hash.inp[0] <== 137836078329650723736739065075984465408055658421620421917147974048265460598;
    hash.inp[1] <== epoch_nonce;
    hash.inp[2] <== slot;
    hash.inp[3] <== commitment;
@ -30,7 +31,8 @@ template derive_secret_key(){
    signal output out;

    component hash = Poseidon2_hash(3);
-    hash.inp[0] <== 78797779839583696782698495756989;       //78797779839583696782698495756989 = NOMOS_SECRET_KEY in ASCII
+    // int.from_bytes(hashlib.sha256(b"NOMOS_SECRET_KEY").digest()[:-1], "little") = 344114695764831179145057610008294480248205750382057360672614582644594850870
+    hash.inp[0] <== 344114695764831179145057610008294480248205750382057360672614582644594850870;
    hash.inp[1] <== starting_slot;
    hash.inp[2] <== secrets_root;

@ -44,7 +46,8 @@ template derive_entropy(){
    signal output out;

    component hash = Poseidon2_hash(4);
-    hash.inp[0] <== 78797779839578797867699567797884827366; // 78797779839578797867699567797884827366 = NOMOS_NONCE_CONTRIB
+    // int.from_bytes(hashlib.sha256(b"NOMOS_NONCE_CONTRIB").digest()[:-1], "little") = 193275670388587576544090216996849534520361117581542778964162861667418671481
+    hash.inp[0] <== 193275670388587576544090216996849534520361117581542778964162861667418671481;
    hash.inp[1] <== slot;
    hash.inp[2] <== commitment;
    hash.inp[3] <== secret_key;
@ -106,9 +109,11 @@ template payment_proof_of_leadership(){
    component cm = commitment();
    cm.state <== state;
    cm.value <== value;
-    cm.unit <== 787779;                 // NMO in ASCII
+    // int.from_bytes(hashlib.sha256(b"NMO").digest()[:-1], "little") = 161796427070100155131822184769584603407573991022311108406630770340454367555
+    cm.unit <== 161796427070100155131822184769584603407573991022311108406630770340454367555;
    cm.nonce <== nonce;
-    cm.zoneID <== 80658977697884;       // PAYMENT in ASCII
+    // int.from_bytes(hashlib.sha256(b"PAYMENT").digest()[:-1], "little") = 281646683567839822174419720505039861445414630574005374635737888376398200354
+    cm.zoneID <== 281646683567839822174419720505039861445414630574005374635737888376398200354;
    cm.public_key <== pk.out;


--- a/circom_circuits/proof_of_leadership/generate_inputs_for_payment.py
+++ b/circom_circuits/proof_of_leadership/generate_inputs_for_payment.py
@ -224,7 +224,7 @@ t1 = F(int(-((R(p) * ln(R(1) - 0.05))**2) / R(total_stake)**2))


 value = F(50)
-unit = F(787779)
+unit = F(161796427070100155131822184769584603407573991022311108406630770340454367555)
 state = F(randrange(0,p,1))
 note_nonce = F(0)
 threshold = (t0 + t1 * value) * value
@ -240,15 +240,15 @@ for i in range(25):
        secret_root = poseidon2_hash([secret_root,slot_secret_path[i]])
    else:
        secret_root = poseidon2_hash([slot_secret_path[i],secret_root])
-sk = poseidon2_hash([F(78797779839583696782698495756989),starting_slot,secret_root])
-pk = poseidon2_hash([F(787977798395756870),sk])
+sk = poseidon2_hash([F(344114695764831179145057610008294480248205750382057360672614582644594850870),starting_slot,secret_root])
+pk = poseidon2_hash([F(355994159511987982411097843485998670968942801951585260613801918349630142543),sk])

-note_cm = poseidon2_hash([F(78797779839578798469956777),state,value,unit,note_nonce,pk,F(80658977697884)])
-ticket = poseidon2_hash([F(76696568),F(epoch_nonce),F(slot_number),note_cm,sk])
+note_cm = poseidon2_hash([F(181645510297841241569044198526601622686169271532834574969543446901055041748),state,value,unit,note_nonce,pk,F(281646683567839822174419720505039861445414630574005374635737888376398200354)])
+ticket = poseidon2_hash([F(137836078329650723736739065075984465408055658421620421917147974048265460598),F(epoch_nonce),F(slot_number),note_cm,sk])
 while(ticket > threshold):
    note_nonce += 1
-    note_cm = poseidon2_hash([F(78797779839578798469956777),state,value,unit,note_nonce,pk,F(80658977697884)])
-    ticket = poseidon2_hash([F(76696568),F(epoch_nonce),F(slot_number),note_cm,sk])
+    note_cm = poseidon2_hash([F(181645510297841241569044198526601622686169271532834574969543446901055041748),state,value,unit,note_nonce,pk,F(281646683567839822174419720505039861445414630574005374635737888376398200354)])
+    ticket = poseidon2_hash([F(137836078329650723736739065075984465408055658421620421917147974048265460598),F(epoch_nonce),F(slot_number),note_cm,sk])
    
 cm_nodes = [F(randrange(0,p,1)) for i in range(32)]
 cm_selectors = randrange(0,2**32,1)
@ -260,7 +260,7 @@ for i in range(32):
    else:
        cm_root = poseidon2_hash([cm_nodes[i],cm_root])

-note_nf = poseidon2_hash([F(78797779839578798469957870),note_cm,sk])
+note_nf = poseidon2_hash([F(310945536431723660304787929213143698356852257431717126117833288836338828411),note_cm,sk])
 nf_previous = F(randrange(0,note_nf,1))
 nf_next = F(randrange(note_nf+1,p,1))
 nf_nodes = [F(randrange(0,p,1)) for i in range(32)]