From 4ca8f52cedc800762e8416abbd92a3ff56fdc06a Mon Sep 17 00:00:00 2001
From: thomaslavaur <thomas19.lavaur@gmail.com>
Date: Wed, 26 Mar 2025 13:40:49 +0100
Subject: [PATCH] fix DSTs

---
 circom_circuits/ledger/notes.circom              |  9 ++++++---
 .../proof_of_leadership/PoL_payment.circom       | 15 ++++++++++-----
 .../generate_inputs_for_payment.py               | 16 ++++++++--------
 3 files changed, 24 insertions(+), 16 deletions(-)

diff --git a/circom_circuits/ledger/notes.circom b/circom_circuits/ledger/notes.circom
index eaf2aca..4f10b7d 100644
--- a/circom_circuits/ledger/notes.circom
+++ b/circom_circuits/ledger/notes.circom
@@ -15,7 +15,8 @@ template commitment(){
     signal output out;
 
     component hash = Poseidon2_hash(7);
-    hash.inp[0] <== 78797779839578798469956777;        //78797779839578798469956777 = NOMOS_NOTE_CM in ASCII
+    // int.from_bytes(hashlib.sha256(b"NOMOS_NOTE_CM").digest()[:-1], "little") = 181645510297841241569044198526601622686169271532834574969543446901055041748
+    hash.inp[0] <== 181645510297841241569044198526601622686169271532834574969543446901055041748;
     hash.inp[1] <== state;
     hash.inp[2] <== value;
     hash.inp[3] <== unit;
@@ -32,7 +33,8 @@ template nullifier(){
     signal output out;
 
     component hash = Poseidon2_hash(3);
-    hash.inp[0] <==  78797779839578798469957870;    //78797779839578798469957870 = NOMOS_NOTE_NF in ASCII
+    // int.from_bytes(hashlib.sha256(b"NOMOS_NOTE_NF").digest()[:-1], "little") = 310945536431723660304787929213143698356852257431717126117833288836338828411
+    hash.inp[0] <==  310945536431723660304787929213143698356852257431717126117833288836338828411;
     hash.inp[1] <== commitment;
     hash.inp[2] <== secret_key;
 
@@ -44,7 +46,8 @@ template derive_public_key(){
     signal output out;
 
     component hash = Poseidon2_hash(2);
-    hash.inp[0] <== 787977798395756870;         // 787977798395756870 = NOMOS_KDF in ASCII
+    // int.from_bytes(hashlib.sha256(b"NOMOS_KDF").digest()[:-1], "little") = 355994159511987982411097843485998670968942801951585260613801918349630142543
+    hash.inp[0] <== 355994159511987982411097843485998670968942801951585260613801918349630142543;
     hash.inp[1] <== secret_key;
     out <== hash.out;
 }
diff --git a/circom_circuits/proof_of_leadership/PoL_payment.circom b/circom_circuits/proof_of_leadership/PoL_payment.circom
index 19f8b68..6355f9d 100644
--- a/circom_circuits/proof_of_leadership/PoL_payment.circom
+++ b/circom_circuits/proof_of_leadership/PoL_payment.circom
@@ -15,7 +15,8 @@ template ticket_calculator(){
     signal output out;
 
     component hash = Poseidon2_hash(5);
-    hash.inp[0] <== 76696568;       // 76696568 = LEAD in ASCII
+    // int.from_bytes(hashlib.sha256(b"LEAD").digest()[:-1], "little") = 137836078329650723736739065075984465408055658421620421917147974048265460598
+    hash.inp[0] <== 137836078329650723736739065075984465408055658421620421917147974048265460598;
     hash.inp[1] <== epoch_nonce;
     hash.inp[2] <== slot;
     hash.inp[3] <== commitment;
@@ -30,7 +31,8 @@ template derive_secret_key(){
     signal output out;
 
     component hash = Poseidon2_hash(3);
-    hash.inp[0] <== 78797779839583696782698495756989;       //78797779839583696782698495756989 = NOMOS_SECRET_KEY in ASCII
+    // int.from_bytes(hashlib.sha256(b"NOMOS_SECRET_KEY").digest()[:-1], "little") = 344114695764831179145057610008294480248205750382057360672614582644594850870
+    hash.inp[0] <== 344114695764831179145057610008294480248205750382057360672614582644594850870;
     hash.inp[1] <== starting_slot;
     hash.inp[2] <== secrets_root;
 
@@ -44,7 +46,8 @@ template derive_entropy(){
     signal output out;
 
     component hash = Poseidon2_hash(4);
-    hash.inp[0] <== 78797779839578797867699567797884827366; // 78797779839578797867699567797884827366 = NOMOS_NONCE_CONTRIB
+    // int.from_bytes(hashlib.sha256(b"NOMOS_NONCE_CONTRIB").digest()[:-1], "little") = 193275670388587576544090216996849534520361117581542778964162861667418671481
+    hash.inp[0] <== 193275670388587576544090216996849534520361117581542778964162861667418671481;
     hash.inp[1] <== slot;
     hash.inp[2] <== commitment;
     hash.inp[3] <== secret_key;
@@ -106,9 +109,11 @@ template payment_proof_of_leadership(){
     component cm = commitment();
     cm.state <== state;
     cm.value <== value;
-    cm.unit <== 787779;                 // NMO in ASCII
+    // int.from_bytes(hashlib.sha256(b"NMO").digest()[:-1], "little") = 161796427070100155131822184769584603407573991022311108406630770340454367555
+    cm.unit <== 161796427070100155131822184769584603407573991022311108406630770340454367555;
     cm.nonce <== nonce;
-    cm.zoneID <== 80658977697884;       // PAYMENT in ASCII
+    // int.from_bytes(hashlib.sha256(b"PAYMENT").digest()[:-1], "little") = 281646683567839822174419720505039861445414630574005374635737888376398200354
+    cm.zoneID <== 281646683567839822174419720505039861445414630574005374635737888376398200354;
     cm.public_key <== pk.out;
 
 
diff --git a/circom_circuits/proof_of_leadership/generate_inputs_for_payment.py b/circom_circuits/proof_of_leadership/generate_inputs_for_payment.py
index 3352602..d1be39d 100755
--- a/circom_circuits/proof_of_leadership/generate_inputs_for_payment.py
+++ b/circom_circuits/proof_of_leadership/generate_inputs_for_payment.py
@@ -224,7 +224,7 @@ t1 = F(int(-((R(p) * ln(R(1) - 0.05))**2) / R(total_stake)**2))
 
 
 value = F(50)
-unit = F(787779)
+unit = F(161796427070100155131822184769584603407573991022311108406630770340454367555)
 state = F(randrange(0,p,1))
 note_nonce = F(0)
 threshold = (t0 + t1 * value) * value
@@ -240,15 +240,15 @@ for i in range(25):
         secret_root = poseidon2_hash([secret_root,slot_secret_path[i]])
     else:
         secret_root = poseidon2_hash([slot_secret_path[i],secret_root])
-sk = poseidon2_hash([F(78797779839583696782698495756989),starting_slot,secret_root])
-pk = poseidon2_hash([F(787977798395756870),sk])
+sk = poseidon2_hash([F(344114695764831179145057610008294480248205750382057360672614582644594850870),starting_slot,secret_root])
+pk = poseidon2_hash([F(355994159511987982411097843485998670968942801951585260613801918349630142543),sk])
 
-note_cm = poseidon2_hash([F(78797779839578798469956777),state,value,unit,note_nonce,pk,F(80658977697884)])
-ticket = poseidon2_hash([F(76696568),F(epoch_nonce),F(slot_number),note_cm,sk])
+note_cm = poseidon2_hash([F(181645510297841241569044198526601622686169271532834574969543446901055041748),state,value,unit,note_nonce,pk,F(281646683567839822174419720505039861445414630574005374635737888376398200354)])
+ticket = poseidon2_hash([F(137836078329650723736739065075984465408055658421620421917147974048265460598),F(epoch_nonce),F(slot_number),note_cm,sk])
 while(ticket > threshold):
     note_nonce += 1
-    note_cm = poseidon2_hash([F(78797779839578798469956777),state,value,unit,note_nonce,pk,F(80658977697884)])
-    ticket = poseidon2_hash([F(76696568),F(epoch_nonce),F(slot_number),note_cm,sk])
+    note_cm = poseidon2_hash([F(181645510297841241569044198526601622686169271532834574969543446901055041748),state,value,unit,note_nonce,pk,F(281646683567839822174419720505039861445414630574005374635737888376398200354)])
+    ticket = poseidon2_hash([F(137836078329650723736739065075984465408055658421620421917147974048265460598),F(epoch_nonce),F(slot_number),note_cm,sk])
     
 cm_nodes = [F(randrange(0,p,1)) for i in range(32)]
 cm_selectors = randrange(0,2**32,1)
@@ -260,7 +260,7 @@ for i in range(32):
     else:
         cm_root = poseidon2_hash([cm_nodes[i],cm_root])
 
-note_nf = poseidon2_hash([F(78797779839578798469957870),note_cm,sk])
+note_nf = poseidon2_hash([F(310945536431723660304787929213143698356852257431717126117833288836338828411),note_cm,sk])
 nf_previous = F(randrange(0,note_nf,1))
 nf_next = F(randrange(note_nf+1,p,1))
 nf_nodes = [F(randrange(0,p,1)) for i in range(32)]