From 75ff8797709c7caad17dac9fd4efec343e6b92fb Mon Sep 17 00:00:00 2001 From: David Rusu Date: Sat, 17 Aug 2024 15:17:09 +0400 Subject: [PATCH] goas: nullifier does not need to re-commit to nonce since it's included in note commitment --- goas/cl/cl/src/input.rs | 2 +- goas/cl/cl/src/note.rs | 7 ------- goas/cl/cl/src/nullifier.rs | 24 +++++++++++++++--------- goas/cl/ledger/src/input.rs | 1 - 4 files changed, 16 insertions(+), 18 deletions(-) diff --git a/goas/cl/cl/src/input.rs b/goas/cl/cl/src/input.rs index c2a4ff2..718b1bd 100644 --- a/goas/cl/cl/src/input.rs +++ b/goas/cl/cl/src/input.rs @@ -66,7 +66,7 @@ impl InputWitness { } pub fn nullifier(&self) -> Nullifier { - Nullifier::new(self.nf_sk, self.nonce, self.note_commitment()) + Nullifier::new(self.nf_sk, self.note_commitment()) } pub fn commit(&self) -> Input { diff --git a/goas/cl/cl/src/note.rs b/goas/cl/cl/src/note.rs index da8d520..2e70d67 100644 --- a/goas/cl/cl/src/note.rs +++ b/goas/cl/cl/src/note.rs @@ -1,4 +1,3 @@ -use rand_core::CryptoRngCore; use serde::{Deserialize, Serialize}; use sha2::{Digest, Sha256}; @@ -27,12 +26,6 @@ pub fn unit_point(unit: &str) -> Unit { pub struct NoteCommitment(pub [u8; 32]); impl NoteCommitment { - pub fn random(mut rng: impl CryptoRngCore) -> Self { - let mut cm = [0u8; 32]; - rng.fill_bytes(&mut cm); - Self(cm) - } - pub fn as_bytes(&self) -> &[u8; 32] { &self.0 } diff --git a/goas/cl/cl/src/nullifier.rs b/goas/cl/cl/src/nullifier.rs index 0f06476..4b8c59b 100644 --- a/goas/cl/cl/src/nullifier.rs +++ b/goas/cl/cl/src/nullifier.rs @@ -104,11 +104,10 @@ impl NullifierNonce { } impl Nullifier { - pub fn new(sk: NullifierSecret, nonce: NullifierNonce, note_cm: NoteCommitment) -> Self { + pub fn new(sk: NullifierSecret, note_cm: NoteCommitment) -> Self { let mut hasher = Sha256::new(); hasher.update(b"NOMOS_CL_NULLIFIER"); hasher.update(sk.0); - hasher.update(nonce.0); hasher.update(note_cm.0); let nf_bytes: [u8; 32] = hasher.finalize().into(); @@ -122,6 +121,8 @@ impl Nullifier { #[cfg(test)] mod test { + use crate::{note::unit_point, NoteWitness}; + use super::*; #[ignore = "nullifier test vectors not stable yet"] @@ -145,12 +146,15 @@ mod test { fn test_nullifier_same_sk_different_nonce() { let mut rng = rand::thread_rng(); let sk = NullifierSecret::random(&mut rng); + let note = NoteWitness::basic(1, unit_point("NMO")); + let nonce_1 = NullifierNonce::random(&mut rng); let nonce_2 = NullifierNonce::random(&mut rng); - let note_cm = NoteCommitment::random(&mut rng); + let note_cm_1 = note.commit(sk.commit(), nonce_1); + let note_cm_2 = note.commit(sk.commit(), nonce_2); - let nf_1 = Nullifier::new(sk, nonce_1, note_cm); - let nf_2 = Nullifier::new(sk, nonce_2, note_cm); + let nf_1 = Nullifier::new(sk, note_cm_1); + let nf_2 = Nullifier::new(sk, note_cm_2); assert_ne!(nf_1, nf_2); } @@ -159,12 +163,14 @@ mod test { fn test_same_sk_same_nonce_different_note() { let mut rng = rand::thread_rng(); let sk = NullifierSecret::random(&mut rng); + let note_1 = NoteWitness::basic(1, unit_point("NMO")); + let note_2 = NoteWitness::basic(1, unit_point("ETH")); let nonce = NullifierNonce::random(&mut rng); - let note_cm_1 = NoteCommitment::random(&mut rng); - let note_cm_2 = NoteCommitment::random(&mut rng); + let note_cm_1 = note_1.commit(sk.commit(), nonce); + let note_cm_2 = note_2.commit(sk.commit(), nonce); - let nf_1 = Nullifier::new(sk, nonce, note_cm_1); - let nf_2 = Nullifier::new(sk, nonce, note_cm_2); + let nf_1 = Nullifier::new(sk, note_cm_1); + let nf_2 = Nullifier::new(sk, note_cm_2); assert_ne!(nf_1, nf_2); } diff --git a/goas/cl/ledger/src/input.rs b/goas/cl/ledger/src/input.rs index b0c3498..f1ea9ee 100644 --- a/goas/cl/ledger/src/input.rs +++ b/goas/cl/ledger/src/input.rs @@ -127,7 +127,6 @@ mod test { input: cl::Input { nullifier: cl::Nullifier::new( cl::NullifierSecret::random(&mut rng), - cl::NullifierNonce::random(&mut rng), input.note_commitment(), ), ..expected_public_inputs.input