logos-execution-zone/nssa/core/src/nullifier.rs

use risc0_zkvm::sha::{Impl, Sha256};
use serde::{Deserialize, Serialize};

use crate::{Commitment, account::AccountId};

#[derive(Serialize, Deserialize, PartialEq, Eq)]
#[cfg_attr(any(feature = "host", test), derive(Debug, Clone, Hash))]
pub struct NullifierPublicKey(pub [u8; 32]);

impl From<&NullifierPublicKey> for AccountId {
    fn from(value: &NullifierPublicKey) -> Self {
        const PRIVATE_ACCOUNT_ID_PREFIX: &[u8; 32] = b"/NSSA/v0.1/AccountId/Private/\x00\x00\x00";

        let mut bytes = [0; 64];
        bytes[0..32].copy_from_slice(PRIVATE_ACCOUNT_ID_PREFIX);
        bytes[32..].copy_from_slice(&value.0);
        AccountId::new(Impl::hash_bytes(&bytes).as_bytes().try_into().unwrap())
    }
}

impl AsRef<[u8]> for NullifierPublicKey {
    fn as_ref(&self) -> &[u8] {
        self.0.as_slice()
    }
}

impl From<&NullifierSecretKey> for NullifierPublicKey {
    fn from(value: &NullifierSecretKey) -> Self {
        let mut bytes = Vec::new();
        const PREFIX: &[u8; 9] = b"NSSA_keys";
        const SUFFIX_1: &[u8; 1] = &[7];
        const SUFFIX_2: &[u8; 22] = &[0; 22];
        bytes.extend_from_slice(PREFIX);
        bytes.extend_from_slice(value);
        bytes.extend_from_slice(SUFFIX_1);
        bytes.extend_from_slice(SUFFIX_2);
        Self(Impl::hash_bytes(&bytes).as_bytes().try_into().unwrap())
    }
}

pub type NullifierSecretKey = [u8; 32];

#[derive(Serialize, Deserialize)]
#[cfg_attr(any(feature = "host", test), derive(Debug, Clone, PartialEq, Eq, Hash))]
pub struct Nullifier(pub(super) [u8; 32]);

impl Nullifier {
    pub fn for_account_update(commitment: &Commitment, nsk: &NullifierSecretKey) -> Self {
        const UPDATE_PREFIX: &[u8; 32] = b"/NSSA/v0.1/Nullifier/Update/\x00\x00\x00\x00";
        let mut bytes = UPDATE_PREFIX.to_vec();
        bytes.extend_from_slice(&commitment.to_byte_array());
        bytes.extend_from_slice(nsk);
        Self(Impl::hash_bytes(&bytes).as_bytes().try_into().unwrap())
    }

    pub fn for_account_initialization(npk: &NullifierPublicKey) -> Self {
        const INIT_PREFIX: &[u8; 32] = b"/NSSA/v0.1/Nullifier/Initialize/";
        let mut bytes = INIT_PREFIX.to_vec();
        bytes.extend_from_slice(&npk.to_byte_array());
        Self(Impl::hash_bytes(&bytes).as_bytes().try_into().unwrap())
    }
}

#[cfg(test)]
mod tests {
    use super::*;

    #[test]
    fn test_constructor_for_account_update() {
        let commitment = Commitment((0..32u8).collect::<Vec<_>>().try_into().unwrap());
        let nsk = [0x42; 32];
        let expected_nullifier = Nullifier([
            235, 128, 185, 229, 74, 74, 83, 13, 165, 48, 239, 24, 48, 101, 71, 251, 253, 92, 88,
            201, 103, 43, 250, 135, 193, 54, 175, 82, 245, 171, 90, 135,
        ]);
        let nullifier = Nullifier::for_account_update(&commitment, &nsk);
        assert_eq!(nullifier, expected_nullifier);
    }

    #[test]
    fn test_constructor_for_account_initialization() {
        let npk = NullifierPublicKey([
            112, 188, 193, 129, 150, 55, 228, 67, 88, 168, 29, 151, 5, 92, 23, 190, 17, 162, 164,
            255, 29, 105, 42, 186, 43, 11, 157, 168, 132, 225, 17, 163,
        ]);
        let expected_nullifier = Nullifier([
            96, 99, 33, 1, 116, 84, 169, 18, 85, 201, 17, 243, 123, 240, 242, 34, 116, 233, 92,
            203, 247, 92, 161, 162, 135, 66, 127, 108, 230, 149, 105, 157,
        ]);
        let nullifier = Nullifier::for_account_initialization(&npk);
        assert_eq!(nullifier, expected_nullifier);
    }

    #[test]
    fn test_from_secret_key() {
        let nsk = [
            57, 5, 64, 115, 153, 56, 184, 51, 207, 238, 99, 165, 147, 214, 213, 151, 30, 251, 30,
            196, 134, 22, 224, 211, 237, 120, 136, 225, 188, 220, 249, 28,
        ];
        let expected_npk = NullifierPublicKey([
            202, 120, 42, 189, 194, 218, 78, 244, 31, 6, 108, 169, 29, 61, 22, 221, 69, 138, 197,
            161, 241, 39, 142, 242, 242, 50, 188, 201, 99, 28, 176, 238,
        ]);
        let npk = NullifierPublicKey::from(&nsk);
        assert_eq!(npk, expected_npk);
    }

    #[test]
    fn test_account_id_from_nullifier_public_key() {
        let nsk = [
            57, 5, 64, 115, 153, 56, 184, 51, 207, 238, 99, 165, 147, 214, 213, 151, 30, 251, 30,
            196, 134, 22, 224, 211, 237, 120, 136, 225, 188, 220, 249, 28,
        ];
        let npk = NullifierPublicKey::from(&nsk);
        let expected_account_id = AccountId::new([
            69, 160, 50, 67, 12, 56, 150, 116, 62, 145, 17, 161, 17, 45, 24, 53, 33, 167, 83, 178,
            47, 114, 111, 233, 251, 30, 54, 244, 184, 22, 100, 236,
        ]);

        let account_id = AccountId::from(&npk);

        assert_eq!(account_id, expected_account_id);
    }
}
add nullifier constructor 2025-08-18 09:50:11 -03:00			`use risc0_zkvm::sha::{Impl, Sha256};`
wip 2025-08-18 07:39:41 -03:00			`use serde::{Deserialize, Serialize};`

rename fingerprint to account_id 2025-09-12 09:18:40 -03:00			`use crate::{Commitment, account::AccountId};`
wip 2025-08-18 07:39:41 -03:00
add test of privacy preserving circuit proof generation 2025-08-19 10:39:47 -03:00			`#[derive(Serialize, Deserialize, PartialEq, Eq)]`
			`#[cfg_attr(any(feature = "host", test), derive(Debug, Clone, Hash))]`
feat: private token transfer 2025-09-12 16:00:57 +03:00			`pub struct NullifierPublicKey(pub [u8; 32]);`
wip 2025-08-18 09:21:07 -03:00
rename fingerprint to account_id 2025-09-12 09:18:40 -03:00			`impl From<&NullifierPublicKey> for AccountId {`
wip 2025-09-10 18:56:34 -03:00			`fn from(value: &NullifierPublicKey) -> Self {`
add domain separation for private and public account ids 2025-09-16 07:51:40 -03:00			`const PRIVATE_ACCOUNT_ID_PREFIX: &[u8; 32] = b"/NSSA/v0.1/AccountId/Private/\x00\x00\x00";`

			`let mut bytes = [0; 64];`
			`bytes[0..32].copy_from_slice(PRIVATE_ACCOUNT_ID_PREFIX);`
			`bytes[32..].copy_from_slice(&value.0);`
			`AccountId::new(Impl::hash_bytes(&bytes).as_bytes().try_into().unwrap())`
wip 2025-09-10 18:56:34 -03:00			`}`
			`}`

fix: deviations adjustments 2025-09-15 14:04:49 +03:00			`impl AsRef<[u8]> for NullifierPublicKey {`
			`fn as_ref(&self) -> &[u8] {`
			`self.0.as_slice()`
			`}`
			`}`

wip 2025-08-18 07:39:41 -03:00			`impl From<&NullifierSecretKey> for NullifierPublicKey {`
add nullifier pk from secret 2025-08-18 11:53:43 -03:00			`fn from(value: &NullifierSecretKey) -> Self {`
			`let mut bytes = Vec::new();`
			`const PREFIX: &[u8; 9] = b"NSSA_keys";`
			`const SUFFIX_1: &[u8; 1] = &[7];`
			`const SUFFIX_2: &[u8; 22] = &[0; 22];`
			`bytes.extend_from_slice(PREFIX);`
			`bytes.extend_from_slice(value);`
			`bytes.extend_from_slice(SUFFIX_1);`
			`bytes.extend_from_slice(SUFFIX_2);`
			`Self(Impl::hash_bytes(&bytes).as_bytes().try_into().unwrap())`
wip 2025-08-18 07:39:41 -03:00			`}`
			`}`

			`pub type NullifierSecretKey = [u8; 32];`

add test of privacy preserving circuit proof generation 2025-08-19 10:39:47 -03:00			`#[derive(Serialize, Deserialize)]`
			`#[cfg_attr(any(feature = "host", test), derive(Debug, Clone, PartialEq, Eq, Hash))]`
add encodings 2025-08-18 14:28:26 -03:00			`pub struct Nullifier(pub(super) [u8; 32]);`
wip 2025-08-18 07:39:41 -03:00
			`impl Nullifier {`
add nullifier for private account initialization 2025-10-03 20:44:29 -03:00			`pub fn for_account_update(commitment: &Commitment, nsk: &NullifierSecretKey) -> Self {`
			`const UPDATE_PREFIX: &[u8; 32] = b"/NSSA/v0.1/Nullifier/Update/\x00\x00\x00\x00";`
			`let mut bytes = UPDATE_PREFIX.to_vec();`
add nullifier pk from secret 2025-08-18 11:53:43 -03:00			`bytes.extend_from_slice(&commitment.to_byte_array());`
add nullifier constructor 2025-08-18 09:50:11 -03:00			`bytes.extend_from_slice(nsk);`
			`Self(Impl::hash_bytes(&bytes).as_bytes().try_into().unwrap())`
			`}`
add nullifier for private account initialization 2025-10-03 20:44:29 -03:00
			`pub fn for_account_initialization(npk: &NullifierPublicKey) -> Self {`
			`const INIT_PREFIX: &[u8; 32] = b"/NSSA/v0.1/Nullifier/Initialize/";`
			`let mut bytes = INIT_PREFIX.to_vec();`
			`bytes.extend_from_slice(&npk.to_byte_array());`
			`Self(Impl::hash_bytes(&bytes).as_bytes().try_into().unwrap())`
			`}`
add nullifier constructor 2025-08-18 09:50:11 -03:00			`}`

			`#[cfg(test)]`
			`mod tests {`
			`use super::*;`

			`#[test]`
add nullifier for private account initialization 2025-10-03 20:44:29 -03:00			`fn test_constructor_for_account_update() {`
add nullifier constructor 2025-08-18 09:50:11 -03:00			`let commitment = Commitment((0..32u8).collect::<Vec<_>>().try_into().unwrap());`
			`let nsk = [0x42; 32];`
			`let expected_nullifier = Nullifier([`
add nullifier for private account initialization 2025-10-03 20:44:29 -03:00			`235, 128, 185, 229, 74, 74, 83, 13, 165, 48, 239, 24, 48, 101, 71, 251, 253, 92, 88,`
			`201, 103, 43, 250, 135, 193, 54, 175, 82, 245, 171, 90, 135,`
			`]);`
			`let nullifier = Nullifier::for_account_update(&commitment, &nsk);`
			`assert_eq!(nullifier, expected_nullifier);`
			`}`

			`#[test]`
			`fn test_constructor_for_account_initialization() {`
			`let npk = NullifierPublicKey([`
			`112, 188, 193, 129, 150, 55, 228, 67, 88, 168, 29, 151, 5, 92, 23, 190, 17, 162, 164,`
			`255, 29, 105, 42, 186, 43, 11, 157, 168, 132, 225, 17, 163,`
			`]);`
			`let expected_nullifier = Nullifier([`
			`96, 99, 33, 1, 116, 84, 169, 18, 85, 201, 17, 243, 123, 240, 242, 34, 116, 233, 92,`
			`203, 247, 92, 161, 162, 135, 66, 127, 108, 230, 149, 105, 157,`
add nullifier constructor 2025-08-18 09:50:11 -03:00			`]);`
add nullifier for private account initialization 2025-10-03 20:44:29 -03:00			`let nullifier = Nullifier::for_account_initialization(&npk);`
add nullifier constructor 2025-08-18 09:50:11 -03:00			`assert_eq!(nullifier, expected_nullifier);`
wip 2025-08-18 07:39:41 -03:00			`}`
add nullifier pk from secret 2025-08-18 11:53:43 -03:00
			`#[test]`
			`fn test_from_secret_key() {`
			`let nsk = [`
add encodings 2025-08-18 14:28:26 -03:00			`57, 5, 64, 115, 153, 56, 184, 51, 207, 238, 99, 165, 147, 214, 213, 151, 30, 251, 30,`
			`196, 134, 22, 224, 211, 237, 120, 136, 225, 188, 220, 249, 28,`
add nullifier pk from secret 2025-08-18 11:53:43 -03:00			`];`
file refactor 2025-08-26 14:53:02 -03:00			`let expected_npk = NullifierPublicKey([`
add encodings 2025-08-18 14:28:26 -03:00			`202, 120, 42, 189, 194, 218, 78, 244, 31, 6, 108, 169, 29, 61, 22, 221, 69, 138, 197,`
			`161, 241, 39, 142, 242, 242, 50, 188, 201, 99, 28, 176, 238,`
add nullifier pk from secret 2025-08-18 11:53:43 -03:00			`]);`
fmt and clippy 2025-08-27 16:24:20 -03:00			`let npk = NullifierPublicKey::from(&nsk);`
			`assert_eq!(npk, expected_npk);`
add nullifier pk from secret 2025-08-18 11:53:43 -03:00			`}`
add tests 2025-09-12 09:36:26 -03:00
			`#[test]`
			`fn test_account_id_from_nullifier_public_key() {`
			`let nsk = [`
			`57, 5, 64, 115, 153, 56, 184, 51, 207, 238, 99, 165, 147, 214, 213, 151, 30, 251, 30,`
			`196, 134, 22, 224, 211, 237, 120, 136, 225, 188, 220, 249, 28,`
			`];`
			`let npk = NullifierPublicKey::from(&nsk);`
			`let expected_account_id = AccountId::new([`
add domain separation for private and public account ids 2025-09-16 07:51:40 -03:00			`69, 160, 50, 67, 12, 56, 150, 116, 62, 145, 17, 161, 17, 45, 24, 53, 33, 167, 83, 178,`
			`47, 114, 111, 233, 251, 30, 54, 244, 184, 22, 100, 236,`
add tests 2025-09-12 09:36:26 -03:00			`]);`

			`let account_id = AccountId::from(&npk);`

			`assert_eq!(account_id, expected_account_id);`
			`}`
wip 2025-08-18 07:39:41 -03:00			`}`