logos-execution-zone/nssa/core/src/lib.rs

use risc0_zkvm::{
    serde::to_vec,
    sha::{Impl, Sha256},
};
use serde::{Deserialize, Serialize};

#[cfg(feature = "host")]
use crate::error::NssaCoreError;

use crate::{
    account::{
        Account, AccountWithMetadata, Commitment, Nonce, Nullifier, NullifierPublicKey,
        NullifierSecretKey,
    },
    program::{ProgramId, ProgramOutput},
};

#[cfg(feature = "host")]
use std::io::Cursor;

pub mod account;
pub mod program;

#[cfg(feature = "host")]
pub mod error;

pub type CommitmentSetDigest = [u8; 32];
pub type MembershipProof = (usize, Vec<[u8; 32]>);
pub fn verify_membership_proof(
    commitment: &Commitment,
    proof: &MembershipProof,
    digest: &CommitmentSetDigest,
) -> bool {
    let value_bytes = commitment.to_byte_array();
    let mut result: [u8; 32] = Impl::hash_bytes(&value_bytes)
        .as_bytes()
        .try_into()
        .unwrap();
    let mut level_index = proof.0;
    for node in &proof.1 {
        let is_left_child = level_index & 1 == 0;
        if is_left_child {
            let mut bytes = [0u8; 64];
            bytes[..32].copy_from_slice(&result);
            bytes[32..].copy_from_slice(node);
            result = Impl::hash_bytes(&bytes).as_bytes().try_into().unwrap();
        } else {
            let mut bytes = [0u8; 64];
            bytes[..32].copy_from_slice(node);
            bytes[32..].copy_from_slice(&result);
            result = Impl::hash_bytes(&bytes).as_bytes().try_into().unwrap();
        }
        level_index >>= 1;
    }
    &result == digest
}

pub type IncomingViewingPublicKey = [u8; 32];
pub type EphemeralSecretKey = [u8; 32];
pub struct EphemeralPublicKey;

impl From<&EphemeralSecretKey> for EphemeralPublicKey {
    fn from(value: &EphemeralSecretKey) -> Self {
        todo!()
    }
}

pub struct Tag(u8);
impl Tag {
    pub fn new(Npk: &NullifierPublicKey, Ipk: &IncomingViewingPublicKey) -> Self {
        todo!()
    }
}

#[derive(Serialize, Deserialize)]
#[cfg_attr(any(feature = "host", test), derive(Debug, Clone, PartialEq, Eq))]
pub struct EncryptedAccountData(u8);

impl EncryptedAccountData {
    pub fn new(
        account: &Account,
        esk: &EphemeralSecretKey,
        Npk: &NullifierPublicKey,
        Ivk: &IncomingViewingPublicKey,
    ) -> Self {
        // TODO: implement
        Self(0)
    }

    #[cfg(feature = "host")]
    pub fn from_cursor(cursor: &mut Cursor<&[u8]>) -> Result<Self, NssaCoreError> {
        let dummy_value = EncryptedAccountData(0);
        Ok(dummy_value)
    }
}

impl EncryptedAccountData {
    pub fn to_bytes(&self) -> Vec<u8> {
        // TODO: implement
        vec![0]
    }
}

#[derive(Serialize, Deserialize)]
pub struct PrivacyPreservingCircuitInput {
    pub program_output: ProgramOutput,
    pub visibility_mask: Vec<u8>,
    pub private_account_nonces: Vec<Nonce>,
    pub private_account_keys: Vec<(
        NullifierPublicKey,
        IncomingViewingPublicKey,
        EphemeralSecretKey,
    )>,
    pub private_account_auth: Vec<(NullifierSecretKey, MembershipProof)>,
    pub program_id: ProgramId,
    pub commitment_set_digest: CommitmentSetDigest,
}

#[derive(Serialize, Deserialize)]
#[cfg_attr(any(feature = "host", test), derive(Debug, PartialEq, Eq))]
pub struct PrivacyPreservingCircuitOutput {
    pub public_pre_states: Vec<AccountWithMetadata>,
    pub public_post_states: Vec<Account>,
    pub encrypted_private_post_states: Vec<EncryptedAccountData>,
    pub new_commitments: Vec<Commitment>,
    pub new_nullifiers: Vec<Nullifier>,
    pub commitment_set_digest: CommitmentSetDigest,
}

#[cfg(feature = "host")]
impl PrivacyPreservingCircuitOutput {
    pub fn to_bytes(&self) -> Vec<u8> {
        bytemuck::cast_slice(&to_vec(&self).unwrap()).to_vec()
    }
}

#[cfg(test)]
mod tests {
    use risc0_zkvm::serde::from_slice;

    use crate::{
        EncryptedAccountData, PrivacyPreservingCircuitOutput,
        account::{Account, AccountWithMetadata, Commitment, Nullifier, NullifierPublicKey},
    };

    #[test]
    fn test_privacy_preserving_circuit_output_to_bytes_is_compatible_with_from_slice() {
        let output = PrivacyPreservingCircuitOutput {
            public_pre_states: vec![
                AccountWithMetadata {
                    account: Account {
                        program_owner: [1, 2, 3, 4, 5, 6, 7, 8],
                        balance: 12345678901234567890,
                        data: b"test data".to_vec(),
                        nonce: 18446744073709551614,
                    },
                    is_authorized: true,
                },
                AccountWithMetadata {
                    account: Account {
                        program_owner: [9, 9, 9, 8, 8, 8, 7, 7],
                        balance: 123123123456456567112,
                        data: b"test data".to_vec(),
                        nonce: 9999999999999999999999,
                    },
                    is_authorized: false,
                },
            ],
            public_post_states: vec![Account {
                program_owner: [1, 2, 3, 4, 5, 6, 7, 8],
                balance: 100,
                data: b"post state data".to_vec(),
                nonce: 18446744073709551615,
            }],
            encrypted_private_post_states: vec![EncryptedAccountData(0)],
            new_commitments: vec![Commitment::new(
                &NullifierPublicKey::from(&[1; 32]),
                &Account::default(),
            )],
            new_nullifiers: vec![Nullifier::new(
                &Commitment::new(&NullifierPublicKey::from(&[2; 32]), &Account::default()),
                &[1; 32],
            )],
            commitment_set_digest: [0xab; 32],
        };
        let bytes = output.to_bytes();
        let output_from_slice: PrivacyPreservingCircuitOutput = from_slice(&bytes).unwrap();
        assert_eq!(output, output_from_slice);
    }
}
fix test with valid merkle proofs 2025-08-21 10:19:08 -03:00			`use risc0_zkvm::{`
			`serde::to_vec,`
			`sha::{Impl, Sha256},`
			`};`
wip 2025-08-18 07:39:41 -03:00			`use serde::{Deserialize, Serialize};`

add encodings 2025-08-18 14:28:26 -03:00			`#[cfg(feature = "host")]`
			`use crate::error::NssaCoreError;`
wip execute offchain 2025-08-18 18:18:16 -03:00
wip 2025-08-18 07:39:41 -03:00			`use crate::{`
			`account::{`
			`Account, AccountWithMetadata, Commitment, Nonce, Nullifier, NullifierPublicKey,`
			`NullifierSecretKey,`
			`},`
			`program::{ProgramId, ProgramOutput},`
			`};`

add encodings 2025-08-18 14:28:26 -03:00			`#[cfg(feature = "host")]`
			`use std::io::Cursor;`

public transactions wip 2025-08-06 20:05:04 -03:00			`pub mod account;`
			`pub mod program;`
wip 2025-08-18 07:39:41 -03:00
add encodings 2025-08-18 14:28:26 -03:00			`#[cfg(feature = "host")]`
			`pub mod error;`

fix test with valid merkle proofs 2025-08-21 10:19:08 -03:00			`pub type CommitmentSetDigest = [u8; 32];`
			`pub type MembershipProof = (usize, Vec<[u8; 32]>);`
wip 2025-08-18 07:39:41 -03:00			`pub fn verify_membership_proof(`
			`commitment: &Commitment,`
			`proof: &MembershipProof,`
			`digest: &CommitmentSetDigest,`
			`) -> bool {`
fix test with valid merkle proofs 2025-08-21 10:19:08 -03:00			`let value_bytes = commitment.to_byte_array();`
			`let mut result: [u8; 32] = Impl::hash_bytes(&value_bytes)`
			`.as_bytes()`
			`.try_into()`
			`.unwrap();`
			`let mut level_index = proof.0;`
			`for node in &proof.1 {`
			`let is_left_child = level_index & 1 == 0;`
			`if is_left_child {`
			`let mut bytes = [0u8; 64];`
			`bytes[..32].copy_from_slice(&result);`
			`bytes[32..].copy_from_slice(node);`
			`result = Impl::hash_bytes(&bytes).as_bytes().try_into().unwrap();`
			`} else {`
			`let mut bytes = [0u8; 64];`
			`bytes[..32].copy_from_slice(node);`
			`bytes[32..].copy_from_slice(&result);`
			`result = Impl::hash_bytes(&bytes).as_bytes().try_into().unwrap();`
			`}`
			`level_index >>= 1;`
			`}`
			`&result == digest`
wip 2025-08-18 07:39:41 -03:00			`}`

			`pub type IncomingViewingPublicKey = [u8; 32];`
			`pub type EphemeralSecretKey = [u8; 32];`
			`pub struct EphemeralPublicKey;`

			`impl From<&EphemeralSecretKey> for EphemeralPublicKey {`
			`fn from(value: &EphemeralSecretKey) -> Self {`
			`todo!()`
			`}`
			`}`

			`pub struct Tag(u8);`
			`impl Tag {`
			`pub fn new(Npk: &NullifierPublicKey, Ipk: &IncomingViewingPublicKey) -> Self {`
			`todo!()`
			`}`
			`}`

add test of privacy preserving circuit proof generation 2025-08-19 10:39:47 -03:00			`#[derive(Serialize, Deserialize)]`
			`#[cfg_attr(any(feature = "host", test), derive(Debug, Clone, PartialEq, Eq))]`
add message serialization roundtrip test 2025-08-18 14:55:50 -03:00			`pub struct EncryptedAccountData(u8);`
wip 2025-08-18 07:39:41 -03:00
			`impl EncryptedAccountData {`
			`pub fn new(`
			`account: &Account,`
			`esk: &EphemeralSecretKey,`
			`Npk: &NullifierPublicKey,`
			`Ivk: &IncomingViewingPublicKey,`
			`) -> Self {`
			`// TODO: implement`
add message serialization roundtrip test 2025-08-18 14:55:50 -03:00			`Self(0)`
wip 2025-08-18 07:39:41 -03:00			`}`
add encodings 2025-08-18 14:28:26 -03:00
			`#[cfg(feature = "host")]`
			`pub fn from_cursor(cursor: &mut Cursor<&[u8]>) -> Result<Self, NssaCoreError> {`
add message serialization roundtrip test 2025-08-18 14:55:50 -03:00			`let dummy_value = EncryptedAccountData(0);`
			`Ok(dummy_value)`
add encodings 2025-08-18 14:28:26 -03:00			`}`
			`}`

			`impl EncryptedAccountData {`
			`pub fn to_bytes(&self) -> Vec<u8> {`
			`// TODO: implement`
			`vec![0]`
			`}`
wip 2025-08-18 07:39:41 -03:00			`}`

			`#[derive(Serialize, Deserialize)]`
			`pub struct PrivacyPreservingCircuitInput {`
			`pub program_output: ProgramOutput,`
			`pub visibility_mask: Vec<u8>,`
wip execute offchain 2025-08-18 18:18:16 -03:00			`pub private_account_nonces: Vec<Nonce>,`
			`pub private_account_keys: Vec<(`
wip 2025-08-18 07:39:41 -03:00			`NullifierPublicKey,`
			`IncomingViewingPublicKey,`
			`EphemeralSecretKey,`
			`)>,`
			`pub private_account_auth: Vec<(NullifierSecretKey, MembershipProof)>,`
			`pub program_id: ProgramId,`
			`pub commitment_set_digest: CommitmentSetDigest,`
			`}`

			`#[derive(Serialize, Deserialize)]`
add test. refactor 2025-08-19 12:52:52 -03:00			`#[cfg_attr(any(feature = "host", test), derive(Debug, PartialEq, Eq))]`
wip 2025-08-18 07:39:41 -03:00			`pub struct PrivacyPreservingCircuitOutput {`
			`pub public_pre_states: Vec<AccountWithMetadata>,`
			`pub public_post_states: Vec<Account>,`
			`pub encrypted_private_post_states: Vec<EncryptedAccountData>,`
			`pub new_commitments: Vec<Commitment>,`
			`pub new_nullifiers: Vec<Nullifier>,`
			`pub commitment_set_digest: CommitmentSetDigest,`
			`}`
add test of privacy preserving circuit proof generation 2025-08-19 10:39:47 -03:00
			`#[cfg(feature = "host")]`
			`impl PrivacyPreservingCircuitOutput {`
			`pub fn to_bytes(&self) -> Vec<u8> {`
merkle tree wip 2025-08-19 15:22:35 -03:00			`bytemuck::cast_slice(&to_vec(&self).unwrap()).to_vec()`
add test of privacy preserving circuit proof generation 2025-08-19 10:39:47 -03:00			`}`
			`}`
add test. refactor 2025-08-19 12:52:52 -03:00
			`#[cfg(test)]`
			`mod tests {`
			`use risc0_zkvm::serde::from_slice;`

			`use crate::{`
			`EncryptedAccountData, PrivacyPreservingCircuitOutput,`
			`account::{Account, AccountWithMetadata, Commitment, Nullifier, NullifierPublicKey},`
			`};`

			`#[test]`
			`fn test_privacy_preserving_circuit_output_to_bytes_is_compatible_with_from_slice() {`
			`let output = PrivacyPreservingCircuitOutput {`
			`public_pre_states: vec![`
			`AccountWithMetadata {`
			`account: Account {`
			`program_owner: [1, 2, 3, 4, 5, 6, 7, 8],`
			`balance: 12345678901234567890,`
			`data: b"test data".to_vec(),`
			`nonce: 18446744073709551614,`
			`},`
			`is_authorized: true,`
			`},`
			`AccountWithMetadata {`
			`account: Account {`
			`program_owner: [9, 9, 9, 8, 8, 8, 7, 7],`
			`balance: 123123123456456567112,`
			`data: b"test data".to_vec(),`
			`nonce: 9999999999999999999999,`
			`},`
			`is_authorized: false,`
			`},`
			`],`
			`public_post_states: vec![Account {`
			`program_owner: [1, 2, 3, 4, 5, 6, 7, 8],`
			`balance: 100,`
			`data: b"post state data".to_vec(),`
			`nonce: 18446744073709551615,`
			`}],`
			`encrypted_private_post_states: vec![EncryptedAccountData(0)],`
			`new_commitments: vec![Commitment::new(`
			`&NullifierPublicKey::from(&[1; 32]),`
			`&Account::default(),`
			`)],`
			`new_nullifiers: vec![Nullifier::new(`
			`&Commitment::new(&NullifierPublicKey::from(&[2; 32]), &Account::default()),`
			`&[1; 32],`
			`)],`
fix test with valid merkle proofs 2025-08-21 10:19:08 -03:00			`commitment_set_digest: [0xab; 32],`
add test. refactor 2025-08-19 12:52:52 -03:00			`};`
			`let bytes = output.to_bytes();`
			`let output_from_slice: PrivacyPreservingCircuitOutput = from_slice(&bytes).unwrap();`
			`assert_eq!(output, output_from_slice);`
			`}`
			`}`