diff --git a/artifacts/program_methods/amm.bin b/artifacts/program_methods/amm.bin index 148a9403..36caad85 100644 Binary files a/artifacts/program_methods/amm.bin and b/artifacts/program_methods/amm.bin differ diff --git a/artifacts/program_methods/associated_token_account.bin b/artifacts/program_methods/associated_token_account.bin index 46326067..9f5474a9 100644 Binary files a/artifacts/program_methods/associated_token_account.bin and b/artifacts/program_methods/associated_token_account.bin differ diff --git a/artifacts/program_methods/authenticated_transfer.bin b/artifacts/program_methods/authenticated_transfer.bin index ad40805f..bdbcef61 100644 Binary files a/artifacts/program_methods/authenticated_transfer.bin and b/artifacts/program_methods/authenticated_transfer.bin differ diff --git a/artifacts/program_methods/clock.bin b/artifacts/program_methods/clock.bin index e2a6f120..d3ca0dab 100644 Binary files a/artifacts/program_methods/clock.bin and b/artifacts/program_methods/clock.bin differ diff --git a/artifacts/program_methods/pinata.bin b/artifacts/program_methods/pinata.bin index d0460713..5e6a011b 100644 Binary files a/artifacts/program_methods/pinata.bin and b/artifacts/program_methods/pinata.bin differ diff --git a/artifacts/program_methods/pinata_token.bin b/artifacts/program_methods/pinata_token.bin index b0f81f79..57a201c4 100644 Binary files a/artifacts/program_methods/pinata_token.bin and b/artifacts/program_methods/pinata_token.bin differ diff --git a/artifacts/program_methods/privacy_preserving_circuit.bin b/artifacts/program_methods/privacy_preserving_circuit.bin index dcbee51a..1a3f34f3 100644 Binary files a/artifacts/program_methods/privacy_preserving_circuit.bin and b/artifacts/program_methods/privacy_preserving_circuit.bin differ diff --git a/artifacts/program_methods/token.bin b/artifacts/program_methods/token.bin index e0358fa4..6366eba6 100644 Binary files a/artifacts/program_methods/token.bin and b/artifacts/program_methods/token.bin differ diff --git a/artifacts/test_program_methods/auth_asserting_noop.bin b/artifacts/test_program_methods/auth_asserting_noop.bin index 9bd40a30..f9e4d1d4 100644 Binary files a/artifacts/test_program_methods/auth_asserting_noop.bin and b/artifacts/test_program_methods/auth_asserting_noop.bin differ diff --git a/artifacts/test_program_methods/burner.bin b/artifacts/test_program_methods/burner.bin index 0353d78f..94a90236 100644 Binary files a/artifacts/test_program_methods/burner.bin and b/artifacts/test_program_methods/burner.bin differ diff --git a/artifacts/test_program_methods/chain_caller.bin b/artifacts/test_program_methods/chain_caller.bin index cd74cf3f..58331d6c 100644 Binary files a/artifacts/test_program_methods/chain_caller.bin and b/artifacts/test_program_methods/chain_caller.bin differ diff --git a/artifacts/test_program_methods/changer_claimer.bin b/artifacts/test_program_methods/changer_claimer.bin index 1f966bef..2760b7a3 100644 Binary files a/artifacts/test_program_methods/changer_claimer.bin and b/artifacts/test_program_methods/changer_claimer.bin differ diff --git a/artifacts/test_program_methods/claimer.bin b/artifacts/test_program_methods/claimer.bin index 8a48effd..ff504da1 100644 Binary files a/artifacts/test_program_methods/claimer.bin and b/artifacts/test_program_methods/claimer.bin differ diff --git a/artifacts/test_program_methods/clock_chain_caller.bin b/artifacts/test_program_methods/clock_chain_caller.bin index e08df712..37c9a004 100644 Binary files a/artifacts/test_program_methods/clock_chain_caller.bin and b/artifacts/test_program_methods/clock_chain_caller.bin differ diff --git a/artifacts/test_program_methods/data_changer.bin b/artifacts/test_program_methods/data_changer.bin index 37abf0f7..3d69b8cb 100644 Binary files a/artifacts/test_program_methods/data_changer.bin and b/artifacts/test_program_methods/data_changer.bin differ diff --git a/artifacts/test_program_methods/extra_output.bin b/artifacts/test_program_methods/extra_output.bin index ebd53621..873ce66a 100644 Binary files a/artifacts/test_program_methods/extra_output.bin and b/artifacts/test_program_methods/extra_output.bin differ diff --git a/artifacts/test_program_methods/flash_swap_callback.bin b/artifacts/test_program_methods/flash_swap_callback.bin index 29c660cd..0846f255 100644 Binary files a/artifacts/test_program_methods/flash_swap_callback.bin and b/artifacts/test_program_methods/flash_swap_callback.bin differ diff --git a/artifacts/test_program_methods/flash_swap_initiator.bin b/artifacts/test_program_methods/flash_swap_initiator.bin index a560d477..1e285245 100644 Binary files a/artifacts/test_program_methods/flash_swap_initiator.bin and b/artifacts/test_program_methods/flash_swap_initiator.bin differ diff --git a/artifacts/test_program_methods/malicious_authorization_changer.bin b/artifacts/test_program_methods/malicious_authorization_changer.bin index c9d0facd..cc757683 100644 Binary files a/artifacts/test_program_methods/malicious_authorization_changer.bin and b/artifacts/test_program_methods/malicious_authorization_changer.bin differ diff --git a/artifacts/test_program_methods/malicious_caller_program_id.bin b/artifacts/test_program_methods/malicious_caller_program_id.bin index 9b31fd7e..f152051d 100644 Binary files a/artifacts/test_program_methods/malicious_caller_program_id.bin and b/artifacts/test_program_methods/malicious_caller_program_id.bin differ diff --git a/artifacts/test_program_methods/malicious_self_program_id.bin b/artifacts/test_program_methods/malicious_self_program_id.bin index c4a2c039..6d83b95b 100644 Binary files a/artifacts/test_program_methods/malicious_self_program_id.bin and b/artifacts/test_program_methods/malicious_self_program_id.bin differ diff --git a/artifacts/test_program_methods/minter.bin b/artifacts/test_program_methods/minter.bin index 42d2171d..29bcd715 100644 Binary files a/artifacts/test_program_methods/minter.bin and b/artifacts/test_program_methods/minter.bin differ diff --git a/artifacts/test_program_methods/missing_output.bin b/artifacts/test_program_methods/missing_output.bin index d2b99291..c7cc1571 100644 Binary files a/artifacts/test_program_methods/missing_output.bin and b/artifacts/test_program_methods/missing_output.bin differ diff --git a/artifacts/test_program_methods/modified_transfer.bin b/artifacts/test_program_methods/modified_transfer.bin index f57ac2f1..8f2b1e39 100644 Binary files a/artifacts/test_program_methods/modified_transfer.bin and b/artifacts/test_program_methods/modified_transfer.bin differ diff --git a/artifacts/test_program_methods/nonce_changer.bin b/artifacts/test_program_methods/nonce_changer.bin index 6b79e074..993c1451 100644 Binary files a/artifacts/test_program_methods/nonce_changer.bin and b/artifacts/test_program_methods/nonce_changer.bin differ diff --git a/artifacts/test_program_methods/noop.bin b/artifacts/test_program_methods/noop.bin index eb89f4a9..579db977 100644 Binary files a/artifacts/test_program_methods/noop.bin and b/artifacts/test_program_methods/noop.bin differ diff --git a/artifacts/test_program_methods/pda_claimer.bin b/artifacts/test_program_methods/pda_claimer.bin index 092a2191..1a541384 100644 Binary files a/artifacts/test_program_methods/pda_claimer.bin and b/artifacts/test_program_methods/pda_claimer.bin differ diff --git a/artifacts/test_program_methods/pinata_cooldown.bin b/artifacts/test_program_methods/pinata_cooldown.bin index 559adea4..2b0d979a 100644 Binary files a/artifacts/test_program_methods/pinata_cooldown.bin and b/artifacts/test_program_methods/pinata_cooldown.bin differ diff --git a/artifacts/test_program_methods/private_pda_delegator.bin b/artifacts/test_program_methods/private_pda_delegator.bin index d7e81a9f..4b55e871 100644 Binary files a/artifacts/test_program_methods/private_pda_delegator.bin and b/artifacts/test_program_methods/private_pda_delegator.bin differ diff --git a/artifacts/test_program_methods/program_owner_changer.bin b/artifacts/test_program_methods/program_owner_changer.bin index 880e03b1..3bdabade 100644 Binary files a/artifacts/test_program_methods/program_owner_changer.bin and b/artifacts/test_program_methods/program_owner_changer.bin differ diff --git a/artifacts/test_program_methods/simple_balance_transfer.bin b/artifacts/test_program_methods/simple_balance_transfer.bin index 3a4e811f..0aaf1a23 100644 Binary files a/artifacts/test_program_methods/simple_balance_transfer.bin and b/artifacts/test_program_methods/simple_balance_transfer.bin differ diff --git a/artifacts/test_program_methods/time_locked_transfer.bin b/artifacts/test_program_methods/time_locked_transfer.bin index eeb80385..5700322e 100644 Binary files a/artifacts/test_program_methods/time_locked_transfer.bin and b/artifacts/test_program_methods/time_locked_transfer.bin differ diff --git a/artifacts/test_program_methods/two_pda_claimer.bin b/artifacts/test_program_methods/two_pda_claimer.bin index b71d87ab..600b819d 100644 Binary files a/artifacts/test_program_methods/two_pda_claimer.bin and b/artifacts/test_program_methods/two_pda_claimer.bin differ diff --git a/artifacts/test_program_methods/validity_window.bin b/artifacts/test_program_methods/validity_window.bin index 8d749f3c..02ccc149 100644 Binary files a/artifacts/test_program_methods/validity_window.bin and b/artifacts/test_program_methods/validity_window.bin differ diff --git a/artifacts/test_program_methods/validity_window_chain_caller.bin b/artifacts/test_program_methods/validity_window_chain_caller.bin index 109829d2..d239c750 100644 Binary files a/artifacts/test_program_methods/validity_window_chain_caller.bin and b/artifacts/test_program_methods/validity_window_chain_caller.bin differ diff --git a/nssa/core/src/program.rs b/nssa/core/src/program.rs index 5091cdff..1ef2ef6c 100644 --- a/nssa/core/src/program.rs +++ b/nssa/core/src/program.rs @@ -913,18 +913,6 @@ mod tests { assert_ne!(private_id, public_id); } - /// A private PDA address differs from a standard private account address at the same `npk`, - /// because the private PDA formula includes `program_id` and `seed`. - #[test] - fn for_private_pda_differs_from_standard_private() { - let program_id: ProgramId = [1; 8]; - let seed = PdaSeed::new([2; 32]); - let npk = NullifierPublicKey([3; 32]); - let private_pda_id = AccountId::for_private_pda(&program_id, &seed, &npk); - let standard_private_id = AccountId::from(&npk); - assert_ne!(private_pda_id, standard_private_id); - } - // ---- compute_public_authorized_pdas tests ---- /// `compute_public_authorized_pdas` returns the public PDA addresses for the caller's seeds. diff --git a/nssa/src/state.rs b/nssa/src/state.rs index 56352477..cb1e2f3e 100644 --- a/nssa/src/state.rs +++ b/nssa/src/state.rs @@ -2373,7 +2373,7 @@ pub mod tests { vec![public_account_1, private_pda_account], Program::serialize_instruction(10_u128).unwrap(), visibility_mask.to_vec(), - vec![(npk, shared_secret)], + vec![(npk, 0, shared_secret)], vec![], vec![None], &program.into(), @@ -2402,7 +2402,7 @@ pub mod tests { vec![pre_state], Program::serialize_instruction(seed).unwrap(), vec![3], - vec![(npk, shared_secret)], + vec![(npk, 0, shared_secret)], vec![], vec![None], &program.into(), @@ -2440,7 +2440,7 @@ pub mod tests { vec![pre_state], Program::serialize_instruction(seed).unwrap(), vec![3], - vec![(npk_b, shared_secret)], + vec![(npk_b, 0, shared_secret)], vec![], vec![None], &program.into(), @@ -2474,7 +2474,7 @@ pub mod tests { vec![pre_state], Program::serialize_instruction((seed, seed, callee_id)).unwrap(), vec![3], - vec![(npk, shared_secret)], + vec![(npk, 0, shared_secret)], vec![], vec![None], &program_with_deps, @@ -2511,7 +2511,7 @@ pub mod tests { vec![pre_state], Program::serialize_instruction((claim_seed, wrong_delegated_seed, callee_id)).unwrap(), vec![3], - vec![(npk, shared_secret)], + vec![(npk, 0, shared_secret)], vec![], vec![None], &program_with_deps, @@ -2547,7 +2547,7 @@ pub mod tests { vec![pre_a, pre_b], Program::serialize_instruction(seed).unwrap(), vec![3, 3], - vec![(keys_a.npk(), shared_a), (keys_b.npk(), shared_b)], + vec![(keys_a.npk(), 0, shared_a), (keys_b.npk(), 0, shared_b)], vec![], vec![None, None], &program.into(), @@ -2591,7 +2591,7 @@ pub mod tests { vec![owned_pre_state], Program::serialize_instruction(()).unwrap(), vec![3], - vec![(npk, shared_secret)], + vec![(npk, 0, shared_secret)], vec![], vec![None], &program.into(), diff --git a/program_methods/guest/src/bin/privacy_preserving_circuit.rs b/program_methods/guest/src/bin/privacy_preserving_circuit.rs index 4fe79fe5..dc0e82ae 100644 --- a/program_methods/guest/src/bin/privacy_preserving_circuit.rs +++ b/program_methods/guest/src/bin/privacy_preserving_circuit.rs @@ -17,6 +17,8 @@ use nssa_core::{ }; use risc0_zkvm::{guest::env, serde::to_vec}; +const PRIVATE_PDA_FIXED_IDENTIFIER: u128 = 0; + /// State of the involved accounts before and after program execution. struct ExecutionState { pre_states: Vec, @@ -54,7 +56,7 @@ impl ExecutionState { /// Validate program outputs and derive the overall execution state. pub fn derive_from_outputs( visibility_mask: &[u8], - private_account_keys: &[(NullifierPublicKey, SharedSecretKey)], + private_account_keys: &[(NullifierPublicKey, Identifier, SharedSecretKey)], program_id: ProgramId, program_outputs: Vec, ) -> Self { @@ -67,7 +69,7 @@ impl ExecutionState { let mut keys_iter = private_account_keys.iter(); for (pos, &mask) in visibility_mask.iter().enumerate() { if matches!(mask, 1..=3) { - let (npk, _) = keys_iter.next().unwrap_or_else(|| { + let (npk, _, _) = keys_iter.next().unwrap_or_else(|| { panic!( "private_account_keys shorter than visibility_mask demands: no key for masked position {pos} (mask {mask})" ) @@ -627,10 +629,12 @@ fn compute_circuit_output( // `private_pda_bound_positions` check) guarantees that every mask-3 // position has been through at least one such binding, so this // branch can safely use the wallet npk without re-verifying. - let Some((npk, shared_secret)) = private_keys_iter.next() else { + let Some((npk, identifier, shared_secret)) = private_keys_iter.next() else { panic!("Missing private account key"); }; + assert_eq!(*identifier, PRIVATE_PDA_FIXED_IDENTIFIER); + let (new_nullifier, new_nonce) = if pre_state.is_authorized { // Existing private PDA with authentication (like mask 1) let Some(nsk) = private_nsks_iter.next() else { @@ -649,7 +653,7 @@ fn compute_circuit_output( let new_nullifier = compute_nullifier_and_set_digest( membership_proof_opt.as_ref(), &pre_state.account, - npk, + &pre_state.account_id, nsk, ); let new_nonce = pre_state.account.nonce.private_account_nonce_increment(nsk); @@ -676,8 +680,8 @@ fn compute_circuit_output( "Membership proof must be None for new accounts" ); - let nullifier = Nullifier::for_account_initialization(npk); - let new_nonce = Nonce::private_account_nonce_init(npk); + let nullifier = Nullifier::for_account_initialization(&pre_state.account_id); + let new_nonce = Nonce::private_account_nonce_init(&pre_state.account_id); ((nullifier, DUMMY_COMMITMENT_HASH), new_nonce) }; output.new_nullifiers.push(new_nullifier); @@ -685,10 +689,11 @@ fn compute_circuit_output( let mut post_with_updated_nonce = post_state; post_with_updated_nonce.nonce = new_nonce; - let commitment_post = Commitment::new(npk, &post_with_updated_nonce); + let commitment_post = Commitment::new(&pre_state.account_id, &post_with_updated_nonce); let encrypted_account = EncryptionScheme::encrypt( &post_with_updated_nonce, + PRIVATE_PDA_FIXED_IDENTIFIER, shared_secret, &commitment_post, output_index, diff --git a/wallet/src/lib.rs b/wallet/src/lib.rs index 1957a063..f0c69fea 100644 --- a/wallet/src/lib.rs +++ b/wallet/src/lib.rs @@ -280,8 +280,7 @@ impl WalletCore { .expect("Node was just inserted") .value .0 - .nullifier_public_key - .clone(); + .nullifier_public_key; let account_id = AccountId::from((&npk, identifier)); self.storage .insert_private_account_data(account_id, identifier, Account::default());