diff --git a/artifacts/program_methods/amm.bin b/artifacts/program_methods/amm.bin index d621da6c..a6007fb8 100644 Binary files a/artifacts/program_methods/amm.bin and b/artifacts/program_methods/amm.bin differ diff --git a/artifacts/program_methods/associated_token_account.bin b/artifacts/program_methods/associated_token_account.bin index 66611da2..9740bdf9 100644 Binary files a/artifacts/program_methods/associated_token_account.bin and b/artifacts/program_methods/associated_token_account.bin differ diff --git a/artifacts/program_methods/authenticated_transfer.bin b/artifacts/program_methods/authenticated_transfer.bin index 1867c59b..57782b67 100644 Binary files a/artifacts/program_methods/authenticated_transfer.bin and b/artifacts/program_methods/authenticated_transfer.bin differ diff --git a/artifacts/program_methods/clock.bin b/artifacts/program_methods/clock.bin index b8f554b1..b7137200 100644 Binary files a/artifacts/program_methods/clock.bin and b/artifacts/program_methods/clock.bin differ diff --git a/artifacts/program_methods/pinata.bin b/artifacts/program_methods/pinata.bin index 35652f6e..dd2f01f0 100644 Binary files a/artifacts/program_methods/pinata.bin and b/artifacts/program_methods/pinata.bin differ diff --git a/artifacts/program_methods/pinata_token.bin b/artifacts/program_methods/pinata_token.bin index 287a160c..b1eba309 100644 Binary files a/artifacts/program_methods/pinata_token.bin and b/artifacts/program_methods/pinata_token.bin differ diff --git a/artifacts/program_methods/privacy_preserving_circuit.bin b/artifacts/program_methods/privacy_preserving_circuit.bin index 65879eaa..da616104 100644 Binary files a/artifacts/program_methods/privacy_preserving_circuit.bin and b/artifacts/program_methods/privacy_preserving_circuit.bin differ diff --git a/artifacts/program_methods/token.bin b/artifacts/program_methods/token.bin index 746e0b20..d840d9dc 100644 Binary files a/artifacts/program_methods/token.bin and b/artifacts/program_methods/token.bin differ diff --git a/artifacts/test_program_methods/burner.bin b/artifacts/test_program_methods/burner.bin index a47305f5..c5ec313d 100644 Binary files a/artifacts/test_program_methods/burner.bin and b/artifacts/test_program_methods/burner.bin differ diff --git a/artifacts/test_program_methods/chain_caller.bin b/artifacts/test_program_methods/chain_caller.bin index 847959fa..753a3617 100644 Binary files a/artifacts/test_program_methods/chain_caller.bin and b/artifacts/test_program_methods/chain_caller.bin differ diff --git a/artifacts/test_program_methods/changer_claimer.bin b/artifacts/test_program_methods/changer_claimer.bin index 9005bb58..e107b543 100644 Binary files a/artifacts/test_program_methods/changer_claimer.bin and b/artifacts/test_program_methods/changer_claimer.bin differ diff --git a/artifacts/test_program_methods/claimer.bin b/artifacts/test_program_methods/claimer.bin index d0ac6860..d6ec5541 100644 Binary files a/artifacts/test_program_methods/claimer.bin and b/artifacts/test_program_methods/claimer.bin differ diff --git a/artifacts/test_program_methods/clock_chain_caller.bin b/artifacts/test_program_methods/clock_chain_caller.bin index 10db4c77..68911f91 100644 Binary files a/artifacts/test_program_methods/clock_chain_caller.bin and b/artifacts/test_program_methods/clock_chain_caller.bin differ diff --git a/artifacts/test_program_methods/data_changer.bin b/artifacts/test_program_methods/data_changer.bin index c9de8d70..dc345618 100644 Binary files a/artifacts/test_program_methods/data_changer.bin and b/artifacts/test_program_methods/data_changer.bin differ diff --git a/artifacts/test_program_methods/extra_output.bin b/artifacts/test_program_methods/extra_output.bin index 20d8cf98..6e3885b6 100644 Binary files a/artifacts/test_program_methods/extra_output.bin and b/artifacts/test_program_methods/extra_output.bin differ diff --git a/artifacts/test_program_methods/flash_swap_callback.bin b/artifacts/test_program_methods/flash_swap_callback.bin index 37ce9bfd..74aebf6d 100644 Binary files a/artifacts/test_program_methods/flash_swap_callback.bin and b/artifacts/test_program_methods/flash_swap_callback.bin differ diff --git a/artifacts/test_program_methods/flash_swap_initiator.bin b/artifacts/test_program_methods/flash_swap_initiator.bin index 4d19759d..3fd8f0dd 100644 Binary files a/artifacts/test_program_methods/flash_swap_initiator.bin and b/artifacts/test_program_methods/flash_swap_initiator.bin differ diff --git a/artifacts/test_program_methods/malicious_authorization_changer.bin b/artifacts/test_program_methods/malicious_authorization_changer.bin index a530b7d9..d28c2c06 100644 Binary files a/artifacts/test_program_methods/malicious_authorization_changer.bin and b/artifacts/test_program_methods/malicious_authorization_changer.bin differ diff --git a/artifacts/test_program_methods/malicious_caller_program_id.bin b/artifacts/test_program_methods/malicious_caller_program_id.bin index b765eb98..f8490f21 100644 Binary files a/artifacts/test_program_methods/malicious_caller_program_id.bin and b/artifacts/test_program_methods/malicious_caller_program_id.bin differ diff --git a/artifacts/test_program_methods/malicious_self_program_id.bin b/artifacts/test_program_methods/malicious_self_program_id.bin index 44bb3414..0508f3fd 100644 Binary files a/artifacts/test_program_methods/malicious_self_program_id.bin and b/artifacts/test_program_methods/malicious_self_program_id.bin differ diff --git a/artifacts/test_program_methods/minter.bin b/artifacts/test_program_methods/minter.bin index 3b94fba9..89c6185c 100644 Binary files a/artifacts/test_program_methods/minter.bin and b/artifacts/test_program_methods/minter.bin differ diff --git a/artifacts/test_program_methods/missing_output.bin b/artifacts/test_program_methods/missing_output.bin index 95d0c893..4f6d61aa 100644 Binary files a/artifacts/test_program_methods/missing_output.bin and b/artifacts/test_program_methods/missing_output.bin differ diff --git a/artifacts/test_program_methods/modified_transfer.bin b/artifacts/test_program_methods/modified_transfer.bin index 0ce18916..0b2d16de 100644 Binary files a/artifacts/test_program_methods/modified_transfer.bin and b/artifacts/test_program_methods/modified_transfer.bin differ diff --git a/artifacts/test_program_methods/nonce_changer.bin b/artifacts/test_program_methods/nonce_changer.bin index dcbe2971..b1c5b542 100644 Binary files a/artifacts/test_program_methods/nonce_changer.bin and b/artifacts/test_program_methods/nonce_changer.bin differ diff --git a/artifacts/test_program_methods/noop.bin b/artifacts/test_program_methods/noop.bin index 8820e8cd..de36834a 100644 Binary files a/artifacts/test_program_methods/noop.bin and b/artifacts/test_program_methods/noop.bin differ diff --git a/artifacts/test_program_methods/pinata_cooldown.bin b/artifacts/test_program_methods/pinata_cooldown.bin index 310cfa5c..c735b1df 100644 Binary files a/artifacts/test_program_methods/pinata_cooldown.bin and b/artifacts/test_program_methods/pinata_cooldown.bin differ diff --git a/artifacts/test_program_methods/program_owner_changer.bin b/artifacts/test_program_methods/program_owner_changer.bin index 1cca313c..d25c24c4 100644 Binary files a/artifacts/test_program_methods/program_owner_changer.bin and b/artifacts/test_program_methods/program_owner_changer.bin differ diff --git a/artifacts/test_program_methods/simple_balance_transfer.bin b/artifacts/test_program_methods/simple_balance_transfer.bin index 3d3ff455..8e78ac7d 100644 Binary files a/artifacts/test_program_methods/simple_balance_transfer.bin and b/artifacts/test_program_methods/simple_balance_transfer.bin differ diff --git a/artifacts/test_program_methods/time_locked_transfer.bin b/artifacts/test_program_methods/time_locked_transfer.bin index 839e1285..800893f6 100644 Binary files a/artifacts/test_program_methods/time_locked_transfer.bin and b/artifacts/test_program_methods/time_locked_transfer.bin differ diff --git a/artifacts/test_program_methods/validity_window.bin b/artifacts/test_program_methods/validity_window.bin index d87ea9e6..a2ba8b5d 100644 Binary files a/artifacts/test_program_methods/validity_window.bin and b/artifacts/test_program_methods/validity_window.bin differ diff --git a/artifacts/test_program_methods/validity_window_chain_caller.bin b/artifacts/test_program_methods/validity_window_chain_caller.bin index d4584e99..c02c355f 100644 Binary files a/artifacts/test_program_methods/validity_window_chain_caller.bin and b/artifacts/test_program_methods/validity_window_chain_caller.bin differ diff --git a/indexer/core/src/lib.rs b/indexer/core/src/lib.rs index 10e0834a..e464dac9 100644 --- a/indexer/core/src/lib.rs +++ b/indexer/core/src/lib.rs @@ -63,6 +63,7 @@ impl IndexerCore { .iter() .map(|init_comm_data| { let npk = &init_comm_data.npk; + let account_id = nssa::AccountId::from((npk, 0)); let mut acc = init_comm_data.account.clone(); @@ -70,8 +71,8 @@ impl IndexerCore { nssa::program::Program::authenticated_transfer_program().id(); ( - nssa_core::Commitment::new(npk, &acc), - nssa_core::Nullifier::for_account_initialization(npk), + nssa_core::Commitment::new(&account_id, &acc), + nssa_core::Nullifier::for_account_initialization(&account_id), ) }) .collect() diff --git a/nssa/core/src/circuit_io.rs b/nssa/core/src/circuit_io.rs index 998f6d71..83a8601b 100644 --- a/nssa/core/src/circuit_io.rs +++ b/nssa/core/src/circuit_io.rs @@ -1,7 +1,7 @@ use serde::{Deserialize, Serialize}; use crate::{ - Commitment, CommitmentSetDigest, MembershipProof, Nullifier, NullifierPublicKey, + Commitment, CommitmentSetDigest, Identifier, MembershipProof, Nullifier, NullifierPublicKey, NullifierSecretKey, SharedSecretKey, account::{Account, AccountWithMetadata}, encryption::Ciphertext, @@ -18,8 +18,8 @@ pub struct PrivacyPreservingCircuitInput { /// - `1` - private account with authentication /// - `2` - private account without authentication pub visibility_mask: Vec, - /// Public keys of private accounts. - pub private_account_keys: Vec<(NullifierPublicKey, SharedSecretKey)>, + /// Public keys and identifiers of private accounts. + pub private_account_keys: Vec<(NullifierPublicKey, Identifier, SharedSecretKey)>, /// Nullifier secret keys for authorized private accounts. pub private_account_nsks: Vec, /// Membership proofs for private accounts. Can be [`None`] for uninitialized accounts. @@ -56,7 +56,7 @@ mod tests { use super::*; use crate::{ - Commitment, Nullifier, NullifierPublicKey, + Commitment, Nullifier, account::{Account, AccountId, AccountWithMetadata, Nonce}, }; @@ -93,12 +93,12 @@ mod tests { }], ciphertexts: vec![Ciphertext(vec![255, 255, 1, 1, 2, 2])], new_commitments: vec![Commitment::new( - &NullifierPublicKey::from(&[1; 32]), + &AccountId::new([1; 32]), &Account::default(), )], new_nullifiers: vec![( Nullifier::for_account_update( - &Commitment::new(&NullifierPublicKey::from(&[2; 32]), &Account::default()), + &Commitment::new(&AccountId::new([2; 32]), &Account::default()), &[1; 32], ), [0xab; 32], diff --git a/nssa/core/src/commitment.rs b/nssa/core/src/commitment.rs index 24d5de87..556b9128 100644 --- a/nssa/core/src/commitment.rs +++ b/nssa/core/src/commitment.rs @@ -2,7 +2,7 @@ use borsh::{BorshDeserialize, BorshSerialize}; use risc0_zkvm::sha::{Impl, Sha256 as _}; use serde::{Deserialize, Serialize}; -use crate::{NullifierPublicKey, account::Account}; +use crate::account::{Account, AccountId}; /// A commitment to all zero data. /// ```python @@ -49,16 +49,16 @@ impl std::fmt::Debug for Commitment { } impl Commitment { - /// Generates the commitment to a private account owned by user for npk: - /// SHA256( `Comm_DS` || npk || `program_owner` || balance || nonce || SHA256(data)). + /// Generates the commitment to a private account owned by user for account_id: + /// SHA256( `Comm_DS` || account_id || `program_owner` || balance || nonce || SHA256(data)). #[must_use] - pub fn new(npk: &NullifierPublicKey, account: &Account) -> Self { + pub fn new(account_id: &AccountId, account: &Account) -> Self { const COMMITMENT_PREFIX: &[u8; 32] = b"/LEE/v0.3/Commitment/\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"; let mut bytes = Vec::new(); bytes.extend_from_slice(COMMITMENT_PREFIX); - bytes.extend_from_slice(&npk.to_byte_array()); + bytes.extend_from_slice(account_id.value()); let account_bytes_with_hashed_data = { let mut this = Vec::new(); for word in &account.program_owner { @@ -115,14 +115,14 @@ mod tests { use risc0_zkvm::sha::{Impl, Sha256 as _}; use crate::{ - Commitment, DUMMY_COMMITMENT, DUMMY_COMMITMENT_HASH, NullifierPublicKey, account::Account, + Commitment, DUMMY_COMMITMENT, DUMMY_COMMITMENT_HASH, account::{Account, AccountId}, }; #[test] fn nothing_up_my_sleeve_dummy_commitment() { let default_account = Account::default(); - let npk_null = NullifierPublicKey([0; 32]); - let expected_dummy_commitment = Commitment::new(&npk_null, &default_account); + let account_id_null = AccountId::new([0; 32]); + let expected_dummy_commitment = Commitment::new(&account_id_null, &default_account); assert_eq!(DUMMY_COMMITMENT, expected_dummy_commitment); } diff --git a/nssa/core/src/lib.rs b/nssa/core/src/lib.rs index a4fcdee1..478d475c 100644 --- a/nssa/core/src/lib.rs +++ b/nssa/core/src/lib.rs @@ -9,7 +9,7 @@ pub use commitment::{ compute_digest_for_path, }; pub use encryption::{EncryptionScheme, SharedSecretKey}; -pub use nullifier::{Nullifier, NullifierPublicKey, NullifierSecretKey}; +pub use nullifier::{Identifier, Nullifier, NullifierPublicKey, NullifierSecretKey}; pub mod account; mod circuit_io; diff --git a/nssa/core/src/nullifier.rs b/nssa/core/src/nullifier.rs index 802c2079..cfe1dcc3 100644 --- a/nssa/core/src/nullifier.rs +++ b/nssa/core/src/nullifier.rs @@ -91,10 +91,10 @@ impl Nullifier { /// Computes a nullifier for an account initialization. #[must_use] - pub fn for_account_initialization(npk: &NullifierPublicKey) -> Self { + pub fn for_account_initialization(account_id: &AccountId) -> Self { const INIT_PREFIX: &[u8; 32] = b"/LEE/v0.3/Nullifier/Initialize/\x00"; let mut bytes = INIT_PREFIX.to_vec(); - bytes.extend_from_slice(&npk.to_byte_array()); + bytes.extend_from_slice(account_id.value()); Self(Impl::hash_bytes(&bytes).as_bytes().try_into().unwrap()) } } @@ -117,7 +117,7 @@ mod tests { #[test] fn constructor_for_account_initialization() { - let npk = NullifierPublicKey([ + let account_id = AccountId::new([ 112, 188, 193, 129, 150, 55, 228, 67, 88, 168, 29, 151, 5, 92, 23, 190, 17, 162, 164, 255, 29, 105, 42, 186, 43, 11, 157, 168, 132, 225, 17, 163, ]); @@ -125,7 +125,7 @@ mod tests { 149, 59, 95, 181, 2, 194, 20, 143, 72, 233, 104, 243, 59, 70, 67, 243, 110, 77, 109, 132, 139, 111, 51, 125, 128, 92, 107, 46, 252, 4, 20, 149, ]); - let nullifier = Nullifier::for_account_initialization(&npk); + let nullifier = Nullifier::for_account_initialization(&account_id); assert_eq!(nullifier, expected_nullifier); } diff --git a/nssa/src/privacy_preserving_transaction/circuit.rs b/nssa/src/privacy_preserving_transaction/circuit.rs index 6506e9fe..fc6bd521 100644 --- a/nssa/src/privacy_preserving_transaction/circuit.rs +++ b/nssa/src/privacy_preserving_transaction/circuit.rs @@ -2,8 +2,8 @@ use std::collections::{HashMap, VecDeque}; use borsh::{BorshDeserialize, BorshSerialize}; use nssa_core::{ - MembershipProof, NullifierPublicKey, NullifierSecretKey, PrivacyPreservingCircuitInput, - PrivacyPreservingCircuitOutput, SharedSecretKey, + Identifier, MembershipProof, NullifierPublicKey, NullifierSecretKey, + PrivacyPreservingCircuitInput, PrivacyPreservingCircuitOutput, SharedSecretKey, account::AccountWithMetadata, program::{ChainedCall, InstructionData, ProgramId, ProgramOutput}, }; @@ -68,7 +68,7 @@ pub fn execute_and_prove( pre_states: Vec, instruction_data: InstructionData, visibility_mask: Vec, - private_account_keys: Vec<(NullifierPublicKey, SharedSecretKey)>, + private_account_keys: Vec<(NullifierPublicKey, Identifier, SharedSecretKey)>, private_account_nsks: Vec, private_account_membership_proofs: Vec>, program_with_dependencies: &ProgramWithDependencies, @@ -242,7 +242,7 @@ mod tests { vec![sender, recipient], Program::serialize_instruction(balance_to_move).unwrap(), vec![0, 2], - vec![(recipient_keys.npk(), shared_secret)], + vec![(recipient_keys.npk(), 0, shared_secret)], vec![], vec![None], &Program::authenticated_transfer_program().into(), @@ -286,7 +286,8 @@ mod tests { true, AccountId::from((&sender_keys.npk(), 0)), ); - let commitment_sender = Commitment::new(&sender_keys.npk(), &sender_pre.account); + let sender_account_id = AccountId::from((&sender_keys.npk(), 0)); + let commitment_sender = Commitment::new(&sender_account_id, &sender_pre.account); let recipient = AccountWithMetadata::new( Account::default(), @@ -298,13 +299,14 @@ mod tests { let mut commitment_set = CommitmentSet::with_capacity(2); commitment_set.extend(std::slice::from_ref(&commitment_sender)); + let recipient_account_id = AccountId::from((&recipient_keys.npk(), 0)); let expected_new_nullifiers = vec![ ( Nullifier::for_account_update(&commitment_sender, &sender_keys.nsk), commitment_set.digest(), ), ( - Nullifier::for_account_initialization(&recipient_keys.npk()), + Nullifier::for_account_initialization(&recipient_account_id), DUMMY_COMMITMENT_HASH, ), ]; @@ -324,8 +326,8 @@ mod tests { ..Default::default() }; let expected_new_commitments = vec![ - Commitment::new(&sender_keys.npk(), &expected_private_account_1), - Commitment::new(&recipient_keys.npk(), &expected_private_account_2), + Commitment::new(&sender_account_id, &expected_private_account_1), + Commitment::new(&recipient_account_id, &expected_private_account_2), ]; let esk_1 = [3; 32]; @@ -339,8 +341,8 @@ mod tests { Program::serialize_instruction(balance_to_move).unwrap(), vec![1, 2], vec![ - (sender_keys.npk(), shared_secret_1), - (recipient_keys.npk(), shared_secret_2), + (sender_keys.npk(), 0, shared_secret_1), + (recipient_keys.npk(), 0, shared_secret_2), ], vec![sender_keys.nsk], vec![commitment_set.get_proof_for(&commitment_sender), None], @@ -407,7 +409,7 @@ mod tests { vec![pre], instruction, vec![2], - vec![(account_keys.npk(), shared_secret)], + vec![(account_keys.npk(), 0, shared_secret)], vec![], vec![None], &program_with_deps, diff --git a/nssa/src/privacy_preserving_transaction/message.rs b/nssa/src/privacy_preserving_transaction/message.rs index 85f4a202..a46ddf07 100644 --- a/nssa/src/privacy_preserving_transaction/message.rs +++ b/nssa/src/privacy_preserving_transaction/message.rs @@ -154,9 +154,11 @@ pub mod tests { let encrypted_private_post_states = Vec::new(); - let new_commitments = vec![Commitment::new(&npk2, &account2)]; + let account_id2 = nssa_core::account::AccountId::from((&npk2, 0)); + let new_commitments = vec![Commitment::new(&account_id2, &account2)]; - let old_commitment = Commitment::new(&npk1, &account1); + let account_id1 = nssa_core::account::AccountId::from((&npk1, 0)); + let old_commitment = Commitment::new(&account_id1, &account1); let new_nullifiers = vec![( Nullifier::for_account_update(&old_commitment, &nsk1), [0; 32], @@ -179,7 +181,8 @@ pub mod tests { let npk = NullifierPublicKey::from(&[1; 32]); let vpk = ViewingPublicKey::from_scalar([2; 32]); let account = Account::default(); - let commitment = Commitment::new(&npk, &account); + let account_id = nssa_core::account::AccountId::from((&npk, 0)); + let commitment = Commitment::new(&account_id, &account); let esk = [3; 32]; let shared_secret = SharedSecretKey::new(&esk, &vpk); let epk = EphemeralPublicKey::from_scalar(esk); diff --git a/nssa/src/state.rs b/nssa/src/state.rs index 5c15e192..d26b93e3 100644 --- a/nssa/src/state.rs +++ b/nssa/src/state.rs @@ -456,7 +456,8 @@ pub mod tests { #[must_use] pub fn with_private_account(mut self, keys: &TestPrivateKeys, account: &Account) -> Self { - let commitment = Commitment::new(&keys.npk(), account); + let account_id = AccountId::from((&keys.npk(), 0)); + let commitment = Commitment::new(&account_id, account); self.private_state.0.extend(&[commitment]); self } @@ -614,13 +615,13 @@ pub mod tests { ..Account::default() }; - let npk1 = keys1.npk(); - let npk2 = keys2.npk(); + let account_id1 = AccountId::from((&keys1.npk(), 0)); + let account_id2 = AccountId::from((&keys2.npk(), 0)); - let init_commitment1 = Commitment::new(&npk1, &account); - let init_commitment2 = Commitment::new(&npk2, &account); - let init_nullifier1 = Nullifier::for_account_initialization(&npk1); - let init_nullifier2 = Nullifier::for_account_initialization(&npk2); + let init_commitment1 = Commitment::new(&account_id1, &account); + let init_commitment2 = Commitment::new(&account_id2, &account); + let init_nullifier1 = Nullifier::for_account_initialization(&account_id1); + let init_nullifier2 = Nullifier::for_account_initialization(&account_id2); let initial_private_accounts = vec![ (init_commitment1, init_nullifier1), @@ -1222,7 +1223,7 @@ pub mod tests { vec![sender, recipient], Program::serialize_instruction(balance_to_move).unwrap(), vec![0, 2], - vec![(recipient_keys.npk(), shared_secret)], + vec![(recipient_keys.npk(), 0, shared_secret)], vec![], vec![None], &Program::authenticated_transfer_program().into(), @@ -1249,7 +1250,8 @@ pub mod tests { state: &V03State, ) -> PrivacyPreservingTransaction { let program = Program::authenticated_transfer_program(); - let sender_commitment = Commitment::new(&sender_keys.npk(), sender_private_account); + let sender_account_id = AccountId::from((&sender_keys.npk(), 0)); + let sender_commitment = Commitment::new(&sender_account_id, sender_private_account); let sender_pre = AccountWithMetadata::new(sender_private_account.clone(), true, (&sender_keys.npk(), 0)); let recipient_pre = @@ -1268,8 +1270,8 @@ pub mod tests { Program::serialize_instruction(balance_to_move).unwrap(), vec![1, 2], vec![ - (sender_keys.npk(), shared_secret_1), - (recipient_keys.npk(), shared_secret_2), + (sender_keys.npk(), 0, shared_secret_1), + (recipient_keys.npk(), 0, shared_secret_2), ], vec![sender_keys.nsk], vec![state.get_proof_for_commitment(&sender_commitment), None], @@ -1301,7 +1303,8 @@ pub mod tests { state: &V03State, ) -> PrivacyPreservingTransaction { let program = Program::authenticated_transfer_program(); - let sender_commitment = Commitment::new(&sender_keys.npk(), sender_private_account); + let sender_account_id = AccountId::from((&sender_keys.npk(), 0)); + let sender_commitment = Commitment::new(&sender_account_id, sender_private_account); let sender_pre = AccountWithMetadata::new(sender_private_account.clone(), true, (&sender_keys.npk(), 0)); let recipient_pre = AccountWithMetadata::new( @@ -1318,7 +1321,7 @@ pub mod tests { vec![sender_pre, recipient_pre], Program::serialize_instruction(balance_to_move).unwrap(), vec![1, 0], - vec![(sender_keys.npk(), shared_secret)], + vec![(sender_keys.npk(), 0, shared_secret)], vec![sender_keys.nsk], vec![state.get_proof_for_commitment(&sender_commitment)], &program.into(), @@ -1405,8 +1408,10 @@ pub mod tests { &state, ); + let sender_account_id = AccountId::from((&sender_keys.npk(), 0)); + let recipient_account_id = AccountId::from((&recipient_keys.npk(), 0)); let expected_new_commitment_1 = Commitment::new( - &sender_keys.npk(), + &sender_account_id, &Account { program_owner: Program::authenticated_transfer_program().id(), nonce: sender_nonce.private_account_nonce_increment(&sender_keys.nsk), @@ -1415,12 +1420,12 @@ pub mod tests { }, ); - let sender_pre_commitment = Commitment::new(&sender_keys.npk(), &sender_private_account); + let sender_pre_commitment = Commitment::new(&sender_account_id, &sender_private_account); let expected_new_nullifier = Nullifier::for_account_update(&sender_pre_commitment, &sender_keys.nsk); let expected_new_commitment_2 = Commitment::new( - &recipient_keys.npk(), + &recipient_account_id, &Account { program_owner: Program::authenticated_transfer_program().id(), nonce: Nonce::private_account_nonce_init(&recipient_keys.npk()), @@ -1482,8 +1487,9 @@ pub mod tests { &state, ); + let sender_account_id = AccountId::from((&sender_keys.npk(), 0)); let expected_new_commitment = Commitment::new( - &sender_keys.npk(), + &sender_account_id, &Account { program_owner: Program::authenticated_transfer_program().id(), nonce: sender_nonce.private_account_nonce_increment(&sender_keys.nsk), @@ -1492,7 +1498,7 @@ pub mod tests { }, ); - let sender_pre_commitment = Commitment::new(&sender_keys.npk(), &sender_private_account); + let sender_pre_commitment = Commitment::new(&sender_account_id, &sender_private_account); let expected_new_nullifier = Nullifier::for_account_update(&sender_pre_commitment, &sender_keys.nsk); @@ -1836,10 +1842,12 @@ pub mod tests { vec![ ( sender_keys.npk(), + 0, SharedSecretKey::new(&[55; 32], &sender_keys.vpk()), ), ( recipient_keys.npk(), + 0, SharedSecretKey::new(&[56; 32], &recipient_keys.vpk()), ), ], @@ -1870,6 +1878,7 @@ pub mod tests { // Setting only one key for an execution with two private accounts. let private_account_keys = [( sender_keys.npk(), + 0, SharedSecretKey::new(&[55; 32], &sender_keys.vpk()), )]; let result = execute_and_prove( @@ -1911,10 +1920,12 @@ pub mod tests { vec![ ( sender_keys.npk(), + 0, SharedSecretKey::new(&[55; 32], &sender_keys.vpk()), ), ( recipient_keys.npk(), + 0, SharedSecretKey::new(&[56; 32], &recipient_keys.vpk()), ), ], @@ -1952,10 +1963,12 @@ pub mod tests { vec![ ( sender_keys.npk(), + 0, SharedSecretKey::new(&[55; 32], &sender_keys.vpk()), ), ( recipient_keys.npk(), + 0, SharedSecretKey::new(&[56; 32], &recipient_keys.vpk()), ), ], @@ -1988,11 +2001,13 @@ pub mod tests { // First private account is the sender ( sender_keys.npk(), + 0, SharedSecretKey::new(&[55; 32], &sender_keys.vpk()), ), // Second private account is the recipient ( recipient_keys.npk(), + 0, SharedSecretKey::new(&[56; 32], &recipient_keys.vpk()), ), ]; @@ -2046,10 +2061,12 @@ pub mod tests { vec![ ( sender_keys.npk(), + 0, SharedSecretKey::new(&[55; 32], &sender_keys.vpk()), ), ( recipient_keys.npk(), + 0, SharedSecretKey::new(&[56; 32], &recipient_keys.vpk()), ), ], @@ -2092,10 +2109,12 @@ pub mod tests { vec![ ( sender_keys.npk(), + 0, SharedSecretKey::new(&[55; 32], &sender_keys.vpk()), ), ( recipient_keys.npk(), + 0, SharedSecretKey::new(&[56; 32], &recipient_keys.vpk()), ), ], @@ -2138,10 +2157,12 @@ pub mod tests { vec![ ( sender_keys.npk(), + 0, SharedSecretKey::new(&[55; 32], &sender_keys.vpk()), ), ( recipient_keys.npk(), + 0, SharedSecretKey::new(&[56; 32], &recipient_keys.vpk()), ), ], @@ -2184,10 +2205,12 @@ pub mod tests { vec![ ( sender_keys.npk(), + 0, SharedSecretKey::new(&[55; 32], &sender_keys.vpk()), ), ( recipient_keys.npk(), + 0, SharedSecretKey::new(&[56; 32], &recipient_keys.vpk()), ), ], @@ -2228,10 +2251,12 @@ pub mod tests { vec![ ( sender_keys.npk(), + 0, SharedSecretKey::new(&[55; 32], &sender_keys.vpk()), ), ( recipient_keys.npk(), + 0, SharedSecretKey::new(&[56; 32], &recipient_keys.vpk()), ), ], @@ -2296,10 +2321,12 @@ pub mod tests { vec![ ( sender_keys.npk(), + 0, SharedSecretKey::new(&[55; 32], &sender_keys.vpk()), ), ( recipient_keys.npk(), + 0, SharedSecretKey::new(&[56; 32], &recipient_keys.vpk()), ), ], @@ -2333,14 +2360,17 @@ pub mod tests { let private_account_keys = [ ( sender_keys.npk(), + 0, SharedSecretKey::new(&[55; 32], &sender_keys.vpk()), ), ( recipient_keys.npk(), + 0, SharedSecretKey::new(&[56; 32], &recipient_keys.vpk()), ), ( sender_keys.npk(), + 0, SharedSecretKey::new(&[57; 32], &sender_keys.vpk()), ), ]; @@ -2386,10 +2416,12 @@ pub mod tests { vec![ ( sender_keys.npk(), + 0, SharedSecretKey::new(&[55; 32], &sender_keys.vpk()), ), ( recipient_keys.npk(), + 0, SharedSecretKey::new(&[56; 32], &recipient_keys.vpk()), ), ], @@ -2480,8 +2512,8 @@ pub mod tests { Program::serialize_instruction(100_u128).unwrap(), visibility_mask.to_vec(), vec![ - (sender_keys.npk(), shared_secret), - (sender_keys.npk(), shared_secret), + (sender_keys.npk(), 0, shared_secret), + (sender_keys.npk(), 0, shared_secret), ], private_account_nsks.to_vec(), private_account_membership_proofs.to_vec(), @@ -2795,8 +2827,9 @@ pub mod tests { balance: 100, ..Account::default() }; - let sender_commitment = Commitment::new(&sender_keys.npk(), &sender_private_account); - let sender_init_nullifier = Nullifier::for_account_initialization(&sender_keys.npk()); + let sender_account_id = AccountId::from((&sender_keys.npk(), 0)); + let sender_commitment = Commitment::new(&sender_account_id, &sender_private_account); + let sender_init_nullifier = Nullifier::for_account_initialization(&sender_account_id); let mut state = V03State::new_with_genesis_accounts( &[], vec![(sender_commitment.clone(), sender_init_nullifier)], @@ -2816,7 +2849,7 @@ pub mod tests { vec![sender_pre, recipient_pre], Program::serialize_instruction(37_u128).unwrap(), vec![1, 0], - vec![(sender_keys.npk(), shared_secret)], + vec![(sender_keys.npk(), 0, shared_secret)], vec![sender_keys.nsk], vec![state.get_proof_for_commitment(&sender_commitment)], &program.into(), @@ -2879,10 +2912,12 @@ pub mod tests { (&to_keys.npk(), 0), ); - let from_commitment = Commitment::new(&from_keys.npk(), &from_account.account); - let to_commitment = Commitment::new(&to_keys.npk(), &to_account.account); - let from_init_nullifier = Nullifier::for_account_initialization(&from_keys.npk()); - let to_init_nullifier = Nullifier::for_account_initialization(&to_keys.npk()); + let from_account_id = AccountId::from((&from_keys.npk(), 0)); + let to_account_id = AccountId::from((&to_keys.npk(), 0)); + let from_commitment = Commitment::new(&from_account_id, &from_account.account); + let to_commitment = Commitment::new(&to_account_id, &to_account.account); + let from_init_nullifier = Nullifier::for_account_initialization(&from_account_id); + let to_init_nullifier = Nullifier::for_account_initialization(&to_account_id); let mut state = V03State::new_with_genesis_accounts( &[], vec![ @@ -2921,21 +2956,21 @@ pub mod tests { nonce: from_new_nonce, ..from_account.account.clone() }; - let from_expected_commitment = Commitment::new(&from_keys.npk(), &from_expected_post); + let from_expected_commitment = Commitment::new(&from_account_id, &from_expected_post); let to_expected_post = Account { balance: u128::from(number_of_calls) * amount, nonce: to_new_nonce, ..to_account.account.clone() }; - let to_expected_commitment = Commitment::new(&to_keys.npk(), &to_expected_post); + let to_expected_commitment = Commitment::new(&to_account_id, &to_expected_post); // Act let (output, proof) = execute_and_prove( vec![to_account, from_account], Program::serialize_instruction(instruction).unwrap(), vec![1, 1], - vec![(from_keys.npk(), to_ss), (to_keys.npk(), from_ss)], + vec![(from_keys.npk(), 0, to_ss), (to_keys.npk(), 0, from_ss)], vec![from_keys.nsk, to_keys.nsk], vec![ state.get_proof_for_commitment(&from_commitment), @@ -3183,7 +3218,7 @@ pub mod tests { vec![authorized_account], Program::serialize_instruction(balance).unwrap(), vec![1], - vec![(private_keys.npk(), shared_secret)], + vec![(private_keys.npk(), 0, shared_secret)], vec![private_keys.nsk], vec![None], &program.into(), @@ -3205,7 +3240,8 @@ pub mod tests { let result = state.transition_from_privacy_preserving_transaction(&tx, 1, 0); assert!(result.is_ok()); - let nullifier = Nullifier::for_account_initialization(&private_keys.npk()); + let account_id = AccountId::from((&private_keys.npk(), 0)); + let nullifier = Nullifier::for_account_initialization(&account_id); assert!(state.private_state.1.contains(&nullifier)); } @@ -3230,7 +3266,7 @@ pub mod tests { vec![unauthorized_account], Program::serialize_instruction(0_u128).unwrap(), vec![2], - vec![(private_keys.npk(), shared_secret)], + vec![(private_keys.npk(), 0, shared_secret)], vec![], vec![None], &program.into(), @@ -3252,7 +3288,8 @@ pub mod tests { .transition_from_privacy_preserving_transaction(&tx, 1, 0) .unwrap(); - let nullifier = Nullifier::for_account_initialization(&private_keys.npk()); + let account_id = AccountId::from((&private_keys.npk(), 0)); + let nullifier = Nullifier::for_account_initialization(&account_id); assert!(state.private_state.1.contains(&nullifier)); } @@ -3281,7 +3318,7 @@ pub mod tests { vec![authorized_account.clone()], Program::serialize_instruction(balance).unwrap(), vec![1], - vec![(private_keys.npk(), shared_secret)], + vec![(private_keys.npk(), 0, shared_secret)], vec![private_keys.nsk], vec![None], &claimer_program.into(), @@ -3307,7 +3344,8 @@ pub mod tests { ); // Verify the account is now initialized (nullifier exists) - let nullifier = Nullifier::for_account_initialization(&private_keys.npk()); + let account_id = AccountId::from((&private_keys.npk(), 0)); + let nullifier = Nullifier::for_account_initialization(&account_id); assert!(state.private_state.1.contains(&nullifier)); // Prepare new state of account @@ -3326,7 +3364,7 @@ pub mod tests { vec![account_metadata], Program::serialize_instruction(()).unwrap(), vec![1], - vec![(private_keys.npk(), shared_secret2)], + vec![(private_keys.npk(), 0, shared_secret2)], vec![private_keys.nsk], vec![None], &noop_program.into(), @@ -3397,6 +3435,7 @@ pub mod tests { vec![1], vec![( sender_keys.npk(), + 0, SharedSecretKey::new(&[3; 32], &sender_keys.vpk()), )], vec![sender_keys.nsk], @@ -3424,6 +3463,7 @@ pub mod tests { vec![1], vec![( sender_keys.npk(), + 0, SharedSecretKey::new(&[3; 32], &sender_keys.vpk()), )], vec![sender_keys.nsk], @@ -3455,9 +3495,10 @@ pub mod tests { let recipient_account = AccountWithMetadata::new(Account::default(), true, (&recipient_keys.npk(), 0)); + let recipient_account_id = AccountId::from((&recipient_keys.npk(), 0)); let recipient_commitment = - Commitment::new(&recipient_keys.npk(), &recipient_account.account); - let recipient_init_nullifier = Nullifier::for_account_initialization(&recipient_keys.npk()); + Commitment::new(&recipient_account_id, &recipient_account.account); + let recipient_init_nullifier = Nullifier::for_account_initialization(&recipient_account_id); let state = V03State::new_with_genesis_accounts( &[(sender_account.account_id, sender_account.account.balance)], vec![(recipient_commitment.clone(), recipient_init_nullifier)], @@ -3480,7 +3521,7 @@ pub mod tests { vec![sender_account, recipient_account], Program::serialize_instruction(instruction).unwrap(), vec![0, 1], - vec![(recipient_keys.npk(), recipient)], + vec![(recipient_keys.npk(), 0, recipient)], vec![recipient_keys.nsk], vec![state.get_proof_for_commitment(&recipient_commitment)], &program_with_deps, @@ -3630,7 +3671,7 @@ pub mod tests { vec![pre], Program::serialize_instruction(instruction).unwrap(), vec![2], - vec![(account_keys.npk(), shared_secret)], + vec![(account_keys.npk(), 0, shared_secret)], vec![], vec![None], &validity_window_program.into(), @@ -3699,7 +3740,7 @@ pub mod tests { vec![pre], Program::serialize_instruction(instruction).unwrap(), vec![2], - vec![(account_keys.npk(), shared_secret)], + vec![(account_keys.npk(), 0, shared_secret)], vec![], vec![None], &validity_window_program.into(), diff --git a/program_methods/guest/src/bin/privacy_preserving_circuit.rs b/program_methods/guest/src/bin/privacy_preserving_circuit.rs index b9287558..ad3d4f95 100644 --- a/program_methods/guest/src/bin/privacy_preserving_circuit.rs +++ b/program_methods/guest/src/bin/privacy_preserving_circuit.rs @@ -4,9 +4,9 @@ use std::{ }; use nssa_core::{ - Commitment, CommitmentSetDigest, DUMMY_COMMITMENT_HASH, EncryptionScheme, MembershipProof, - Nullifier, NullifierPublicKey, NullifierSecretKey, PrivacyPreservingCircuitInput, - PrivacyPreservingCircuitOutput, SharedSecretKey, + Commitment, CommitmentSetDigest, DUMMY_COMMITMENT_HASH, EncryptionScheme, Identifier, + MembershipProof, Nullifier, NullifierPublicKey, NullifierSecretKey, + PrivacyPreservingCircuitInput, PrivacyPreservingCircuitOutput, SharedSecretKey, account::{Account, AccountId, AccountWithMetadata, Nonce}, compute_digest_for_path, program::{ @@ -302,7 +302,7 @@ impl ExecutionState { fn compute_circuit_output( execution_state: ExecutionState, visibility_mask: &[u8], - private_account_keys: &[(NullifierPublicKey, SharedSecretKey)], + private_account_keys: &[(NullifierPublicKey, Identifier, SharedSecretKey)], private_account_nsks: &[NullifierSecretKey], private_account_membership_proofs: &[Option], ) -> PrivacyPreservingCircuitOutput { @@ -338,12 +338,14 @@ fn compute_circuit_output( output.public_post_states.push(post_state); } 1 | 2 => { - let Some((npk, shared_secret)) = private_keys_iter.next() else { + let Some((npk, identifier, shared_secret)) = private_keys_iter.next() else { panic!("Missing private account key"); }; + let account_id = AccountId::from((npk, *identifier)); + assert_eq!( - AccountId::from((npk, 0)), + account_id, pre_state.account_id, "AccountId mismatch" ); @@ -375,7 +377,7 @@ fn compute_circuit_output( let new_nullifier = compute_nullifier_and_set_digest( membership_proof_opt.as_ref(), &pre_state.account, - npk, + &account_id, nsk, ); @@ -405,7 +407,7 @@ fn compute_circuit_output( "Membership proof must be None for unauthorized accounts" ); - let nullifier = Nullifier::for_account_initialization(npk); + let nullifier = Nullifier::for_account_initialization(&account_id); let new_nonce = Nonce::private_account_nonce_init(npk); @@ -418,7 +420,7 @@ fn compute_circuit_output( post_with_updated_nonce.nonce = new_nonce; // Compute commitment - let commitment_post = Commitment::new(npk, &post_with_updated_nonce); + let commitment_post = Commitment::new(&account_id, &post_with_updated_nonce); // Encrypt and push post state let encrypted_account = EncryptionScheme::encrypt( @@ -459,7 +461,7 @@ fn compute_circuit_output( fn compute_nullifier_and_set_digest( membership_proof_opt: Option<&MembershipProof>, pre_account: &Account, - npk: &NullifierPublicKey, + account_id: &AccountId, nsk: &NullifierSecretKey, ) -> (Nullifier, CommitmentSetDigest) { membership_proof_opt.as_ref().map_or_else( @@ -471,12 +473,12 @@ fn compute_nullifier_and_set_digest( ); // Compute initialization nullifier - let nullifier = Nullifier::for_account_initialization(npk); + let nullifier = Nullifier::for_account_initialization(account_id); (nullifier, DUMMY_COMMITMENT_HASH) }, |membership_proof| { // Compute commitment set digest associated with provided auth path - let commitment_pre = Commitment::new(npk, pre_account); + let commitment_pre = Commitment::new(account_id, pre_account); let set_digest = compute_digest_for_path(&commitment_pre, membership_proof); // Compute update nullifier diff --git a/sequencer/core/src/lib.rs b/sequencer/core/src/lib.rs index 16f5b4d5..3857404a 100644 --- a/sequencer/core/src/lib.rs +++ b/sequencer/core/src/lib.rs @@ -110,6 +110,7 @@ impl SequencerCore SequencerCore V03State { .iter() .map(|init_comm_data| { let npk = &init_comm_data.npk; + let account_id = nssa::AccountId::from((npk, 0)); let mut acc = init_comm_data.account.clone(); acc.program_owner = nssa::program::Program::authenticated_transfer_program().id(); ( - nssa_core::Commitment::new(npk, &acc), - nssa_core::Nullifier::for_account_initialization(npk), + nssa_core::Commitment::new(&account_id, &acc), + nssa_core::Nullifier::for_account_initialization(&account_id), ) }) .collect(); diff --git a/wallet/src/lib.rs b/wallet/src/lib.rs index 63ea8611..0439405c 100644 --- a/wallet/src/lib.rs +++ b/wallet/src/lib.rs @@ -300,8 +300,8 @@ impl WalletCore { #[must_use] pub fn get_private_account_commitment(&self, account_id: AccountId) -> Option { - let (keys, account) = self.storage.user_data.get_private_account(account_id)?; - Some(Commitment::new(&keys.nullifier_public_key, account)) + let (_keys, account) = self.storage.user_data.get_private_account(account_id)?; + Some(Commitment::new(&account_id, account)) } /// Poll transactions. @@ -393,7 +393,7 @@ impl WalletCore { acc_manager.visibility_mask().to_vec(), private_account_keys .iter() - .map(|keys| (keys.npk.clone(), keys.ssk)) + .map(|keys| (keys.npk.clone(), 0, keys.ssk)) .collect::>(), acc_manager.private_account_auth(), acc_manager.private_account_membership_proofs(),