From a8697c8db68ce54c65c43a9a6bd8541268194905 Mon Sep 17 00:00:00 2001
From: Sergio Chouhy <sergio.chouhy@gmail.com>
Date: Fri, 14 Nov 2025 01:28:34 -0300
Subject: [PATCH] wip

---
 nssa/core/src/circuit_io.rs                   |  3 +-
 .../src/bin/privacy_preserving_circuit.rs     | 17 ++--
 .../privacy_preserving_transaction/circuit.rs | 13 +--
 nssa/src/state.rs                             | 88 +++++++++++--------
 wallet/src/pinata_interactions.rs             |  4 +-
 5 files changed, 75 insertions(+), 50 deletions(-)

diff --git a/nssa/core/src/circuit_io.rs b/nssa/core/src/circuit_io.rs
index 6370dc6..3fe3667 100644
--- a/nssa/core/src/circuit_io.rs
+++ b/nssa/core/src/circuit_io.rs
@@ -14,7 +14,8 @@ pub struct PrivacyPreservingCircuitInput {
     pub visibility_mask: Vec<u8>,
     pub private_account_nonces: Vec<Nonce>,
     pub private_account_keys: Vec<(NullifierPublicKey, SharedSecretKey)>,
-    pub private_account_auth: Vec<(NullifierSecretKey, MembershipProof)>,
+    pub private_account_nsks: Vec<NullifierSecretKey>,
+    pub private_account_membership_proofs: Vec<MembershipProof>,
     pub program_id: ProgramId,
 }
 
diff --git a/nssa/program_methods/guest/src/bin/privacy_preserving_circuit.rs b/nssa/program_methods/guest/src/bin/privacy_preserving_circuit.rs
index d8ed15d..1535ddc 100644
--- a/nssa/program_methods/guest/src/bin/privacy_preserving_circuit.rs
+++ b/nssa/program_methods/guest/src/bin/privacy_preserving_circuit.rs
@@ -3,8 +3,8 @@ use std::collections::HashSet;
 use risc0_zkvm::{guest::env, serde::to_vec};
 
 use nssa_core::{
-    Commitment, CommitmentSetDigest, DUMMY_COMMITMENT_HASH, EncryptionScheme,
-    Nullifier, NullifierPublicKey, PrivacyPreservingCircuitInput, PrivacyPreservingCircuitOutput,
+    Commitment, CommitmentSetDigest, DUMMY_COMMITMENT_HASH, EncryptionScheme, Nullifier,
+    NullifierPublicKey, PrivacyPreservingCircuitInput, PrivacyPreservingCircuitOutput,
     account::{Account, AccountId, AccountWithMetadata},
     compute_digest_for_path,
     encryption::Ciphertext,
@@ -17,7 +17,8 @@ fn main() {
         visibility_mask,
         private_account_nonces,
         private_account_keys,
-        private_account_auth,
+        private_account_nsks,
+        private_account_membership_proofs,
         program_id,
     } = env::read();
 
@@ -61,7 +62,8 @@ fn main() {
 
     let mut private_nonces_iter = private_account_nonces.iter();
     let mut private_keys_iter = private_account_keys.iter();
-    let mut private_auth_iter = private_account_auth.iter();
+    let mut private_nsks_iter = private_account_nsks.iter();
+    let mut private_membership_proofs_iter = private_account_membership_proofs.iter();
 
     let mut output_index = 0;
     for i in 0..n_accounts {
@@ -90,8 +92,11 @@ fn main() {
 
                 if visibility_mask[i] == 1 {
                     // Private account with authentication
-                    let (nsk, membership_proof) =
-                        private_auth_iter.next().expect("Missing private auth");
+                    let nsk = private_nsks_iter.next().expect("Missing nsk");
+
+                    let membership_proof = private_membership_proofs_iter
+                        .next()
+                        .expect("Missing membership proof");
 
                     // Verify the nullifier public key
                     let expected_npk = NullifierPublicKey::from(nsk);
diff --git a/nssa/src/privacy_preserving_transaction/circuit.rs b/nssa/src/privacy_preserving_transaction/circuit.rs
index 9ce0610..e076bbc 100644
--- a/nssa/src/privacy_preserving_transaction/circuit.rs
+++ b/nssa/src/privacy_preserving_transaction/circuit.rs
@@ -22,7 +22,8 @@ pub fn execute_and_prove(
     visibility_mask: &[u8],
     private_account_nonces: &[u128],
     private_account_keys: &[(NullifierPublicKey, SharedSecretKey)],
-    private_account_auth: &[(NullifierSecretKey, MembershipProof)],
+    private_account_nsks: &[NullifierSecretKey],
+    private_account_membership_proofs: &[MembershipProof],
     program: &Program,
 ) -> Result<(PrivacyPreservingCircuitOutput, Proof), NssaError> {
     let inner_receipt = execute_and_prove_program(program, pre_states, instruction_data)?;
@@ -37,7 +38,8 @@ pub fn execute_and_prove(
         visibility_mask: visibility_mask.to_vec(),
         private_account_nonces: private_account_nonces.to_vec(),
         private_account_keys: private_account_keys.to_vec(),
-        private_account_auth: private_account_auth.to_vec(),
+        private_account_nsks: private_account_nsks.to_vec(),
+        private_account_membership_proofs: private_account_membership_proofs.to_vec(),
         program_id: program.id(),
     };
 
@@ -154,6 +156,7 @@ mod tests {
             &[0xdeadbeef],
             &[(recipient_keys.npk(), shared_secret.clone())],
             &[],
+            &[],
             &Program::authenticated_transfer_program(),
         )
         .unwrap();
@@ -251,10 +254,8 @@ mod tests {
                 (sender_keys.npk(), shared_secret_1.clone()),
                 (recipient_keys.npk(), shared_secret_2.clone()),
             ],
-            &[(
-                sender_keys.nsk,
-                commitment_set.get_proof_for(&commitment_sender).unwrap(),
-            )],
+            &[sender_keys.nsk],
+            &[commitment_set.get_proof_for(&commitment_sender).unwrap()],
             &program,
         )
         .unwrap();
diff --git a/nssa/src/state.rs b/nssa/src/state.rs
index 4120824..7204443 100644
--- a/nssa/src/state.rs
+++ b/nssa/src/state.rs
@@ -836,6 +836,7 @@ pub mod tests {
             &[0xdeadbeef],
             &[(recipient_keys.npk(), shared_secret)],
             &[],
+            &[],
             &Program::authenticated_transfer_program(),
         )
         .unwrap();
@@ -884,10 +885,8 @@ pub mod tests {
                 (sender_keys.npk(), shared_secret_1),
                 (recipient_keys.npk(), shared_secret_2),
             ],
-            &[(
-                sender_keys.nsk,
-                state.get_proof_for_commitment(&sender_commitment).unwrap(),
-            )],
+            &[sender_keys.nsk],
+            &[state.get_proof_for_commitment(&sender_commitment).unwrap()],
             &program,
         )
         .unwrap();
@@ -936,10 +935,8 @@ pub mod tests {
             &[1, 0],
             &[new_nonce],
             &[(sender_keys.npk(), shared_secret)],
-            &[(
-                sender_keys.nsk,
-                state.get_proof_for_commitment(&sender_commitment).unwrap(),
-            )],
+            &[sender_keys.nsk],
+            &[state.get_proof_for_commitment(&sender_commitment).unwrap()],
             &program,
         )
         .unwrap();
@@ -1152,6 +1149,7 @@ pub mod tests {
             &[],
             &[],
             &[],
+            &[],
             &program,
         );
 
@@ -1178,6 +1176,7 @@ pub mod tests {
             &[],
             &[],
             &[],
+            &[],
             &program,
         );
 
@@ -1204,6 +1203,7 @@ pub mod tests {
             &[],
             &[],
             &[],
+            &[],
             &program,
         );
 
@@ -1230,6 +1230,7 @@ pub mod tests {
             &[],
             &[],
             &[],
+            &[],
             &program,
         );
 
@@ -1256,6 +1257,7 @@ pub mod tests {
             &[],
             &[],
             &[],
+            &[],
             &program,
         );
 
@@ -1291,6 +1293,7 @@ pub mod tests {
             &[],
             &[],
             &[],
+            &[],
             &program,
         );
 
@@ -1317,6 +1320,7 @@ pub mod tests {
             &[],
             &[],
             &[],
+            &[],
             &program,
         );
 
@@ -1352,6 +1356,7 @@ pub mod tests {
             &[],
             &[],
             &[],
+            &[],
             &program,
         );
 
@@ -1389,6 +1394,7 @@ pub mod tests {
             &[],
             &[],
             &[],
+            &[],
             &program,
         );
 
@@ -1429,7 +1435,8 @@ pub mod tests {
                     SharedSecretKey::new(&[56; 32], &recipient_keys.ivk()),
                 ),
             ],
-            &[(sender_keys.nsk, (0, vec![]))],
+            &[sender_keys.nsk],
+            &[(0, vec![])],
             &program,
         );
 
@@ -1463,7 +1470,8 @@ pub mod tests {
             &[1, 2],
             &[0xdeadbeef1, 0xdeadbeef2],
             &private_account_keys,
-            &[(sender_keys.nsk, (0, vec![]))],
+            &[sender_keys.nsk],
+            &[(0, vec![])],
             &program,
         );
 
@@ -1488,7 +1496,7 @@ pub mod tests {
             AccountWithMetadata::new(Account::default(), false, &recipient_keys.npk());
 
         // Setting no auth key for an execution with one non default private accounts.
-        let private_account_auth = [];
+        let private_account_nsks = [];
         let result = execute_and_prove(
             &[private_account_1, private_account_2],
             &Program::serialize_instruction(10u128).unwrap(),
@@ -1504,7 +1512,8 @@ pub mod tests {
                     SharedSecretKey::new(&[56; 32], &recipient_keys.ivk()),
                 ),
             ],
-            &private_account_auth,
+            &private_account_nsks,
+            &[],
             &program,
         );
 
@@ -1540,19 +1549,20 @@ pub mod tests {
                 SharedSecretKey::new(&[56; 32], &recipient_keys.ivk()),
             ),
         ];
-        let private_account_auth = [
-            // Setting the recipient key to authorize the sender.
-            // This should be set to the sender private account in
-            // a normal circumstance. The recipient can't authorize this.
-            (recipient_keys.nsk, (0, vec![])),
-        ];
+
+        // Setting the recipient key to authorize the sender.
+        // This should be set to the sender private account in
+        // a normal circumstance. The recipient can't authorize this.
+        let private_account_nsks = [recipient_keys.nsk];
+        let private_account_membership_proofs = [(0, vec![])];
         let result = execute_and_prove(
             &[private_account_1, private_account_2],
             &Program::serialize_instruction(10u128).unwrap(),
             &[1, 2],
             &[0xdeadbeef1, 0xdeadbeef2],
             &private_account_keys,
-            &private_account_auth,
+            &private_account_nsks,
+            &private_account_membership_proofs,
             &program,
         );
 
@@ -1598,7 +1608,8 @@ pub mod tests {
                     SharedSecretKey::new(&[56; 32], &recipient_keys.ivk()),
                 ),
             ],
-            &[(sender_keys.nsk, (0, vec![]))],
+            &[sender_keys.nsk],
+            &[(0, vec![])],
             &program,
         );
 
@@ -1645,7 +1656,8 @@ pub mod tests {
                     SharedSecretKey::new(&[56; 32], &recipient_keys.ivk()),
                 ),
             ],
-            &[(sender_keys.nsk, (0, vec![]))],
+            &[sender_keys.nsk],
+            &[(0, vec![])],
             &program,
         );
 
@@ -1691,7 +1703,8 @@ pub mod tests {
                     SharedSecretKey::new(&[56; 32], &recipient_keys.ivk()),
                 ),
             ],
-            &[(sender_keys.nsk, (0, vec![]))],
+            &[sender_keys.nsk],
+            &[(0, vec![])],
             &program,
         );
 
@@ -1737,7 +1750,8 @@ pub mod tests {
                     SharedSecretKey::new(&[56; 32], &recipient_keys.ivk()),
                 ),
             ],
-            &[(sender_keys.nsk, (0, vec![]))],
+            &[sender_keys.nsk],
+            &[(0, vec![])],
             &program,
         );
 
@@ -1781,7 +1795,8 @@ pub mod tests {
                     SharedSecretKey::new(&[56; 32], &recipient_keys.ivk()),
                 ),
             ],
-            &[(sender_keys.nsk, (0, vec![]))],
+            &[sender_keys.nsk],
+            &[(0, vec![])],
             &program,
         );
 
@@ -1811,6 +1826,7 @@ pub mod tests {
             &[],
             &[],
             &[],
+            &[],
             &program,
         );
 
@@ -1852,7 +1868,8 @@ pub mod tests {
                     SharedSecretKey::new(&[56; 32], &recipient_keys.ivk()),
                 ),
             ],
-            &[(sender_keys.nsk, (0, vec![]))],
+            &[sender_keys.nsk],
+            &[(0, vec![])],
             &program,
         );
 
@@ -1898,7 +1915,8 @@ pub mod tests {
             &[1, 2],
             &[0xdeadbeef1, 0xdeadbeef2],
             &private_account_keys,
-            &[(sender_keys.nsk, (0, vec![]))],
+            &[sender_keys.nsk],
+            &[(0, vec![])],
             &program,
         );
 
@@ -1925,10 +1943,8 @@ pub mod tests {
         // Setting two private account keys for a circuit execution with only one non default
         // private account (visibility mask equal to 1 means that auth keys are expected).
         let visibility_mask = [1, 2];
-        let private_account_auth = [
-            (sender_keys.nsk, (0, vec![])),
-            (recipient_keys.nsk, (1, vec![])),
-        ];
+        let private_account_nsks = [sender_keys.nsk, recipient_keys.nsk];
+        let private_account_membership_proofs = [(0, vec![]), (1, vec![])];
         let result = execute_and_prove(
             &[private_account_1, private_account_2],
             &Program::serialize_instruction(10u128).unwrap(),
@@ -1944,7 +1960,8 @@ pub mod tests {
                     SharedSecretKey::new(&[56; 32], &recipient_keys.ivk()),
                 ),
             ],
-            &private_account_auth,
+            &private_account_nsks,
+            &private_account_membership_proofs,
             &program,
         );
 
@@ -2021,10 +2038,8 @@ pub mod tests {
         );
 
         let visibility_mask = [1, 1];
-        let private_account_auth = [
-            (sender_keys.nsk, (1, vec![])),
-            (sender_keys.nsk, (1, vec![])),
-        ];
+        let private_account_nsks = [sender_keys.nsk, sender_keys.nsk];
+        let private_account_membership_proofs = [(1, vec![]), (1, vec![])];
         let shared_secret = SharedSecretKey::new(&[55; 32], &sender_keys.ivk());
         let result = execute_and_prove(
             &[private_account_1.clone(), private_account_1],
@@ -2035,7 +2050,8 @@ pub mod tests {
                 (sender_keys.npk(), shared_secret.clone()),
                 (sender_keys.npk(), shared_secret),
             ],
-            &private_account_auth,
+            &private_account_nsks,
+            &private_account_membership_proofs,
             &program,
         );
 
diff --git a/wallet/src/pinata_interactions.rs b/wallet/src/pinata_interactions.rs
index 6e3e5ce..19040d2 100644
--- a/wallet/src/pinata_interactions.rs
+++ b/wallet/src/pinata_interactions.rs
@@ -58,7 +58,8 @@ impl WalletCore {
             &[0, 1],
             &produce_random_nonces(1),
             &[(winner_npk.clone(), shared_secret_winner.clone())],
-            &[(winner_nsk.unwrap(), winner_proof)],
+            &[winner_nsk.unwrap()],
+            &[winner_proof],
             &program,
         )
         .unwrap();
@@ -125,6 +126,7 @@ impl WalletCore {
             &produce_random_nonces(1),
             &[(winner_npk.clone(), shared_secret_winner.clone())],
             &[],
+            &[],
             &program,
         )
         .unwrap();