wip

2026-01-02 13:23:10 +00:00 · 2025-11-06 19:35:47 -03:00 · 2025-11-06 19:35:47 -03:00 · dfd45c8678
commit dfd45c8678
parent 5e22357f9a
5 changed files with 63 additions and 54 deletions
--- a/nssa/core/src/circuit_io.rs
+++ b/nssa/core/src/circuit_io.rs
@ -10,7 +10,7 @@ use crate::{

 #[derive(Serialize, Deserialize)]
 pub struct PrivacyPreservingCircuitInput {
-    pub program_output: ProgramOutput,
+    pub program_outputs: Vec<ProgramOutput>,
    pub visibility_mask: Vec<u8>,
    pub private_account_nonces: Vec<Nonce>,
    pub private_account_keys: Vec<(NullifierPublicKey, SharedSecretKey)>,
--- a/nssa/program_methods/guest/src/bin/privacy_preserving_circuit.rs
+++ b/nssa/program_methods/guest/src/bin/privacy_preserving_circuit.rs
@ -3,17 +3,12 @@ use std::collections::HashSet;
 use risc0_zkvm::{guest::env, serde::to_vec};

 use nssa_core::{
-    Commitment, CommitmentSetDigest, DUMMY_COMMITMENT_HASH, EncryptionScheme,
-    Nullifier, NullifierPublicKey, PrivacyPreservingCircuitInput, PrivacyPreservingCircuitOutput,
-    account::{Account, AccountId, AccountWithMetadata},
-    compute_digest_for_path,
-    encryption::Ciphertext,
-    program::{DEFAULT_PROGRAM_ID, ProgramOutput, validate_execution},
+    account::{Account, AccountId, AccountWithMetadata}, compute_digest_for_path, encryption::Ciphertext, program::{validate_execution, ProgramId, ProgramOutput, DEFAULT_PROGRAM_ID}, Commitment, CommitmentSetDigest, EncryptionScheme, Nullifier, NullifierPublicKey, PrivacyPreservingCircuitInput, PrivacyPreservingCircuitOutput, DUMMY_COMMITMENT_HASH
 };

 fn main() {
    let PrivacyPreservingCircuitInput {
-        program_output,
+        program_outputs,
        visibility_mask,
        private_account_nonces,
        private_account_keys,
@ -21,9 +16,43 @@ fn main() {
        program_id,
    } = env::read();

-    // Check that `program_output` is consistent with the execution of the corresponding program.
-    env::verify(program_id, &to_vec(&program_output).unwrap()).unwrap();
+    // These lists will be the public outputs of this circuit
+    // and will be populated next.
+    let mut public_pre_states: Vec<AccountWithMetadata> = Vec::new();
+    let mut public_post_states: Vec<Account> = Vec::new();
+    let mut ciphertexts: Vec<Ciphertext> = Vec::new();
+    let mut new_commitments: Vec<Commitment> = Vec::new();
+    let mut new_nullifiers: Vec<(Nullifier, CommitmentSetDigest)> = Vec::new();

+    for program_output in program_outputs.iter() {
+        // Check that `program_output` is consistent with the execution of the corresponding program.
+        env::verify(program_id, &to_vec(program_output).unwrap()).unwrap();
+    }
+
+    if private_nonces_iter.next().is_some() {
+        panic!("Too many nonces.");
+    }
+
+    if private_keys_iter.next().is_some() {
+        panic!("Too many private account keys.");
+    }
+
+    if private_auth_iter.next().is_some() {
+        panic!("Too many private account authentication keys.");
+    }
+
+    let output = PrivacyPreservingCircuitOutput {
+        public_pre_states,
+        public_post_states,
+        ciphertexts,
+        new_commitments,
+        new_nullifiers,
+    };
+
+    env::commit(&output);
+}
+
+fn validate_program_execution(program_output: &ProgramOutput, program_id: ProgramId) {
    let ProgramOutput {
        pre_states,
        post_states,
@ -51,14 +80,6 @@ fn main() {
        panic!("Invalid visibility mask length");
    }

-    // These lists will be the public outputs of this circuit
-    // and will be populated next.
-    let mut public_pre_states: Vec<AccountWithMetadata> = Vec::new();
-    let mut public_post_states: Vec<Account> = Vec::new();
-    let mut ciphertexts: Vec<Ciphertext> = Vec::new();
-    let mut new_commitments: Vec<Commitment> = Vec::new();
-    let mut new_nullifiers: Vec<(Nullifier, CommitmentSetDigest)> = Vec::new();
-
    let mut private_nonces_iter = private_account_nonces.iter();
    let mut private_keys_iter = private_account_keys.iter();
    let mut private_auth_iter = private_account_auth.iter();
@ -152,28 +173,6 @@ fn main() {
            _ => panic!("Invalid visibility mask value"),
        }
    }
-
-    if private_nonces_iter.next().is_some() {
-        panic!("Too many nonces.");
-    }
-
-    if private_keys_iter.next().is_some() {
-        panic!("Too many private account keys.");
-    }
-
-    if private_auth_iter.next().is_some() {
-        panic!("Too many private account authentication keys.");
-    }
-
-    let output = PrivacyPreservingCircuitOutput {
-        public_pre_states,
-        public_post_states,
-        ciphertexts,
-        new_commitments,
-        new_nullifiers,
-    };
-
-    env::commit(&output);
 }

 fn validate_uniqueness_of_account_ids(pre_states: &[AccountWithMetadata]) -> bool {
--- a/nssa/src/privacy_preserving_transaction/circuit.rs
+++ b/nssa/src/privacy_preserving_transaction/circuit.rs
@ -6,7 +6,7 @@ use nssa_core::{
 };
 use risc0_zkvm::{ExecutorEnv, InnerReceipt, Receipt, default_prover};

-use crate::{error::NssaError, program::Program};
+use crate::{error::NssaError, program::Program, state::MAX_NUMBER_CHAINED_CALLS};

 use crate::program_methods::{PRIVACY_PRESERVING_CIRCUIT_ELF, PRIVACY_PRESERVING_CIRCUIT_ID};

@ -25,15 +25,29 @@ pub fn execute_and_prove(
    private_account_auth: &[(NullifierSecretKey, MembershipProof)],
    program: &Program,
 ) -> Result<(PrivacyPreservingCircuitOutput, Proof), NssaError> {
-    let inner_receipt = execute_and_prove_program(program, pre_states, instruction_data)?;
+    let mut env_builder = ExecutorEnv::builder();
+    let mut program_outputs = Vec::new();
+    for _i in 0..MAX_NUMBER_CHAINED_CALLS {
+        let inner_receipt = execute_and_prove_program(program, pre_states, instruction_data)?;

-    let program_output: ProgramOutput = inner_receipt
-        .journal
-        .decode()
-        .map_err(|e| NssaError::ProgramOutputDeserializationError(e.to_string()))?;
+        let program_output: ProgramOutput = inner_receipt
+            .journal
+            .decode()
+            .map_err(|e| NssaError::ProgramOutputDeserializationError(e.to_string()))?;
+
+        // TODO: remove clone
+        program_outputs.push(program_output.clone());
+
+        // Prove circuit.
+        env_builder.add_assumption(inner_receipt);
+
+        if program_output.chained_call.is_none() {
+            break;
+        }
+    }

    let circuit_input = PrivacyPreservingCircuitInput {
-        program_output,
+        program_outputs,
        visibility_mask: visibility_mask.to_vec(),
        private_account_nonces: private_account_nonces.to_vec(),
        private_account_keys: private_account_keys.to_vec(),
@ -41,9 +55,6 @@ pub fn execute_and_prove(
        program_id: program.id(),
    };

-    // Prove circuit.
-    let mut env_builder = ExecutorEnv::builder();
-    env_builder.add_assumption(inner_receipt);
    env_builder.write(&circuit_input).unwrap();
    let env = env_builder.build().unwrap();
    let prover = default_prover();
--- a/nssa/src/public_transaction/transaction.rs
+++ b/nssa/src/public_transaction/transaction.rs
@ -8,9 +8,7 @@ use nssa_core::{
 use sha2::{Digest, digest::FixedOutput};

 use crate::{
-    V02State,
-    error::NssaError,
-    public_transaction::{Message, WitnessSet},
+    error::NssaError, public_transaction::{Message, WitnessSet}, state::MAX_NUMBER_CHAINED_CALLS, V02State
 };

 #[derive(Debug, Clone, PartialEq, Eq)]
@ -18,7 +16,6 @@ pub struct PublicTransaction {
    message: Message,
    witness_set: WitnessSet,
 }
-const MAX_NUMBER_CHAINED_CALLS: usize = 10;

 impl PublicTransaction {
    pub fn new(message: Message, witness_set: WitnessSet) -> Self {
--- a/nssa/src/state.rs
+++ b/nssa/src/state.rs
@ -10,6 +10,8 @@ use nssa_core::{
 };
 use std::collections::{HashMap, HashSet};

+pub const MAX_NUMBER_CHAINED_CALLS: usize = 10;
+
 pub(crate) struct CommitmentSet {
    merkle_tree: MerkleTree,
    commitments: HashMap<Commitment, usize>,