diff --git a/goas/cl/cl/src/input.rs b/goas/cl/cl/src/input.rs index b1b9209..c2a4ff2 100644 --- a/goas/cl/cl/src/input.rs +++ b/goas/cl/cl/src/input.rs @@ -66,7 +66,7 @@ impl InputWitness { } pub fn nullifier(&self) -> Nullifier { - Nullifier::new(self.nf_sk, self.nonce) + Nullifier::new(self.nf_sk, self.nonce, self.note_commitment()) } pub fn commit(&self) -> Input { diff --git a/goas/cl/cl/src/note.rs b/goas/cl/cl/src/note.rs index 18d0186..da8d520 100644 --- a/goas/cl/cl/src/note.rs +++ b/goas/cl/cl/src/note.rs @@ -1,3 +1,4 @@ +use rand_core::CryptoRngCore; use serde::{Deserialize, Serialize}; use sha2::{Digest, Sha256}; @@ -23,16 +24,20 @@ pub fn unit_point(unit: &str) -> Unit { } #[derive(Debug, Clone, Copy, PartialEq, Eq, PartialOrd, Ord, Hash, Serialize, Deserialize)] -pub struct NoteCommitment([u8; 32]); +pub struct NoteCommitment(pub [u8; 32]); impl NoteCommitment { + pub fn random(mut rng: impl CryptoRngCore) -> Self { + let mut cm = [0u8; 32]; + rng.fill_bytes(&mut cm); + Self(cm) + } + pub fn as_bytes(&self) -> &[u8; 32] { &self.0 } } -// TODO: Rename Note to NoteWitness and NoteCommitment to Note - #[derive(Debug, PartialEq, Eq, Clone, Copy, Serialize, Deserialize)] pub struct NoteWitness { pub value: u64, diff --git a/goas/cl/cl/src/nullifier.rs b/goas/cl/cl/src/nullifier.rs index e8ba99f..0f06476 100644 --- a/goas/cl/cl/src/nullifier.rs +++ b/goas/cl/cl/src/nullifier.rs @@ -9,6 +9,8 @@ use rand_core::RngCore; use serde::{Deserialize, Serialize}; use sha2::{Digest, Sha256}; +use crate::NoteCommitment; + // TODO: create a nullifier witness and use it throughout. // struct NullifierWitness { // nf_sk: NullifierSecret, @@ -102,11 +104,12 @@ impl NullifierNonce { } impl Nullifier { - pub fn new(sk: NullifierSecret, nonce: NullifierNonce) -> Self { + pub fn new(sk: NullifierSecret, nonce: NullifierNonce, note_cm: NoteCommitment) -> Self { let mut hasher = Sha256::new(); hasher.update(b"NOMOS_CL_NULLIFIER"); hasher.update(sk.0); hasher.update(nonce.0); + hasher.update(note_cm.0); let nf_bytes: [u8; 32] = hasher.finalize().into(); Self(nf_bytes) @@ -144,8 +147,24 @@ mod test { let sk = NullifierSecret::random(&mut rng); let nonce_1 = NullifierNonce::random(&mut rng); let nonce_2 = NullifierNonce::random(&mut rng); - let nf_1 = Nullifier::new(sk, nonce_1); - let nf_2 = Nullifier::new(sk, nonce_2); + let note_cm = NoteCommitment::random(&mut rng); + + let nf_1 = Nullifier::new(sk, nonce_1, note_cm); + let nf_2 = Nullifier::new(sk, nonce_2, note_cm); + + assert_ne!(nf_1, nf_2); + } + + #[test] + fn test_same_sk_same_nonce_different_note() { + let mut rng = rand::thread_rng(); + let sk = NullifierSecret::random(&mut rng); + let nonce = NullifierNonce::random(&mut rng); + let note_cm_1 = NoteCommitment::random(&mut rng); + let note_cm_2 = NoteCommitment::random(&mut rng); + + let nf_1 = Nullifier::new(sk, nonce, note_cm_1); + let nf_2 = Nullifier::new(sk, nonce, note_cm_2); assert_ne!(nf_1, nf_2); } diff --git a/goas/cl/ledger/src/input.rs b/goas/cl/ledger/src/input.rs index 1c3b9b1..b0c3498 100644 --- a/goas/cl/ledger/src/input.rs +++ b/goas/cl/ledger/src/input.rs @@ -128,6 +128,7 @@ mod test { nullifier: cl::Nullifier::new( cl::NullifierSecret::random(&mut rng), cl::NullifierNonce::random(&mut rng), + input.note_commitment(), ), ..expected_public_inputs.input },