chore: upgrade zerokit

2026-01-02 13:13:11 +00:00 · 2023-03-30 18:13:52 -04:00 · 2023-03-30 18:13:52 -04:00 · c72ffd302c
commit c72ffd302c
parent e1bed5294a
21 changed files with 190 additions and 108 deletions
--- a/libs/aarch64-apple-darwin/librln.a
+++ b/libs/aarch64-apple-darwin/librln.a
--- a/libs/aarch64-unknown-linux-gnu/librln.a
+++ b/libs/aarch64-unknown-linux-gnu/librln.a
--- a/libs/arm-unknown-linux-gnueabi/librln.a
+++ b/libs/arm-unknown-linux-gnueabi/librln.a
--- a/libs/arm-unknown-linux-gnueabihf/librln.a
+++ b/libs/arm-unknown-linux-gnueabihf/librln.a
--- a/libs/i686-unknown-linux-gnu/librln.a
+++ b/libs/i686-unknown-linux-gnu/librln.a
--- a/libs/x86_64-apple-darwin/librln.a
+++ b/libs/x86_64-apple-darwin/librln.a
--- a/libs/x86_64-pc-windows-gnu/librln.a
+++ b/libs/x86_64-pc-windows-gnu/librln.a
--- a/libs/x86_64-unknown-linux-gnu/librln.a
+++ b/libs/x86_64-unknown-linux-gnu/librln.a
--- a/libs/x86_64-unknown-linux-musl/librln.a
+++ b/libs/x86_64-unknown-linux-musl/librln.a
--- a/rln/librln.h
+++ b/rln/librln.h
@ -72,4 +72,17 @@ bool seeded_key_gen(const struct RLN *ctx,
                    const struct Buffer *input_buffer,
                    struct Buffer *output_buffer);

-bool hash(struct RLN *ctx, const struct Buffer *input_buffer, struct Buffer *output_buffer);
+bool extended_key_gen(const struct RLN *ctx, struct Buffer *output_buffer);
+
+bool seeded_extended_key_gen(const struct RLN *ctx,
+                             const struct Buffer *input_buffer,
+                             struct Buffer *output_buffer);
+
+bool recover_id_secret(const struct RLN *ctx,
+                       const struct Buffer *input_proof_buffer_1,
+                       const struct Buffer *input_proof_buffer_2,
+                       struct Buffer *output_buffer);
+
+bool hash(const struct Buffer *input_buffer, struct Buffer *output_buffer);
+
+bool poseidon_hash(const struct Buffer *input_buffer, struct Buffer *output_buffer);
--- a/rln/resources/bindata.go
+++ b/rln/resources/bindata.go
--- a/rln/resources/tree_height_20/rln.wasm
+++ b/rln/resources/tree_height_20/rln.wasm
--- a/rln/resources/tree_height_20/rln_final.zkey
+++ b/rln/resources/tree_height_20/rln_final.zkey
--- a/rln/resources/tree_height_20/verification_key.json
+++ b/rln/resources/tree_height_20/verification_key.json
@ -3,18 +3,18 @@
 "curve": "bn128",
 "nPublic": 6,
 "vk_alpha_1": [
-  "1805378556360488226980822394597799963030511477964155500103132920745199284516",
-  "11990395240534218699464972016456017378439762088320057798320175886595281336136",
+  "20124996762962216725442980738609010303800849578410091356605067053491763969391",
+  "9118593021526896828671519912099489027245924097793322973632351264852174143923",
  "1"
 ],
 "vk_beta_2": [
  [
-   "11031529986141021025408838211017932346992429731488270384177563837022796743627",
-   "16042159910707312759082561183373181639420894978640710177581040523252926273854"
+   "4693952934005375501364248788849686435240706020501681709396105298107971354382",
+   "14346958885444710485362620645446987998958218205939139994511461437152241966681"
  ],
  [
-   "20112698439519222240302944148895052359035104222313380895334495118294612255131",
-   "19441583024670359810872018179190533814486480928824742448673677460151702019379"
+   "16851772916911573982706166384196538392731905827088356034885868448550849804972",
+   "823612331030938060799959717749043047845343400798220427319188951998582076532"
  ],
  [
   "1",
@ -37,12 +37,12 @@
 ],
 "vk_delta_2": [
  [
-   "1948496782571164085469528023647105317580208688174386157591917599801657832035",
-   "20445814069256658101339037520922621162739470138213615104905368409238414511981"
+   "8353516066399360694538747105302262515182301251524941126222712285088022964076",
+   "9329524012539638256356482961742014315122377605267454801030953882967973561832"
  ],
  [
-   "10024680869920840984813249386422727863826862577760330492647062850849851925340",
-   "10512156247842686783409460795717734694774542185222602679117887145206209285142"
+   "16805391589556134376869247619848130874761233086443465978238468412168162326401",
+   "10111259694977636294287802909665108497237922060047080343914303287629927847739"
  ],
  [
   "1",
@ -52,67 +52,67 @@
 "vk_alphabeta_12": [
  [
   [
-    "5151991366823434428398919091000210787450832786814248297320989361921939794156",
-    "15735191313289001022885148627913534790382722933676436876510746491415970766821"
+    "12608968655665301215455851857466367636344427685631271961542642719683786103711",
+    "9849575605876329747382930567422916152871921500826003490242628251047652318086"
   ],
   [
-    "3387907257437913904447588318761906430938415556102110876587455322225272831272",
-    "1998779853452712881084781956683721603875246565720647583735935725110674288056"
+    "6322029441245076030714726551623552073612922718416871603535535085523083939021",
+    "8700115492541474338049149013125102281865518624059015445617546140629435818912"
   ],
   [
-    "14280074182991498185075387990446437410077692353432005297922275464876153151820",
-    "17092408446352310039633488224969232803092763095456307462247653153107223117633"
+    "10674973475340072635573101639867487770811074181475255667220644196793546640210",
+    "2926286967251299230490668407790788696102889214647256022788211245826267484824"
   ]
  ],
  [
   [
-    "4359046709531668109201634396816565829237358165496082832279660960675584351266",
-    "4511888308846208349307186938266411423935335853916317436093178288331845821336"
+    "9660441540778523475944706619139394922744328902833875392144658911530830074820",
+    "19548113127774514328631808547691096362144426239827206966690021428110281506546"
   ],
   [
-    "11429499807090785857812316277335883295048773373068683863667725283965356423273",
-    "16232274853200678548795010078253506586114563833318973594428907292096178657392"
+    "1870837942477655969123169532603615788122896469891695773961478956740992497097",
+    "12536105729661705698805725105036536744930776470051238187456307227425796690780"
   ],
   [
-    "18068999605870933925311275504102553573815570223888590384919752303726860800970",
-    "17309569111965782732372130116757295842160193489132771344011460471298173784984"
+    "21811903352654147452884857281720047789720483752548991551595462057142824037334",
+    "19021616763967199151052893283384285352200445499680068407023236283004353578353"
   ]
  ]
 ],
 "IC": [
  [
-   "18693301901828818437917730940595978397160482710354161265484535387752523310572",
-   "17985273354976640088538673802000794244421192643855111089693820179790551470769",
+   "11992897507809711711025355300535923222599547639134311050809253678876341466909",
+   "17181525095924075896332561978747020491074338784673526378866503154966799128110",
   "1"
  ],
  [
-   "21164641723988537620541455173278629777250883365474191521194244273980931825942",
-   "998385854410718613441067082771678946155853656328717326195057262123686425518",
+   "17018665030246167677911144513385572506766200776123272044534328594850561667818",
+   "18601114175490465275436712413925513066546725461375425769709566180981674884464",
   "1"
  ],
  [
-   "21666968581672145768705229094968410656430989593283335488162701230986314747515",
-   "17996457608540683483506630273632100555125353447506062045735279661096094677264",
+   "18799470100699658367834559797874857804183288553462108031963980039244731716542",
+   "13064227487174191981628537974951887429496059857753101852163607049188825592007",
   "1"
  ],
  [
-   "20137761979695192602424300886442379728165712610493092740175904438282083668117",
-   "19184814924890679891263780109959113289320127263583260218200636509492157834679",
+   "17432501889058124609368103715904104425610382063762621017593209214189134571156",
+   "13406815149699834788256141097399354592751313348962590382887503595131085938635",
   "1"
  ],
  [
-   "10943171273393803842589314082509655332154393332394322726077270895078286354146",
-   "10872472035685319847811233167729172672344935625121511932198535224727331126439",
+   "10320964835612716439094703312987075811498239445882526576970512041988148264481",
+   "9024164961646353611176283204118089412001502110138072989569118393359029324867",
   "1"
  ],
  [
-   "13049169779481227658517545034348883391527506091990880778783387628208561946597",
-   "10083689369261379027228809473568899816311684698866922944902456565434209079955",
+   "718355081067365548229685160476620267257521491773976402837645005858953849298",
+   "14635482993933988261008156660773180150752190597753512086153001683711587601974",
   "1"
  ],
  [
-   "19633516378466409167014413361365552102431118630694133723053441455184566611083",
-   "8059525100726933978719058611146131904598011633549012007359165766216730722269",
+   "11777720285956632126519898515392071627539405001940313098390150593689568177535",
+   "8483603647274280691250972408211651407952870456587066148445913156086740744515",
   "1"
  ]
 ]
--- a/rln/rln.go
+++ b/rln/rln.go
@ -7,6 +7,7 @@ import "C"
 import (
 	"encoding/binary"
 	"errors"
+	"fmt"
 	"unsafe"

 	"github.com/waku-org/go-zerokit-rln/rln/resources"
@ -92,26 +93,31 @@ func toCBufferPtr(input []byte) *C.Buffer {
 	return in
 }

-// MembershipKeyGen generates a MembershipKeyPair that can be used for the registration into the rln membership contract
-func (r *RLN) MembershipKeyGen() (*MembershipKeyPair, error) {
+// MembershipKeyGen generates a IdentityCredential that can be used for the
+// registration into the rln membership contract. Returns an error if the key generation fails
+func (r *RLN) MembershipKeyGen() (*IdentityCredential, error) {
 	buffer := toBuffer([]byte{})
-	if !bool(C.key_gen(r.ptr, &buffer)) {
+	if !bool(C.extended_key_gen(r.ptr, &buffer)) {
 		return nil, errors.New("error in key generation")
 	}

-	key := &MembershipKeyPair{
-		IDKey:        [32]byte{},
+	key := &IdentityCredential{
+		IDTrapdoor:   [32]byte{},
+		IDNullifier:  [32]byte{},
+		IDSecretHash: [32]byte{},
 		IDCommitment: [32]byte{},
 	}

 	// the public and secret keys together are 64 bytes
 	generatedKeys := C.GoBytes(unsafe.Pointer(buffer.ptr), C.int(buffer.len))
-	if len(generatedKeys) != 64 {
-		return nil, errors.New("the generated keys are invalid")
+	if len(generatedKeys) != 32*4 {
+		return nil, errors.New("generated keys are of invalid length")
 	}

-	copy(key.IDKey[:], generatedKeys[:32])
-	copy(key.IDCommitment[:], generatedKeys[32:64])
+	copy(key.IDTrapdoor[:], generatedKeys[:32])
+	copy(key.IDNullifier[:], generatedKeys[32:64])
+	copy(key.IDSecretHash[:], generatedKeys[64:96])
+	copy(key.IDCommitment[:], generatedKeys[96:128])

 	return key, nil
 }
@ -141,11 +147,7 @@ func sliceToPtr(slice []byte) (*C.uchar, C.int) {
 	}
 }

-// Hash hashes the plain text supplied in inputs_buffer and then maps it to a field element
-// this proc is used to map arbitrary signals to field element for the sake of proof generation
-// inputs holds the hash input as a byte slice, the output slice will contain a 32 byte slice
-func (r *RLN) Hash(data []byte) (MerkleNode, error) {
-	//  a thin layer on top of the Nim wrapper of the Poseidon hasher
+func (r *RLN) Sha256(data []byte) (MerkleNode, error) {
 	lenPrefData := appendLength(data)

 	hashInputBuffer := toCBufferPtr(lenPrefData)
@ -153,7 +155,7 @@ func (r *RLN) Hash(data []byte) (MerkleNode, error) {
 	var output []byte
 	out := toBuffer(output)

-	if !bool(C.hash(r.ptr, hashInputBuffer, &out)) {
+	if !bool(C.hash(hashInputBuffer, &out)) {
 		return MerkleNode{}, errors.New("failed to hash")
 	}

@ -165,11 +167,52 @@ func (r *RLN) Hash(data []byte) (MerkleNode, error) {
 	return result, nil
 }

+func (r *RLN) Poseidon(input ...[]byte) ([32]byte, error) {
+	data := serializeSlice(input)
+
+	inputLen := make([]byte, 8)
+	binary.LittleEndian.PutUint64(inputLen, uint64(len(input)))
+
+	lenPrefData := append(inputLen, data...)
+	hashInputBuffer := toCBufferPtr(lenPrefData)
+
+	var output []byte
+	out := toBuffer(output)
+
+	if !bool(C.poseidon_hash(hashInputBuffer, &out)) {
+		return [32]byte{}, errors.New("error in poseidon hash")
+	}
+
+	b := C.GoBytes(unsafe.Pointer(out.ptr), C.int(out.len))
+
+	var result [32]byte
+	copy(result[:], b)
+
+	return result, nil
+}
+
+func ExtractMetadata(proof RateLimitProof) (ProofMetadata, error) {
+
+	var r *RLN
+
+	externalNullifierRes, err := r.Poseidon(proof.Epoch[:], proof.RLNIdentifier[:])
+	if err != nil {
+		return ProofMetadata{}, fmt.Errorf("could not construct the external nullifier: %w", err)
+	}
+
+	return ProofMetadata{
+		Nullifier:         proof.Nullifier,
+		ShareX:            proof.ShareX,
+		ShareY:            proof.ShareY,
+		ExternalNullifier: externalNullifierRes,
+	}, nil
+}
+
 // GenerateProof generates a proof for the RLN given a KeyPair and the index in a merkle tree.
 // The output will containt the proof data and should be parsed as |proof<128>|root<32>|epoch<32>|share_x<32>|share_y<32>|nullifier<32>|
 // integers wrapped in <> indicate value sizes in bytes
-func (r *RLN) GenerateProof(data []byte, key MembershipKeyPair, index MembershipIndex, epoch Epoch) (*RateLimitProof, error) {
-	input := serialize(key.IDKey, index, epoch, data)
+func (r *RLN) GenerateProof(data []byte, key IdentityCredential, index MembershipIndex, epoch Epoch) (*RateLimitProof, error) {
+	input := serialize(key.IDSecretHash, index, epoch, data)
 	inputBuffer := toCBufferPtr(input)

 	var output []byte
@ -219,20 +262,15 @@ func (r *RLN) GenerateProof(data []byte, key MembershipKeyPair, index Membership
 	}, nil
 }

-// Verify verifies a proof generated for the RLN.
-// proof [ proof<128>| root<32>| epoch<32>| share_x<32>| share_y<32>| nullifier<32> | signal_len<8> | signal<var> ]
-func (r *RLN) Verify(data []byte, proof RateLimitProof) (bool, error) {
-	proofBytes := proof.serialize(data)
-	proofBuf := toCBufferPtr(proofBytes)
-	res := C.bool(false)
-	if !bool(C.verify_rln_proof(r.ptr, proofBuf, &res)) {
-		return false, errors.New("could not verify rln proof")
+func serialize32(roots [][32]byte) []byte {
+	var result []byte
+	for _, r := range roots {
+		result = append(result, r[:]...)
+	}
+	return result
 }

-	return bool(res), nil
-}
-
-func serializeRoots(roots [][32]byte) []byte {
+func serializeSlice(roots [][]byte) []byte {
 	var result []byte
 	for _, r := range roots {
 		result = append(result, r[:]...)
@ -257,11 +295,14 @@ func serializeCommitments(commitments []IDCommitment) []byte {
 	return result
 }

-func (r *RLN) VerifyWithRoots(data []byte, proof RateLimitProof, roots [][32]byte) (bool, error) {
+// proof [ proof<128>| root<32>| epoch<32>| share_x<32>| share_y<32>| nullifier<32> | signal_len<8> | signal<var> ]
+// validRoots should contain a sequence of roots in the acceptable windows.
+// As default, it is set to an empty sequence of roots. This implies that the validity check for the proof's root is skipped
+func (r *RLN) Verify(data []byte, proof RateLimitProof, roots ...[32]byte) (bool, error) {
 	proofBytes := proof.serialize(data)
 	proofBuf := toCBufferPtr(proofBytes)

-	rootBytes := serializeRoots(roots)
+	rootBytes := serialize32(roots)
 	rootBuf := toCBufferPtr(rootBytes)

 	res := C.bool(false)
@ -356,14 +397,14 @@ func CalcMerkleRoot(list []IDCommitment) (MerkleNode, error) {
 // CreateMembershipList produces a list of membership key pairs and also returns the root of a Merkle tree constructed
 // out of the identity commitment keys of the generated list. The output of this function is used to initialize a static
 // group keys (to test waku-rln-relay in the off-chain mode)
-func CreateMembershipList(n int) ([]MembershipKeyPair, MerkleNode, error) {
+func CreateMembershipList(n int) ([]IdentityCredential, MerkleNode, error) {
 	// initialize a Merkle tree
 	rln, err := NewRLN()
 	if err != nil {
 		return nil, MerkleNode{}, err
 	}

-	var output []MembershipKeyPair
+	var output []IdentityCredential
 	for i := 0; i < n; i++ {
 		// generate a keypair
 		keypair, err := rln.MembershipKeyGen()
--- a/rln/rln_test.go
+++ b/rln/rln_test.go
@ -23,12 +23,18 @@ func (s *RLNSuite) TestMembershipKeyGen() {

 	key, err := rln.MembershipKeyGen()
 	s.NoError(err)
-	s.Len(key.IDKey, 32)
+	s.Len(key.IDSecretHash, 32)
 	s.Len(key.IDCommitment, 32)
-	s.NotEmpty(key.IDKey)
+	s.Len(key.IDTrapdoor, 32)
+	s.Len(key.IDNullifier, 32)
+	s.NotEmpty(key.IDSecretHash)
 	s.NotEmpty(key.IDCommitment)
+	s.NotEmpty(key.IDTrapdoor)
+	s.NotEmpty(key.IDNullifier)
 	s.False(bytes.Equal(key.IDCommitment[:], make([]byte, 32)))
-	s.False(bytes.Equal(key.IDKey[:], make([]byte, 32)))
+	s.False(bytes.Equal(key.IDSecretHash[:], make([]byte, 32)))
+	s.False(bytes.Equal(key.IDTrapdoor[:], make([]byte, 32)))
+	s.False(bytes.Equal(key.IDNullifier[:], make([]byte, 32)))
 }

 func (s *RLNSuite) TestGetMerkleRoot() {
@ -119,13 +125,27 @@ func (s *RLNSuite) TestHash() {

 	// prepare the input
 	msg := []byte("Hello")
-	hash, err := rln.Hash(msg)
+	hash, err := rln.Sha256(msg)
 	s.NoError(err)

 	expectedHash, _ := hex.DecodeString("4c6ea217404bd5f10e243bac29dc4f1ec36bf4a41caba7b4c8075c54abb3321e")
 	s.Equal(expectedHash, hash[:])
 }

+func (s *RLNSuite) TestPoseidon() {
+	rln, err := NewRLN()
+	s.NoError(err)
+
+	// prepare the input
+	msg1, _ := hex.DecodeString("126f4c026cd731979365f79bd345a46d673c5a3f6f588bdc718e6356d02b6fdc")
+	msg2, _ := hex.DecodeString("1f0e5db2b69d599166ab16219a97b82b662085c93220382b39f9f911d3b943b1")
+	hash, err := rln.Poseidon(msg1, msg2)
+	s.NoError(err)
+
+	expectedHash, _ := hex.DecodeString("83e4a6b2dea68aad26f04f32f37ac1e018188a0056b158b2aa026d34266d1f30")
+	s.Equal(expectedHash, hash[:])
+}
+
 func (s *RLNSuite) TestCreateListMembershipKeysAndCreateMerkleTreeFromList() {
 	groupSize := 100
 	list, root, err := CreateMembershipList(groupSize)
@ -202,7 +222,7 @@ func (s *RLNSuite) TestValidProof() {
 	root, err := rln.GetMerkleRoot()
 	s.NoError(err)

-	verified, err = rln.VerifyWithRoots(msg, *proofRes, [][32]byte{root})
+	verified, err = rln.Verify(msg, *proofRes, root)
 	s.NoError(err)
 	s.True(verified)
 }
@ -233,6 +253,9 @@ func (s *RLNSuite) TestInvalidProof() {
 		}
 	}

+	root, err := rln.GetMerkleRoot()
+	s.NoError(err)
+
 	// prepare the message
 	msg := []byte("Hello")

@ -246,7 +269,7 @@ func (s *RLNSuite) TestInvalidProof() {
 	s.NoError(err)

 	// verify the proof (should not be verified)
-	verified, err := rln.Verify(msg, *proofRes)
+	verified, err := rln.Verify(msg, *proofRes, root)
 	s.NoError(err)
 	s.False(verified)
 }
--- a/rln/serialize.go
+++ b/rln/serialize.go
@ -6,7 +6,7 @@ import "encoding/binary"
 // this conversion is used in the proofGen function
 // the serialization is done as instructed in  https://github.com/kilic/rln/blob/7ac74183f8b69b399e3bc96c1ae8ab61c026dc43/src/public.rs#L146
 // [ id_key<32> | id_index<8> | epoch<32> | signal_len<8> | signal<var> ]
-func serialize(idKey IDKey, memIndex MembershipIndex, epoch Epoch, msg []byte) []byte {
+func serialize(idKey IDSecretHash, memIndex MembershipIndex, epoch Epoch, msg []byte) []byte {

 	memIndexBytes := make([]byte, 8)
 	binary.LittleEndian.PutUint64(memIndexBytes, uint64(memIndex))
--- a/rln/types.go
+++ b/rln/types.go
@ -6,12 +6,6 @@ import (
 	"time"
 )

-// IDKey is an identity key as defined in https://hackmd.io/tMTLMYmTR5eynw2lwK9n1w?view#Membership
-type IDKey = [32]byte
-
-// IDCommintment is hash of identity key as defined in https://hackmd.io/tMTLMYmTR5eynw2lwK9n1w?view#Membership
-type IDCommitment = [32]byte
-
 // Each node of the Merkle tee is a Poseidon hash which is a 32 byte value
 type MerkleNode = [32]byte

@ -21,12 +15,22 @@ type RLNIdentifier = [32]byte

 type ZKSNARK = [128]byte

-// Custom data types defined for waku rln relay -------------------------
+type IDTrapdoor = [32]byte

-type MembershipKeyPair = struct {
+type IDNullifier = [32]byte
+
+// identity key as defined in https://hackmd.io/tMTLMYmTR5eynw2lwK9n1w?view#Membership
+type IDSecretHash = [32]byte
+
+// IDCommitment is hash of identity key as defined in https://hackmd.io/tMTLMYmTR5eynw2lwK9n1w?view#Membership
+type IDCommitment = [32]byte
+
+type IdentityCredential = struct {
+	IDTrapdoor  IDTrapdoor  `json:"idTrapdoor"`
+	IDNullifier IDNullifier `json:"idNullifier"`
 	// user's identity key (a secret key) which is selected randomly
 	// see details in https://hackmd.io/tMTLMYmTR5eynw2lwK9n1w?view#Membership
-	IDKey IDKey `json:"idKey"`
+	IDSecretHash IDSecretHash `json:"idSecretHash"`
 	// hash of user's identity key generated by
 	// Poseidon hash function implemented in rln lib
 	// more details in https://hackmd.io/tMTLMYmTR5eynw2lwK9n1w?view#Membership
@ -60,10 +64,11 @@ type ProofMetadata struct {
 	Nullifier         Nullifier
 	ShareX            MerkleNode
 	ShareY            MerkleNode
+	ExternalNullifier Nullifier
 }

 func (p ProofMetadata) Equals(p2 ProofMetadata) bool {
-	return bytes.Equal(p.Nullifier[:], p2.Nullifier[:]) && bytes.Equal(p.ShareX[:], p2.ShareX[:]) && bytes.Equal(p.ShareY[:], p2.ShareY[:])
+	return bytes.Equal(p.Nullifier[:], p2.Nullifier[:]) && bytes.Equal(p.ShareX[:], p2.ShareX[:]) && bytes.Equal(p.ShareY[:], p2.ShareY[:]) && bytes.Equal(p.ExternalNullifier[:], p2.ExternalNullifier[:])
 }

 // the current implementation of the rln lib only supports a circuit for Merkle tree with depth 32
--- a/rln/utils.go
+++ b/rln/utils.go
@ -2,13 +2,13 @@ package rln

 import "encoding/hex"

-func toMembershipKeyPairs(groupKeys [][]string) ([]MembershipKeyPair, error) {
+func toMembershipKeyPairs(groupKeys [][]string) ([]IdentityCredential, error) {
 	// groupKeys is  sequence of membership key tuples in the form of (identity key, identity commitment) all in the hexadecimal format
 	// the toMembershipKeyPairs proc populates a sequence of MembershipKeyPairs using the supplied groupKeys

-	groupKeyPairs := []MembershipKeyPair{}
+	groupKeyPairs := []IdentityCredential{}
 	for _, pair := range groupKeys {
-		idKey, err := hex.DecodeString(pair[0])
+		idSecretHash, err := hex.DecodeString(pair[0])
 		if err != nil {
 			return nil, err
 		}
@ -17,7 +17,7 @@ func toMembershipKeyPairs(groupKeys [][]string) ([]MembershipKeyPair, error) {
 			return nil, err
 		}

-		groupKeyPairs = append(groupKeyPairs, MembershipKeyPair{IDKey: IDKey(Bytes32(idKey)), IDCommitment: IDCommitment(Bytes32(idCommitment))})
+		groupKeyPairs = append(groupKeyPairs, IdentityCredential{IDSecretHash: IDSecretHash(Bytes32(idSecretHash)), IDCommitment: IDCommitment(Bytes32(idCommitment))})
 	}

 	return groupKeyPairs, nil
--- a/scripts/build.sh
+++ b/scripts/build.sh
@ -21,7 +21,7 @@ cargo clean
 cross build --release --lib --target=aarch64-unknown-linux-gnu
 cross build --release --lib --target=arm-unknown-linux-gnueabi
 cross build --release --lib --target=arm-unknown-linux-gnueabihf
-cross build --release --lib --target=i686-pc-windows-gnu
+#cross build --release --lib --target=i686-pc-windows-gnu
 cross build --release --lib --target=i686-unknown-linux-gnu
 cross build --release --lib --target=x86_64-pc-windows-gnu
 cross build --release --lib --target=x86_64-unknown-linux-gnu
--- a/2
+++ b/2
@ -1 +1 @@
-Subproject commit 284e51483c73e956c2c318fe6f69d735412bdc08
+Subproject commit c319f32a1e4a3471554006523c90856a943b366e