# Solidity API ## IVerifier ### verifyProof ```solidity function verifyProof(uint256[2] a, uint256[2][2] b, uint256[2] c, uint256[2] input) external view returns (bool) ``` ## IPoseidonHasher ### hash ```solidity function hash(uint256 input) external pure returns (uint256 result) ``` Hashes the input using the Poseidon hash function, n = 2, second input is the constant 0 #### Parameters | Name | Type | Description | | ----- | ------- | ----------------- | | input | uint256 | The input to hash | ## PoseidonHasher ### Q ```solidity uint256 Q ``` ### C0 ```solidity uint256 C0 ``` ### C1 ```solidity uint256 C1 ``` ### C2 ```solidity uint256 C2 ``` ### C3 ```solidity uint256 C3 ``` ### C4 ```solidity uint256 C4 ``` ### C5 ```solidity uint256 C5 ``` ### C6 ```solidity uint256 C6 ``` ### C7 ```solidity uint256 C7 ``` ### C8 ```solidity uint256 C8 ``` ### C9 ```solidity uint256 C9 ``` ### C10 ```solidity uint256 C10 ``` ### C11 ```solidity uint256 C11 ``` ### C12 ```solidity uint256 C12 ``` ### C13 ```solidity uint256 C13 ``` ### C14 ```solidity uint256 C14 ``` ### C15 ```solidity uint256 C15 ``` ### C16 ```solidity uint256 C16 ``` ### C17 ```solidity uint256 C17 ``` ### C18 ```solidity uint256 C18 ``` ### C19 ```solidity uint256 C19 ``` ### C20 ```solidity uint256 C20 ``` ### C21 ```solidity uint256 C21 ``` ### C22 ```solidity uint256 C22 ``` ### C23 ```solidity uint256 C23 ``` ### C24 ```solidity uint256 C24 ``` ### C25 ```solidity uint256 C25 ``` ### C26 ```solidity uint256 C26 ``` ### C27 ```solidity uint256 C27 ``` ### C28 ```solidity uint256 C28 ``` ### C29 ```solidity uint256 C29 ``` ### C30 ```solidity uint256 C30 ``` ### C31 ```solidity uint256 C31 ``` ### C32 ```solidity uint256 C32 ``` ### C33 ```solidity uint256 C33 ``` ### C34 ```solidity uint256 C34 ``` ### C35 ```solidity uint256 C35 ``` ### C36 ```solidity uint256 C36 ``` ### C37 ```solidity uint256 C37 ``` ### C38 ```solidity uint256 C38 ``` ### C39 ```solidity uint256 C39 ``` ### C40 ```solidity uint256 C40 ``` ### C41 ```solidity uint256 C41 ``` ### C42 ```solidity uint256 C42 ``` ### C43 ```solidity uint256 C43 ``` ### C44 ```solidity uint256 C44 ``` ### C45 ```solidity uint256 C45 ``` ### C46 ```solidity uint256 C46 ``` ### C47 ```solidity uint256 C47 ``` ### C48 ```solidity uint256 C48 ``` ### C49 ```solidity uint256 C49 ``` ### C50 ```solidity uint256 C50 ``` ### C51 ```solidity uint256 C51 ``` ### C52 ```solidity uint256 C52 ``` ### C53 ```solidity uint256 C53 ``` ### C54 ```solidity uint256 C54 ``` ### C55 ```solidity uint256 C55 ``` ### C56 ```solidity uint256 C56 ``` ### C57 ```solidity uint256 C57 ``` ### C58 ```solidity uint256 C58 ``` ### C59 ```solidity uint256 C59 ``` ### C60 ```solidity uint256 C60 ``` ### C61 ```solidity uint256 C61 ``` ### C62 ```solidity uint256 C62 ``` ### C63 ```solidity uint256 C63 ``` ### C64 ```solidity uint256 C64 ``` ### C65 ```solidity uint256 C65 ``` ### C66 ```solidity uint256 C66 ``` ### C67 ```solidity uint256 C67 ``` ### C68 ```solidity uint256 C68 ``` ### C69 ```solidity uint256 C69 ``` ### C70 ```solidity uint256 C70 ``` ### C71 ```solidity uint256 C71 ``` ### C72 ```solidity uint256 C72 ``` ### C73 ```solidity uint256 C73 ``` ### C74 ```solidity uint256 C74 ``` ### C75 ```solidity uint256 C75 ``` ### C76 ```solidity uint256 C76 ``` ### C77 ```solidity uint256 C77 ``` ### C78 ```solidity uint256 C78 ``` ### C79 ```solidity uint256 C79 ``` ### C80 ```solidity uint256 C80 ``` ### C81 ```solidity uint256 C81 ``` ### C82 ```solidity uint256 C82 ``` ### C83 ```solidity uint256 C83 ``` ### C84 ```solidity uint256 C84 ``` ### C85 ```solidity uint256 C85 ``` ### C86 ```solidity uint256 C86 ``` ### C87 ```solidity uint256 C87 ``` ### C88 ```solidity uint256 C88 ``` ### C89 ```solidity uint256 C89 ``` ### C90 ```solidity uint256 C90 ``` ### C91 ```solidity uint256 C91 ``` ### C92 ```solidity uint256 C92 ``` ### C93 ```solidity uint256 C93 ``` ### C94 ```solidity uint256 C94 ``` ### C95 ```solidity uint256 C95 ``` ### C96 ```solidity uint256 C96 ``` ### C97 ```solidity uint256 C97 ``` ### C98 ```solidity uint256 C98 ``` ### C99 ```solidity uint256 C99 ``` ### C100 ```solidity uint256 C100 ``` ### C101 ```solidity uint256 C101 ``` ### C102 ```solidity uint256 C102 ``` ### C103 ```solidity uint256 C103 ``` ### C104 ```solidity uint256 C104 ``` ### C105 ```solidity uint256 C105 ``` ### C106 ```solidity uint256 C106 ``` ### C107 ```solidity uint256 C107 ``` ### C108 ```solidity uint256 C108 ``` ### C109 ```solidity uint256 C109 ``` ### C110 ```solidity uint256 C110 ``` ### C111 ```solidity uint256 C111 ``` ### C112 ```solidity uint256 C112 ``` ### C113 ```solidity uint256 C113 ``` ### C114 ```solidity uint256 C114 ``` ### C115 ```solidity uint256 C115 ``` ### C116 ```solidity uint256 C116 ``` ### C117 ```solidity uint256 C117 ``` ### C118 ```solidity uint256 C118 ``` ### C119 ```solidity uint256 C119 ``` ### C120 ```solidity uint256 C120 ``` ### C121 ```solidity uint256 C121 ``` ### C122 ```solidity uint256 C122 ``` ### C123 ```solidity uint256 C123 ``` ### C124 ```solidity uint256 C124 ``` ### C125 ```solidity uint256 C125 ``` ### C126 ```solidity uint256 C126 ``` ### C127 ```solidity uint256 C127 ``` ### M00 ```solidity uint256 M00 ``` ### M01 ```solidity uint256 M01 ``` ### M10 ```solidity uint256 M10 ``` ### M11 ```solidity uint256 M11 ``` ### hash ```solidity function hash(uint256 input) external pure returns (uint256 result) ``` Hashes the input using the Poseidon hash function, n = 2, second input is the constant 0 #### Parameters | Name | Type | Description | | ----- | ------- | ----------------- | | input | uint256 | The input to hash | ### \_hash ```solidity function _hash(uint256 input) internal pure returns (uint256 result) ``` ## FullTree ```solidity error FullTree() ``` The tree is full ## InsufficientDeposit ```solidity error InsufficientDeposit(uint256 required, uint256 provided) ``` Invalid deposit amount ### Parameters | Name | Type | Description | | -------- | ------- | --------------------------- | | required | uint256 | The required deposit amount | | provided | uint256 | The provided deposit amount | ## DuplicateIdCommitment ```solidity error DuplicateIdCommitment() ``` Member is already registered ## InvalidReceiverAddress ```solidity error InvalidReceiverAddress(address to) ``` Invalid receiver address, when the receiver is the contract itself or 0x0 ## MemberNotRegistered ```solidity error MemberNotRegistered(uint256 idCommitment) ``` Member is not registered ## MemberHasNoStake ```solidity error MemberHasNoStake(uint256 idCommitment) ``` Member has no stake ## InsufficientWithdrawalBalance ```solidity error InsufficientWithdrawalBalance() ``` User has insufficient balance to withdraw ## InsufficientContractBalance ```solidity error InsufficientContractBalance() ``` Contract has insufficient balance to return ## InvalidProof ```solidity error InvalidProof() ``` Invalid proof ## RLN ### MEMBERSHIP_DEPOSIT ```solidity uint256 MEMBERSHIP_DEPOSIT ``` The deposit amount required to register as a member ### DEPTH ```solidity uint256 DEPTH ``` The depth of the merkle tree ### SET_SIZE ```solidity uint256 SET_SIZE ``` The size of the merkle tree, i.e 2^depth ### idCommitmentIndex ```solidity uint256 idCommitmentIndex ``` The index of the next member to be registered ### stakedAmounts ```solidity mapping(uint256 => uint256) stakedAmounts ``` The amount of eth staked by each member maps from idCommitment to the amount staked ### members ```solidity mapping(uint256 => uint256) members ``` The membership status of each member maps from idCommitment to their index in the set ### withdrawalBalance ```solidity mapping(address => uint256) withdrawalBalance ``` The balance of each user that can be withdrawn ### poseidonHasher ```solidity contract IPoseidonHasher poseidonHasher ``` The Poseidon hasher contract ### verifier ```solidity contract IVerifier verifier ``` The groth16 verifier contract ### MemberRegistered ```solidity event MemberRegistered(uint256 idCommitment, uint256 index) ``` Emitted when a new member is added to the set #### Parameters | Name | Type | Description | | ------------ | ------- | ---------------------------------- | | idCommitment | uint256 | The idCommitment of the member | | index | uint256 | The index of the member in the set | ### MemberWithdrawn ```solidity event MemberWithdrawn(uint256 idCommitment, uint256 index) ``` Emitted when a member is removed from the set #### Parameters | Name | Type | Description | | ------------ | ------- | ---------------------------------- | | idCommitment | uint256 | The idCommitment of the member | | index | uint256 | The index of the member in the set | ### constructor ```solidity constructor(uint256 membershipDeposit, uint256 depth, address _poseidonHasher, address _verifier) public ``` ### register ```solidity function register(uint256 idCommitment) external payable ``` Allows a user to register as a member #### Parameters | Name | Type | Description | | ------------ | ------- | ------------------------------ | | idCommitment | uint256 | The idCommitment of the member | ### \_register ```solidity function _register(uint256 idCommitment, uint256 stake) internal ``` Registers a member #### Parameters | Name | Type | Description | | ------------ | ------- | -------------------------------------- | | idCommitment | uint256 | The idCommitment of the member | | stake | uint256 | The amount of eth staked by the member | ### slash ```solidity function slash(uint256 idCommitment, address payable receiver, uint256[8] proof) external ``` _Allows a user to slash a member_ #### Parameters | Name | Type | Description | | ------------ | --------------- | ------------------------------ | | idCommitment | uint256 | The idCommitment of the member | | receiver | address payable | | | proof | uint256[8] | | ### \_slash ```solidity function _slash(uint256 idCommitment, address payable receiver, uint256[8] proof) internal ``` _Slashes a member by removing them from the set, and adding their stake to the receiver's available withdrawal balance_ #### Parameters | Name | Type | Description | | ------------ | --------------- | -------------------------------- | | idCommitment | uint256 | The idCommitment of the member | | receiver | address payable | The address to receive the funds | | proof | uint256[8] | | ### withdraw ```solidity function withdraw() external ``` Allows a user to withdraw funds allocated to them upon slashing a member ### hash ```solidity function hash(uint256 input) internal view returns (uint256) ``` Hashes a value using the Poseidon hasher NOTE: The variant of Poseidon we use accepts only 1 input, assume n=2, and the second input is 0 #### Parameters | Name | Type | Description | | ----- | ------- | ----------------- | | input | uint256 | The value to hash | ### \_verifyProof ```solidity function _verifyProof(uint256 idCommitment, address receiver, uint256[8] proof) internal view returns (bool) ``` _Groth16 proof verification_ ## Pairing ### G1Point ```solidity struct G1Point { uint256 X; uint256 Y; } ``` ### G2Point ```solidity struct G2Point { uint256[2] X; uint256[2] Y; } ``` ### P1 ```solidity function P1() internal pure returns (struct Pairing.G1Point) ``` #### Return Values | Name | Type | Description | | ---- | ---------------------- | ------------------- | | [0] | struct Pairing.G1Point | the generator of G1 | ### P2 ```solidity function P2() internal pure returns (struct Pairing.G2Point) ``` #### Return Values | Name | Type | Description | | ---- | ---------------------- | ------------------- | | [0] | struct Pairing.G2Point | the generator of G2 | ### negate ```solidity function negate(struct Pairing.G1Point p) internal pure returns (struct Pairing.G1Point r) ``` #### Return Values | Name | Type | Description | | ---- | ---------------------- | -------------------------------------------------------------- | | r | struct Pairing.G1Point | the negation of p, i.e. p.addition(p.negate()) should be zero. | ### addition ```solidity function addition(struct Pairing.G1Point p1, struct Pairing.G1Point p2) internal view returns (struct Pairing.G1Point r) ``` #### Return Values | Name | Type | Description | | ---- | ---------------------- | --------------------------- | | r | struct Pairing.G1Point | the sum of two points of G1 | ### scalar_mul ```solidity function scalar_mul(struct Pairing.G1Point p, uint256 s) internal view returns (struct Pairing.G1Point r) ``` #### Return Values | Name | Type | Description | | ---- | ---------------------- | --------------------------------------------------------------------------------------------------------------------------- | | r | struct Pairing.G1Point | the product of a point on G1 and a scalar, i.e. p == p.scalar_mul(1) and p.addition(p) == p.scalar_mul(2) for all points p. | ### pairing ```solidity function pairing(struct Pairing.G1Point[] p1, struct Pairing.G2Point[] p2) internal view returns (bool) ``` #### Return Values | Name | Type | Description | | ---- | ---- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | [0] | bool | the result of computing the pairing check e(p1[0], p2[0]) _ .... _ e(p1[n], p2[n]) == 1 For example pairing([P1(), P1().negate()], [P2(), P2()]) should return true. | ### pairingProd2 ```solidity function pairingProd2(struct Pairing.G1Point a1, struct Pairing.G2Point a2, struct Pairing.G1Point b1, struct Pairing.G2Point b2) internal view returns (bool) ``` Convenience method for a pairing check for two pairs. ### pairingProd3 ```solidity function pairingProd3(struct Pairing.G1Point a1, struct Pairing.G2Point a2, struct Pairing.G1Point b1, struct Pairing.G2Point b2, struct Pairing.G1Point c1, struct Pairing.G2Point c2) internal view returns (bool) ``` Convenience method for a pairing check for three pairs. ### pairingProd4 ```solidity function pairingProd4(struct Pairing.G1Point a1, struct Pairing.G2Point a2, struct Pairing.G1Point b1, struct Pairing.G2Point b2, struct Pairing.G1Point c1, struct Pairing.G2Point c2, struct Pairing.G1Point d1, struct Pairing.G2Point d2) internal view returns (bool) ``` Convenience method for a pairing check for four pairs. ## Verifier ### VerifyingKey ```solidity struct VerifyingKey { struct Pairing.G1Point alfa1; struct Pairing.G2Point beta2; struct Pairing.G2Point gamma2; struct Pairing.G2Point delta2; struct Pairing.G1Point[] IC; } ``` ### Proof ```solidity struct Proof { struct Pairing.G1Point A; struct Pairing.G2Point B; struct Pairing.G1Point C; } ``` ### verifyingKey ```solidity function verifyingKey() internal pure returns (struct Verifier.VerifyingKey vk) ``` ### verify ```solidity function verify(uint256[] input, struct Verifier.Proof proof) internal view returns (uint256) ``` ### verifyProof ```solidity function verifyProof(uint256[2] a, uint256[2][2] b, uint256[2] c, uint256[2] input) public view returns (bool r) ``` #### Return Values | Name | Type | Description | | ---- | ---- | --------------------------- | | r | bool | bool true if proof is valid |