16 KiB
16 KiB
Solidity API
IVerifier
verifyProof
function verifyProof(uint256[2] a, uint256[2][2] b, uint256[2] c, uint256[2] input) external view returns (bool)
IPoseidonHasher
hash
function hash(uint256 input) external pure returns (uint256 result)
Hashes the input using the Poseidon hash function, n = 2, second input is the constant 0
Parameters
| Name | Type | Description |
|---|---|---|
| input | uint256 | The input to hash |
PoseidonHasher
Q
uint256 Q
C0
uint256 C0
C1
uint256 C1
C2
uint256 C2
C3
uint256 C3
C4
uint256 C4
C5
uint256 C5
C6
uint256 C6
C7
uint256 C7
C8
uint256 C8
C9
uint256 C9
C10
uint256 C10
C11
uint256 C11
C12
uint256 C12
C13
uint256 C13
C14
uint256 C14
C15
uint256 C15
C16
uint256 C16
C17
uint256 C17
C18
uint256 C18
C19
uint256 C19
C20
uint256 C20
C21
uint256 C21
C22
uint256 C22
C23
uint256 C23
C24
uint256 C24
C25
uint256 C25
C26
uint256 C26
C27
uint256 C27
C28
uint256 C28
C29
uint256 C29
C30
uint256 C30
C31
uint256 C31
C32
uint256 C32
C33
uint256 C33
C34
uint256 C34
C35
uint256 C35
C36
uint256 C36
C37
uint256 C37
C38
uint256 C38
C39
uint256 C39
C40
uint256 C40
C41
uint256 C41
C42
uint256 C42
C43
uint256 C43
C44
uint256 C44
C45
uint256 C45
C46
uint256 C46
C47
uint256 C47
C48
uint256 C48
C49
uint256 C49
C50
uint256 C50
C51
uint256 C51
C52
uint256 C52
C53
uint256 C53
C54
uint256 C54
C55
uint256 C55
C56
uint256 C56
C57
uint256 C57
C58
uint256 C58
C59
uint256 C59
C60
uint256 C60
C61
uint256 C61
C62
uint256 C62
C63
uint256 C63
C64
uint256 C64
C65
uint256 C65
C66
uint256 C66
C67
uint256 C67
C68
uint256 C68
C69
uint256 C69
C70
uint256 C70
C71
uint256 C71
C72
uint256 C72
C73
uint256 C73
C74
uint256 C74
C75
uint256 C75
C76
uint256 C76
C77
uint256 C77
C78
uint256 C78
C79
uint256 C79
C80
uint256 C80
C81
uint256 C81
C82
uint256 C82
C83
uint256 C83
C84
uint256 C84
C85
uint256 C85
C86
uint256 C86
C87
uint256 C87
C88
uint256 C88
C89
uint256 C89
C90
uint256 C90
C91
uint256 C91
C92
uint256 C92
C93
uint256 C93
C94
uint256 C94
C95
uint256 C95
C96
uint256 C96
C97
uint256 C97
C98
uint256 C98
C99
uint256 C99
C100
uint256 C100
C101
uint256 C101
C102
uint256 C102
C103
uint256 C103
C104
uint256 C104
C105
uint256 C105
C106
uint256 C106
C107
uint256 C107
C108
uint256 C108
C109
uint256 C109
C110
uint256 C110
C111
uint256 C111
C112
uint256 C112
C113
uint256 C113
C114
uint256 C114
C115
uint256 C115
C116
uint256 C116
C117
uint256 C117
C118
uint256 C118
C119
uint256 C119
C120
uint256 C120
C121
uint256 C121
C122
uint256 C122
C123
uint256 C123
C124
uint256 C124
C125
uint256 C125
C126
uint256 C126
C127
uint256 C127
M00
uint256 M00
M01
uint256 M01
M10
uint256 M10
M11
uint256 M11
hash
function hash(uint256 input) external pure returns (uint256 result)
Hashes the input using the Poseidon hash function, n = 2, second input is the constant 0
Parameters
| Name | Type | Description |
|---|---|---|
| input | uint256 | The input to hash |
_hash
function _hash(uint256 input) internal pure returns (uint256 result)
Rln
constructor
constructor(uint256 membershipDeposit, uint256 depth, address _poseidonHasher, address _verifier) public
_validateRegistration
function _validateRegistration(uint256 idCommitment) internal pure
Inheriting contracts MUST override this function
_validateSlash
function _validateSlash(uint256 idCommitment, address payable receiver, uint256[8] proof) internal pure
FullTree
error FullTree()
The tree is full
InsufficientDeposit
error InsufficientDeposit(uint256 required, uint256 provided)
Invalid deposit amount
Parameters
| Name | Type | Description |
|---|---|---|
| required | uint256 | The required deposit amount |
| provided | uint256 | The provided deposit amount |
DuplicateIdCommitment
error DuplicateIdCommitment()
Member is already registered
FailedValidation
error FailedValidation()
Failed validation on registration/slashing
InvalidIdCommitment
error InvalidIdCommitment(uint256 idCommitment)
Invalid idCommitment
InvalidReceiverAddress
error InvalidReceiverAddress(address to)
Invalid receiver address, when the receiver is the contract itself or 0x0
MemberNotRegistered
error MemberNotRegistered(uint256 idCommitment)
Member is not registered
MemberHasNoStake
error MemberHasNoStake(uint256 idCommitment)
Member has no stake
InsufficientWithdrawalBalance
error InsufficientWithdrawalBalance()
User has insufficient balance to withdraw
InsufficientContractBalance
error InsufficientContractBalance()
Contract has insufficient balance to return
InvalidProof
error InvalidProof()
Invalid proof
RlnBase
MEMBERSHIP_DEPOSIT
uint256 MEMBERSHIP_DEPOSIT
The deposit amount required to register as a member
DEPTH
uint256 DEPTH
The depth of the merkle tree
SET_SIZE
uint256 SET_SIZE
The size of the merkle tree, i.e 2^depth
idCommitmentIndex
uint256 idCommitmentIndex
The index of the next member to be registered
stakedAmounts
mapping(uint256 => uint256) stakedAmounts
The amount of eth staked by each member maps from idCommitment to the amount staked
members
mapping(uint256 => uint256) members
The membership status of each member maps from idCommitment to their index in the set
withdrawalBalance
mapping(address => uint256) withdrawalBalance
The balance of each user that can be withdrawn
poseidonHasher
contract PoseidonHasher poseidonHasher
The Poseidon hasher contract
verifier
contract IVerifier verifier
The groth16 verifier contract
MemberRegistered
event MemberRegistered(uint256 idCommitment, uint256 index)
Emitted when a new member is added to the set
Parameters
| Name | Type | Description |
|---|---|---|
| idCommitment | uint256 | The idCommitment of the member |
| index | uint256 | The index of the member in the set |
MemberWithdrawn
event MemberWithdrawn(uint256 idCommitment, uint256 index)
Emitted when a member is removed from the set
Parameters
| Name | Type | Description |
|---|---|---|
| idCommitment | uint256 | The idCommitment of the member |
| index | uint256 | The index of the member in the set |
onlyValidIdCommitment
modifier onlyValidIdCommitment(uint256 idCommitment)
constructor
constructor(uint256 membershipDeposit, uint256 depth, address _poseidonHasher, address _verifier) internal
register
function register(uint256 idCommitment) external payable virtual
Allows a user to register as a member
Parameters
| Name | Type | Description |
|---|---|---|
| idCommitment | uint256 | The idCommitment of the member |
_register
function _register(uint256 idCommitment, uint256 stake) internal virtual
Registers a member
Parameters
| Name | Type | Description |
|---|---|---|
| idCommitment | uint256 | The idCommitment of the member |
| stake | uint256 | The amount of eth staked by the member |
_validateRegistration
function _validateRegistration(uint256 idCommitment) internal view virtual
Inheriting contracts MUST override this function
slash
function slash(uint256 idCommitment, address payable receiver, uint256[8] proof) external virtual
Allows a user to slash a member
Parameters
| Name | Type | Description |
|---|---|---|
| idCommitment | uint256 | The idCommitment of the member |
| receiver | address payable | |
| proof | uint256[8] |
_slash
function _slash(uint256 idCommitment, address payable receiver, uint256[8] proof) internal virtual
Slashes a member by removing them from the set, and adding their stake to the receiver's available withdrawal balance
Parameters
| Name | Type | Description |
|---|---|---|
| idCommitment | uint256 | The idCommitment of the member |
| receiver | address payable | The address to receive the funds |
| proof | uint256[8] |
_validateSlash
function _validateSlash(uint256 idCommitment, address payable receiver, uint256[8] proof) internal view virtual
withdraw
function withdraw() external virtual
Allows a user to withdraw funds allocated to them upon slashing a member
hash
function hash(uint256 input) internal view returns (uint256)
Hashes a value using the Poseidon hasher NOTE: The variant of Poseidon we use accepts only 1 input, assume n=2, and the second input is 0
Parameters
| Name | Type | Description |
|---|---|---|
| input | uint256 | The value to hash |
isValidCommitment
function isValidCommitment(uint256 idCommitment) public view returns (bool)
_verifyProof
function _verifyProof(uint256 idCommitment, address receiver, uint256[8] proof) internal view virtual returns (bool)
Groth16 proof verification
Pairing
G1Point
struct G1Point {
uint256 X;
uint256 Y;
}
G2Point
struct G2Point {
uint256[2] X;
uint256[2] Y;
}
P1
function P1() internal pure returns (struct Pairing.G1Point)
Return Values
| Name | Type | Description |
|---|---|---|
| [0] | struct Pairing.G1Point | the generator of G1 |
P2
function P2() internal pure returns (struct Pairing.G2Point)
Return Values
| Name | Type | Description |
|---|---|---|
| [0] | struct Pairing.G2Point | the generator of G2 |
negate
function negate(struct Pairing.G1Point p) internal pure returns (struct Pairing.G1Point r)
Return Values
| Name | Type | Description |
|---|---|---|
| r | struct Pairing.G1Point | the negation of p, i.e. p.addition(p.negate()) should be zero. |
addition
function addition(struct Pairing.G1Point p1, struct Pairing.G1Point p2) internal view returns (struct Pairing.G1Point r)
Return Values
| Name | Type | Description |
|---|---|---|
| r | struct Pairing.G1Point | the sum of two points of G1 |
scalar_mul
function scalar_mul(struct Pairing.G1Point p, uint256 s) internal view returns (struct Pairing.G1Point r)
Return Values
| Name | Type | Description |
|---|---|---|
| r | struct Pairing.G1Point | the product of a point on G1 and a scalar, i.e. p == p.scalar_mul(1) and p.addition(p) == p.scalar_mul(2) for all points p. |
pairing
function pairing(struct Pairing.G1Point[] p1, struct Pairing.G2Point[] p2) internal view returns (bool)
Return Values
| Name | Type | Description |
|---|---|---|
| [0] | bool | the result of computing the pairing check e(p1[0], p2[0]) * .... * e(p1[n], p2[n]) == 1 For example pairing([P1(), P1().negate()], [P2(), P2()]) should return true. |
pairingProd2
function pairingProd2(struct Pairing.G1Point a1, struct Pairing.G2Point a2, struct Pairing.G1Point b1, struct Pairing.G2Point b2) internal view returns (bool)
Convenience method for a pairing check for two pairs.
pairingProd3
function pairingProd3(struct Pairing.G1Point a1, struct Pairing.G2Point a2, struct Pairing.G1Point b1, struct Pairing.G2Point b2, struct Pairing.G1Point c1, struct Pairing.G2Point c2) internal view returns (bool)
Convenience method for a pairing check for three pairs.
pairingProd4
function pairingProd4(struct Pairing.G1Point a1, struct Pairing.G2Point a2, struct Pairing.G1Point b1, struct Pairing.G2Point b2, struct Pairing.G1Point c1, struct Pairing.G2Point c2, struct Pairing.G1Point d1, struct Pairing.G2Point d2) internal view returns (bool)
Convenience method for a pairing check for four pairs.
Verifier
VerifyingKey
struct VerifyingKey {
struct Pairing.G1Point alfa1;
struct Pairing.G2Point beta2;
struct Pairing.G2Point gamma2;
struct Pairing.G2Point delta2;
struct Pairing.G1Point[] IC;
}
Proof
struct Proof {
struct Pairing.G1Point A;
struct Pairing.G2Point B;
struct Pairing.G1Point C;
}
verifyingKey
function verifyingKey() internal pure returns (struct Verifier.VerifyingKey vk)
verify
function verify(uint256[] input, struct Verifier.Proof proof) internal view returns (uint256)
verifyProof
function verifyProof(uint256[2] a, uint256[2][2] b, uint256[2] c, uint256[2] input) public view returns (bool r)
Return Values
| Name | Type | Description |
|---|---|---|
| r | bool | bool true if proof is valid |