Kezdőlap Felfedezés Súgó
Bejelentkezés
bat9go
/
tornado-core
tükrözi: https://github.com/tornadocash/tornado-core
Figyelés 1
Kedvenc 0
Másolás 0
Fájlok Problémák 0 Wiki
Branch: gsn2
Branch-ok Tag-ek
tornado-core
/
circuits
/
merkleTree.circom

merkleTree.circom 2.0 KB
Állandó hivatkozás Előzmények Nyers

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374 
  1. include "../node_modules/circomlib/circuits/mimcsponge.circom";
    2. 

  2. 

  3. // Computes MiMC(left + right)
    4. 

  4. template HashLeftRight(rounds) {
    5. 

  5.     signal input left;
    6. 

  6.     signal input right;
    7. 

  7. 

  8.     signal output hash;
    9. 

  9. 

  10.     component hasher = MiMCSponge(2, rounds, 1);
    11. 

  11.     hasher.ins[0] <== left;
    12. 

  12.     hasher.ins[1] <== right;
    13. 

  13.     hasher.k <== 0;
    14. 

  14. 

  15.     hash <== hasher.outs[0];
    16. 

  16. }
    17. 

  17. 

  18. // if pathIndex == 0 returns (left = inputElement, right = pathElement)
    19. 

  19. // if pathIndex == 1 returns (left = pathElement, right = inputElement)
    20. 

  20. template Selector() {
    21. 

  21.     signal input inputElement;
    22. 

  22.     signal input pathElement;
    23. 

  23.     signal input pathIndex;
    24. 

  24. 

  25.     signal output left;
    26. 

  26.     signal output right;
    27. 

  27. 

  28.     signal leftSelector1;
    29. 

  29.     signal leftSelector2;
    30. 

  30.     signal rightSelector1;
    31. 

  31.     signal rightSelector2;
    32. 

  32. 

  33.     pathIndex * (1-pathIndex) === 0
    34. 

  34. 

  35.     leftSelector1 <== (1 - pathIndex) * inputElement;
    36. 

  36.     leftSelector2 <== (pathIndex) * pathElement;
    37. 

  37.     rightSelector1 <== (pathIndex) * inputElement;
    38. 

  38.     rightSelector2 <== (1 - pathIndex) * pathElement;
    39. 

  39. 

  40.     left <== leftSelector1 + leftSelector2;
    41. 

  41.     right <== rightSelector1 + rightSelector2;
    42. 

  42. }
    43. 

  43. 

  44. // Verifies that merkle proof is correct for given merkle root and a leaf
    45. 

  45. // pathIndex input is an array of 0/1 selectors telling whether given pathElement is on the left or right side of merkle path
    46. 

  46. template MerkleTree(levels, rounds) {
    47. 

  47.     signal input leaf;
    48. 

  48.     signal input root;
    49. 

  49.     signal private input pathElements[levels];
    50. 

  50.     signal private input pathIndex[levels];
    51. 

  51. 

  52.     component selectors[levels];
    53. 

  53.     component hashers[levels];
    54. 

  54. 

  55.     for (var i = 0; i < levels; i++) {
    56. 

  56.         selectors[i] = Selector();
    57. 

  57.         hashers[i] = HashLeftRight(rounds);
    58. 

  58. 

  59.         selectors[i].pathElement <== pathElements[i];
    60. 

  60.         selectors[i].pathIndex <== pathIndex[i];
    61. 

  61. 

  62.         hashers[i].left <== selectors[i].left;
    63. 

  63.         hashers[i].right <== selectors[i].right;
    64. 

  64.     }
    65. 

  65. 

  66.     selectors[0].inputElement <== leaf;
    67. 

  67. 

  68.     for (var i = 1; i < levels; i++) {
    69. 

  69.         selectors[i].inputElement <== hashers[i-1].hash;
    70. 

  70.     }
    71. 

  71. 

  72.     root === hashers[levels - 1].hash;
    73. 

  73. }
    74. 

  74.