diff --git a/CODING_STANDARDS.md b/CODING_STANDARDS.md index 59f0d46c3..36ecbe6a0 100644 --- a/CODING_STANDARDS.md +++ b/CODING_STANDARDS.md @@ -16,13 +16,14 @@ We adhere to the `pep8` standard, using `flake8`, `pylint` and `mypy` to catch f ## Solidity Solidity code must adhere to the [solidity coding standards](https://docs.soliditylang.org/en/develop/style-guide.html), with the following amendments: -- Test functions must end with the suffix `Test` (e.g. `reverseBytesTest`) +- Test functions must have a `test` prefix (e.g. `testReverseBytes`) - Private/internal state variables and functions must have an underscore prefix (e.g. `_myInternalFunction`) -- Virtual functions in abstract contracts must be written last and located at the end of the contract source +- The order in which contract members are written must driven by their scope (i.e. `public/external` functions must appear first in the contract code, `internal/private` functions must appear last). Additionally, `virtual` functions in abstract contracts must be written last in their visibility group. - Function parameters must not be prefixed with an underscore - Interface names must have a capital I prefix (e.g. `IERC20`) -- Library names must have a capital L prefix (e.g. `LPairing`) +- Library names must have a capital L prefix (e.g. `LibPairing`) - Test contract names must have a `Test` prefix (e.g. `TestMyContract`) +- Abstract contract names must have an `Abstract` prefix (e.g. `AbstractMyContract`) - Contract names may not be PascalCase if using PascalCase is introducing confusions in the name (e.g. `BLS12377.sol` vs `BLS12_377.sol`). PascalCase should be used whenever possible - Event names must be prefixed by `Log` (e.g. `LogDeposit`) diff --git a/client/test_contracts/test_base_mixer_altbn128_contract.py b/client/test_contracts/test_base_mixer_altbn128_contract.py deleted file mode 100644 index a6e4ed583..000000000 --- a/client/test_contracts/test_base_mixer_altbn128_contract.py +++ /dev/null @@ -1,265 +0,0 @@ -#!/usr/bin/env python3 - -# Copyright (c) 2015-2021 Clearmatics Technologies Ltd -# -# SPDX-License-Identifier: LGPL-3.0+ - -from zeth.core.constants import \ - JS_INPUTS, ZETH_PUBLIC_UNIT_VALUE, ZETH_MERKLE_TREE_DEPTH -from zeth.core.prover_client import ProverConfiguration -from zeth.core.mimc import MiMC7 -from zeth.core.input_hasher import InputHasher -from zeth.core.zksnark import get_zksnark_provider -from zeth.core.utils import EtherValue, hex_list_to_uint256_list -from zeth.core.signing import SigningKeyPair -from zeth.core.mixer_client import MixParameters, MixerClient, joinsplit_sign, \ - mix_parameters_to_dispatch_parameters -import zeth.core.contracts as contracts -import tests.test_pairing as test_pairing -import test_commands.mock as mock -from unittest import TestCase -from typing import Dict, Optional, Any - -# pylint: disable=line-too-long - -# Primary inputs - -ROOT = 0 - -NULLIFIERS = [ - int( - "0010000000000000000000000000000000000000000000000000000000000000" - "0000000000000000000000000000000000000000000000000000000000000000" - "0000000000000000000000000000000000000000000000000000000000000000" - "0000000000000000000000000000000000000000000000000000000000011000", - 2), - int( - "0100000000000000000000000000000000000000000000000000000000000000" - "0000000000000000000000000000000000000000000000000000000000000000" - "0000000000000000000000000000000000000000000000000000000000000000" - "0000000000000000000000000000000000000000000000000000000000100001", - 2), -] - -COMMITMENTS = [ - int( - "0000000000000000000000000000000000000000000000000000000000000000" - "0000000000000000000000000000000000000000000000000000000000000000" - "0000000000000000000000000000000000000000000000000000000000000000" - "0000000000000000000000000000000000000000000000000000000000000001", - 2), - int( - "0000000000000000000000000000000000000000000000000000000000000000" - "0000000000000000000000000000000000000000000000000000000000000000" - "0000000000000000000000000000000000000000000000000000000000000000" - "0000000000000000000000000000000000000000000000000000000000000010", - 2), -] - -HSIG = int( - "1010000000000000000000000000000000000000000000000000000000000000" - "0000000000000000000000000000000000000000000000000000000000000000" - "0000000000000000000000000000000000000000000000000000000000000000" - "0000000000000000000000000000000000000000000000000000000000101111", - 2) - -HTAGS = [ - int( - "1100000000000000000000000000000000000000000000000000000000000000" - "0000000000000000000000000000000000000000000000000000000000000000" - "0000000000000000000000000000000000000000000000000000000000000000" - "0000000000000000000000000000000000000000000000000000000000110010", - 2), - int( - "1110000000000000000000000000000000000000000000000000000000000000" - "0000000000000000000000000000000000000000000000000000000000000000" - "0000000000000000000000000000000000000000000000000000000000000000" - "0000000000000000000000000000000000000000000000000000000000111011", - 2), -] - -VPUB = (0x5555555555555500, 0x00eeeeeeeeeeeeee) - -# 255 128 64 0 -# |||||)|| -RESIDUAL_BITS = int( - "101" # h_sig - "010" # nf_1 - "001" # nf_0 - "111" # htag_1 - "110" # htag_0 - "0101010101010101010101010101010101010101010101010101010100000000" # vin - "0000000011101110111011101110111011101110111011101110111011101110", # vout - 2) - -PACKED_PRIMARY_INPUTS = \ - [ROOT] + COMMITMENTS + NULLIFIERS + [HSIG] + HTAGS + [RESIDUAL_BITS] - -PROVER_CONFIG = ProverConfiguration( - zksnark_name="GROTH16", - pairing_parameters=test_pairing.ALT_BN128_PAIRING) - -# Arbitrary VK hash (array of 2 evm words) -VK_HASH = [2, 1] - -MIX_PARAMETERS_VIN = EtherValue(200) - -# Signing key and mix parameters obtained from the test_zeth_cli scripts. See -# scripts/test_zeth_cli. - -MIX_PARAMETERS_SIGNING_KEYPAIR = SigningKeyPair.from_json_dict({ - "sk": { - "psk": "0094c3bd11c967ded0712fb8aa833dc34c2e9e36a298f9bca75ca47b014f525b", - "ssk_y": "26762feff4e7a0fe3f24182caf13b7709818bef122c3c8395c9cc71664925e2f", # noqa - "ssk_y_g1": { - "x": "065495bf33403570a2c0bc2e5eb193dce106c82270ff72a68df1f3255019c37c", # noqa - "y": "12ef732b1e3d2afe712f6414eb68f4bdf0bd610e2bb199dd3ba9c3b7a49e34b3" # noqa - } - }, - "vk": { - "ppk": { - "x": "03ff72a98c117f06526da1ecf485ddc46130bd97f6254678ab42dec92b9b533b", # noqa - "y": "1cd3a1f4ceb50551d9aec66aace46e630a3f6ff17106696ea1937ed573df82aa" # noqa - }, - "spk": { - "x": "065495bf33403570a2c0bc2e5eb193dce106c82270ff72a68df1f3255019c37c", # noqa - "y": "12ef732b1e3d2afe712f6414eb68f4bdf0bd610e2bb199dd3ba9c3b7a49e34b3" # noqa - } - } -}) - -MIX_PARAMETERS_DICT: Dict[str, Any] = { - "extended_proof": { - "proof": { - "a": ["0x19bb99d61b9fd80f83c62301b8b49a7721ff4b9169304ee2e565967dff6c1f50","0x10cf81855def824e4ebb56df71e63271c9c24778fb5022db0c0e5266c5dac8c0"], # noqa - "b": [["0x2e8709a700d887a6d98b5c9e8154dd5aa2e8b37e176f7ee4dde254a4f01cb5f2", "0x26776b5283e39376a076ea7c9effd6ac6a2eb4e153ff33beccc50ea8c9ea77f6"], ["0x21d59a0bded4b94e995d1056fa08a5b44626f936bc7ce90556f288f558a4d6bc", "0x0dfe988bdd7e0f793df7d9d2136ccc2bd2fb9187eaf8f38430a7bfbdd0b7a8d2"]], # noqa - "c": ["0x2e0f8bec7eebad06fab29c558e96cbd68d2d729bca8b56640b0f00f93593e372", "0x2276552ff16f6b4e67c06495941c1988eca4bc60c9aa75cfc57098beb4f19156"] # noqa - }, - "inputs": ["0x01a5e7daab7ee618030641a16ae09ec8f67e121f209e6241b65924122f2ed94b"] # noqa - }, - "public_data": [ - "0x1e202cf4ac3721b9bfd398ec65969c811f32cb1e46df020337e9fc2fda0f014", - "0xda3f23b4b07b9cf6ae3ddce133f7de065b1f933e2df5653b52ddc57a79b4ce7", - "0x153319f1ecdd7a6d25380dc08566a8b5a6a46cb7a14a920b5400d834ca66bdbe", - "0xd1179e6c517a300b86e6e99bba141ca6bd95ac41a02ecd4eeb2a19176de1069", - "0x16f67a9d4ad2656c1f2fbc0d39e4e7ddcbad04bb83e7a38511b1b5f42d5e5983", - "0xfa8d8b70f091bc6d9e5186c91968d37dcc5153e2ff39b5508c1e15016e2bace", - "0x91ac4bd99ed6bc7ff73df5cbfe6330f4875e2c180daccbf568d8146f86ba24b", - "0xd146d5f49d6461012ae4ab3f6f670e275098ed6369406c6f0e5bc4fd4828bce", - "0x9a7000000000bebc2000000000000000000" - ], - "signature_vk": [ - "1808275917333726390675593630676660592284499790243906329164148357633591169851", # noqa - "13038682272157317746935630690273139043012615829064107162576212284919309632170", # noqa - "2863325759893808656457455214623293696676979172082516149962341594639946597244", # noqa - "8564702586272948230916163901148349984070935330485128468603906018200747127987" # noqa - ], - "signature": "19090395247809983100415210093724020502485107107595263044457463522078345927435", # noqa - "ciphertexts": [ - "642149825d05b2b6e40d5e479ac27718adde77563e1e4a924a10a01afc9f5c63bd72e87a9710c2ea97c78a051fcb82cd1cdc23817f5781baa8d3508189fc0963fa3f6209df70aa95db14f24080da94e32374da6e9ce6dc4c3c0efbcbb428e605d683034f672750dd8c1533bf814339800731330f74fd5d67fa24e2207e1b8225aab47ca918d5583f27305f3ea0fcd3c1689a25add0bbad50", # noqa - "296909be36fb44361a34134c5acc47b01f5037c1be0f021734b993d0c766be10acc611836e9b77a67b59f4cbb74479402daa2e3d7b6a0ca780de9d0802bd751c0191bcaed8b2b7d5d334c7eb3bc339795cfeb7e7ace9ede7c1ebb8f4fa79f01342856dc557b680dd6e2ead876a7a281ab935c94aeba77f48097038cc8df1b36b56a97f6a2cdd42e05ed6f3ca26622ae87b405276b9544dcd" # noqa - ] -} - -WEB3: Optional[Any] = None - -ETH: Optional[Any] = None - -MIXER_INSTANCE: Any = None - -MIXER_CLIENT: Optional[MixerClient] = None - - -class TestBaseMixerAltBN128Contract(TestCase): - - @staticmethod - def setUpClass() -> None: - print("Deploying TestBaseMixerAltBN128.sol") - web3, eth = mock.open_test_web3() - deployer_eth_address = eth.accounts[0] - _mixer_interface, mixer_instance = mock.deploy_contract( - eth, - deployer_eth_address, - "TestBaseMixerAltBN128", - { - 'mkDepth': ZETH_MERKLE_TREE_DEPTH, - 'permittedDispatcher': deployer_eth_address, - 'vkHash': VK_HASH, - }) - - global WEB3 # pylint: disable=global-statement - WEB3 = web3 - global ETH # pylint: disable=global-statement - ETH = eth - global MIXER_INSTANCE # pylint: disable=global-statement - MIXER_INSTANCE = mixer_instance - global MIXER_CLIENT # pylint: disable=global-statement - MIXER_CLIENT = MixerClient(web3, PROVER_CONFIG, MIXER_INSTANCE) - - def test_hash_public_inputs(self) -> None: - zksnark = get_zksnark_provider(PROVER_CONFIG.zksnark_name) - mix_params = MixParameters.from_json_dict(zksnark, MIX_PARAMETERS_DICT) - public_data = mix_params.public_data - expect_hash = InputHasher(MiMC7()).hash(public_data) - actual_hash = MIXER_INSTANCE.functions.\ - hashPublicProofDataTest(public_data).call() - self.assertEqual(expect_hash, actual_hash) - - def test_assemble_nullifiers(self) -> None: - # Test retrieving nullifiers - for i in range(JS_INPUTS): - res = MIXER_INSTANCE.functions.\ - assembleNullifierTest(i, PACKED_PRIMARY_INPUTS).call() - val = int.from_bytes(res, byteorder="big") - self.assertEqual(NULLIFIERS[i], val) - - def test_assemble_hsig(self) -> None: - # Test retrieving hsig - res = MIXER_INSTANCE.functions.\ - assembleHsigTest(PACKED_PRIMARY_INPUTS).call() - hsig = int.from_bytes(res, byteorder="big") - self.assertEqual(HSIG, hsig) - - def test_assemble_vpub(self) -> None: - # Test retrieving public values - v_in, v_out = MIXER_INSTANCE.functions.assemblePublicValuesTest( - PACKED_PRIMARY_INPUTS[-1]).call() - v_in_expect = VPUB[0] * ZETH_PUBLIC_UNIT_VALUE - v_out_expect = VPUB[1] * ZETH_PUBLIC_UNIT_VALUE - self.assertEqual(v_in_expect, v_in) - self.assertEqual(v_out_expect, v_out) - - def test_dispatch_call(self) -> None: - # Test calling dispatch. Use the "dummy" MixParameters and signing key, - # recreating the signature for the sender. - - zksnark = get_zksnark_provider(PROVER_CONFIG.zksnark_name) - sender_eth_address = ETH.accounts[0] # type: ignore - mix_params = MixParameters.from_json_dict(zksnark, MIX_PARAMETERS_DICT) - new_signature = joinsplit_sign( - zksnark=get_zksnark_provider(PROVER_CONFIG.zksnark_name), - pp=PROVER_CONFIG.pairing_parameters, - signing_keypair=MIX_PARAMETERS_SIGNING_KEYPAIR, - sender_eth_address=sender_eth_address, - ciphertexts=mix_params.ciphertexts, - extproof=mix_params.extended_proof, - public_data=mix_params.public_data, - for_dispatch_call=True) - mix_params.signature = new_signature - - nested_inputs = \ - hex_list_to_uint256_list(mix_params.extended_proof.inputs) - nested_parameters = mix_parameters_to_dispatch_parameters(mix_params) - mixer_call = MIXER_INSTANCE.functions.dispatch( - VK_HASH, nested_inputs, nested_parameters) - - # Broadcast transaction and wait for the result. - tx_id = contracts.send_contract_call( - web3=WEB3, - call=mixer_call, - sender_eth_addr=sender_eth_address, - sender_eth_private_key=None, - value=MIX_PARAMETERS_VIN) - tx_receipt = ETH.waitForTransactionReceipt(tx_id, 10000) # type: ignore - status = tx_receipt.status - self.assertEqual(True, status) diff --git a/client/test_contracts/test_bls12_377_contract.py b/client/test_contracts/test_bls12_377_contract.py index 145657b9d..e03c7336d 100644 --- a/client/test_contracts/test_bls12_377_contract.py +++ b/client/test_contracts/test_bls12_377_contract.py @@ -96,14 +96,14 @@ def test_bls12_ecadd(self) -> None: """ Check that [6] == [2] + [4] """ - result = BLS12_INSTANCE.functions.ecAddTest(G1_2 + G1_4).call() + result = BLS12_INSTANCE.functions.testECAdd(G1_2 + G1_4).call() self.assertEqual(G1_6, result) def test_bls12_ecmul(self) -> None: """ Check that [-8] == -2 * [4] """ - result = BLS12_INSTANCE.functions.ecMulTest(G1_4 + FR_MINUS_2).call() + result = BLS12_INSTANCE.functions.testECMul(G1_4 + FR_MINUS_2).call() self.assertEqual(G1_MINUS_8, result) def test_bls12_ecpairing(self) -> None: @@ -113,9 +113,9 @@ def test_bls12_ecpairing(self) -> None: # Note, return result here is uint256(1) or uint256(0) depending on the # pairing check result. points = G1_6 + G2_4 + G1_3 + G2_8 + G1_4 + G2_4 + G1_MINUS_8 + G2_8 - result = BLS12_INSTANCE.functions.ecPairingTest(points).call() + result = BLS12_INSTANCE.functions.testECPairing(points).call() self.assertEqual(1, result) points = G1_6 + G2_4 + G1_3 + G2_8 + G1_4 + G2_4 + G1_MINUS_8 + G2_4 - result = BLS12_INSTANCE.functions.ecPairingTest(points).call() + result = BLS12_INSTANCE.functions.testECPairing(points).call() self.assertEqual(0, result) diff --git a/client/test_contracts/test_bw6_761_contract.py b/client/test_contracts/test_bw6_761_contract.py index 445e7f32f..82cc75356 100644 --- a/client/test_contracts/test_bw6_761_contract.py +++ b/client/test_contracts/test_bw6_761_contract.py @@ -102,14 +102,14 @@ def test_bw6_ecadd(self) -> None: """ Check that [6] == [2] + [4] """ - result = BW6_INSTANCE.functions.ecAddTest(G1_2 + G1_4).call() + result = BW6_INSTANCE.functions.testECAdd(G1_2 + G1_4).call() self.assertEqual(G1_6, result) def test_bw6_ecmul(self) -> None: """ Check that [-8] == -2 * [4] """ - result = BW6_INSTANCE.functions.ecMulTest(G1_4 + FR_MINUS_2).call() + result = BW6_INSTANCE.functions.testECMul(G1_4 + FR_MINUS_2).call() self.assertEqual(G1_MINUS_8, result) def test_bw6_ecpairing(self) -> None: @@ -119,9 +119,9 @@ def test_bw6_ecpairing(self) -> None: # Note, return result here is uint256(1) or uint256(0) depending on the # pairing check result. points = G1_6 + G2_4 + G1_3 + G2_8 + G1_4 + G2_4 + G1_MINUS_8 + G2_8 - result = BW6_INSTANCE.functions.ecPairingTest(points).call() + result = BW6_INSTANCE.functions.testECPairing(points).call() self.assertEqual(1, result) points = G1_6 + G2_4 + G1_3 + G2_8 + G1_4 + G2_4 + G1_MINUS_8 + G2_4 - result = BW6_INSTANCE.functions.ecPairingTest(points).call() + result = BW6_INSTANCE.functions.testECPairing(points).call() self.assertEqual(0, result) diff --git a/client/test_contracts/test_groth16_bls12_377_contract.py b/client/test_contracts/test_groth16_bls12_377_contract.py index 2bd6da598..160e5486b 100644 --- a/client/test_contracts/test_groth16_bls12_377_contract.py +++ b/client/test_contracts/test_groth16_bls12_377_contract.py @@ -92,7 +92,7 @@ def _invoke_groth16_bls12_377_verify( vk, BLS12_377_PAIRING) proof_evm = Groth16.proof_to_contract_parameters(proof, BLS12_377_PAIRING) inputs_evm = hex_list_to_uint256_list(inputs) - return CONTRACT_INSTANCE.functions.verifyTest( + return CONTRACT_INSTANCE.functions.testVerify( vk_evm, proof_evm, inputs_evm).call() def test_groth16_bls12_377_valid(self) -> None: diff --git a/client/test_contracts/test_merkle_tree_contract.py b/client/test_contracts/test_merkle_tree_contract.py deleted file mode 100644 index 2aa9d859f..000000000 --- a/client/test_contracts/test_merkle_tree_contract.py +++ /dev/null @@ -1,93 +0,0 @@ -#!/usr/bin/env python3 - -# Copyright (c) 2015-2021 Clearmatics Technologies Ltd -# -# SPDX-License-Identifier: LGPL-3.0+ - -from zeth.core.constants import ZETH_MERKLE_TREE_DEPTH -from zeth.core.merkle_tree import MerkleTree -from zeth.core.utils import extend_32bytes -from zeth.core.mimc import MiMC7 -from typing import Any -from unittest import TestCase -import test_commands.mock as mock - - -TEST_VALUES = [ - extend_32bytes(bytes.fromhex("f0")), - extend_32bytes(bytes.fromhex("f1")), - extend_32bytes(bytes.fromhex("f2")), - extend_32bytes(bytes.fromhex("f3")), - extend_32bytes(bytes.fromhex("f4")), - extend_32bytes(bytes.fromhex("f5")), - extend_32bytes(bytes.fromhex("f6")), - extend_32bytes(bytes.fromhex("f7")), - extend_32bytes(bytes.fromhex("f8")), - extend_32bytes(bytes.fromhex("f9")), - extend_32bytes(bytes.fromhex("fa")), - extend_32bytes(bytes.fromhex("fb")), - extend_32bytes(bytes.fromhex("fc")), - extend_32bytes(bytes.fromhex("fd")), - extend_32bytes(bytes.fromhex("fe")), - extend_32bytes(bytes.fromhex("ff")), -] - -MKTREE_INSTANCE: Any = None - - -class TestMerkleTreeContract(TestCase): - - @staticmethod - def setUpClass() -> None: - _web3, eth = mock.open_test_web3() - deployer_eth_address = eth.accounts[0] - _mktree_interface, mktree_instance = mock.deploy_contract( - eth, - deployer_eth_address, - "TestMerkleTreeMiMC7", - {'treeDepth': ZETH_MERKLE_TREE_DEPTH}) - global MKTREE_INSTANCE # pylint: disable=global-statement - MKTREE_INSTANCE = mktree_instance - - def test_tree_empty(self) -> None: - mktree = MerkleTree.empty_with_depth(ZETH_MERKLE_TREE_DEPTH, MiMC7()) - expected_root = mktree.recompute_root() - root = MKTREE_INSTANCE.functions.addLeavesTest([], []).call() - self.assertEqual(expected_root, root, "test_tree_empty") - - def _test_partial(self, num_entries: int, step: int = 1) -> None: - """ - Take the first 'num_entries' from TEST_VALUES. Cut them at each possible - place and submit them as two halves to the contract, receiving back the - root for the updated tree. - """ - leaves = TEST_VALUES[:num_entries] - - mktree = MerkleTree.empty_with_depth(ZETH_MERKLE_TREE_DEPTH, MiMC7()) - for leaf in leaves: - mktree.insert(leaf) - expected_root = mktree.recompute_root() - - for cut in range(0, num_entries + 1, step): - print(f"_test_partial: num_entries={num_entries}, cut={cut}") - first = leaves[:cut] - second = leaves[cut:] - root = MKTREE_INSTANCE.functions.addLeavesTest(first, second).call() - self.assertEqual( - expected_root, - root, - f"num_entries: {num_entries}, cut: {cut}: ") - - def test_tree_partial(self) -> None: - """ - Send a series of different arrays of leaves to the contract and check that - the root is as expected. Send as 2 batches, to test updating the tree, - from various states. - """ - # Perform the filling tests using arrays of these sizes - self._test_partial(1) - self._test_partial(7) - self._test_partial(8) - self._test_partial(9) - self._test_partial(15, 3) - self._test_partial(16, 3) diff --git a/client/test_contracts/test_mimc_contract.py b/client/test_contracts/test_mimc_contract.py index 8bf3e2161..8d21306cb 100644 --- a/client/test_contracts/test_mimc_contract.py +++ b/client/test_contracts/test_mimc_contract.py @@ -37,7 +37,7 @@ def test_mimc7(self) -> None: # pylint: enable=line-too-long h = MiMC7().hash(x, y) - result = CONTRACT_INSTANCE.functions.mimc7Test(x, y).call() + result = CONTRACT_INSTANCE.functions.testMimc7(x, y).call() self.assertEqual(h, result) def test_mimc31(self) -> None: @@ -47,5 +47,5 @@ def test_mimc31(self) -> None: # pylint: enable=line-too-long h = MiMC31().hash(x, y) - result = CONTRACT_INSTANCE.functions.mimc31Test(x, y).call() + result = CONTRACT_INSTANCE.functions.testMimc31(x, y).call() self.assertEqual(h, result) diff --git a/client/zeth/core/constants.py b/client/zeth/core/constants.py index 8c577f31a..4e46d3032 100644 --- a/client/zeth/core/constants.py +++ b/client/zeth/core/constants.py @@ -73,7 +73,7 @@ def bit_length_to_byte_length(bit_length: int) -> int: NOTE_LENGTH: int = APK_LENGTH + PUBLIC_VALUE_LENGTH + RHO_LENGTH + TRAPR_LENGTH NOTE_LENGTH_BYTES: int = bit_length_to_byte_length(NOTE_LENGTH) -# Public inputs are (see BaseMixer.sol): +# Public inputs are (see AbstractMixer.sol): # [0 ] - 1 x merkle root # [1 ] - jsOut x commitment # [1 + jsOut ] - jsIn x nullifier (partial) diff --git a/client/zeth/core/mixer_client.py b/client/zeth/core/mixer_client.py index ede66d619..f57ba21a1 100644 --- a/client/zeth/core/mixer_client.py +++ b/client/zeth/core/mixer_client.py @@ -709,7 +709,7 @@ def joinsplit_sign( zksnark, pp, extproof, public_data) # If for_dispatch_call is set, omit proof from the signature. See - # BaseMixer.sol. + # AbstractMixer.sol. if not for_dispatch_call: h.update(proof_bytes) diff --git a/zeth_contracts/contracts/BaseMerkleTree.sol b/zeth_contracts/contracts/AbstractMerkleTree.sol similarity index 98% rename from zeth_contracts/contracts/BaseMerkleTree.sol rename to zeth_contracts/contracts/AbstractMerkleTree.sol index 8c1e784d2..731e44aa9 100644 --- a/zeth_contracts/contracts/BaseMerkleTree.sol +++ b/zeth_contracts/contracts/AbstractMerkleTree.sol @@ -13,7 +13,7 @@ pragma solidity ^0.8.0; /// This implementation stores all leaves and nodes, skipping those that have /// not been populated yet. The final entry in each layer stores that layer's /// default value. -abstract contract BaseMerkleTree +abstract contract AbstractMerkleTree { // Depth of the merkle tree (should be set with the same depth set in the // cpp prover) @@ -40,7 +40,7 @@ abstract contract BaseMerkleTree constructor(uint256 treeDepth) { require ( treeDepth == _DEPTH, - "Invalid depth in BaseMerkleTree" + "Invalid depth in AbstractMerkleTree" ); _initializeTree(); } diff --git a/zeth_contracts/contracts/BaseMixer.sol b/zeth_contracts/contracts/AbstractMixer.sol similarity index 98% rename from zeth_contracts/contracts/BaseMixer.sol rename to zeth_contracts/contracts/AbstractMixer.sol index b8223fc12..7dcc73c80 100644 --- a/zeth_contracts/contracts/BaseMixer.sol +++ b/zeth_contracts/contracts/AbstractMixer.sol @@ -5,12 +5,12 @@ pragma solidity ^0.8.0; import "./Tokens.sol"; -import "./LOTSchnorrVerifier.sol"; -import "./BaseMerkleTree.sol"; +import "./LibOTSchnorrVerifier.sol"; +import "./AbstractMerkleTree.sol"; -/// BaseMixer implements the functions shared across all Mixers (regardless +/// AbstractMixer implements the functions shared across all Mixers (regardless /// which zkSNARK is used) -abstract contract BaseMixer is BaseMerkleTree, ERC223ReceivingContract +abstract contract AbstractMixer is AbstractMerkleTree, ERC223ReceivingContract { // The roots of the different updated trees mapping(bytes32 => bool) private _roots; @@ -100,7 +100,7 @@ abstract contract BaseMixer is BaseMerkleTree, ERC223ReceivingContract address permittedDispatcher, uint256[2] memory vkHash ) - BaseMerkleTree(depth) + AbstractMerkleTree(depth) { bytes32 initialRoot = _nodes[0]; _roots[initialRoot] = true; @@ -203,7 +203,7 @@ abstract contract BaseMixer is BaseMerkleTree, ERC223ReceivingContract ); require( - LOTSchnorrVerifier._verify( + LibOTSchnorrVerifier._verify( vk[0], vk[1], vk[2], vk[3], sigma, hashToBeSigned), "Invalid signature in dispatch" ); @@ -245,7 +245,7 @@ abstract contract BaseMixer is BaseMerkleTree, ERC223ReceivingContract ) ); require( - LOTSchnorrVerifier._verify( + LibOTSchnorrVerifier._verify( vk[0], vk[1], vk[2], vk[3], sigma, hashToBeSigned), "Invalid signature: Unable to verify the signature correctly" ); diff --git a/zeth_contracts/contracts/BaseMixerAltBN128.sol b/zeth_contracts/contracts/AbstractMixerAltBN128.sol similarity index 84% rename from zeth_contracts/contracts/BaseMixerAltBN128.sol rename to zeth_contracts/contracts/AbstractMixerAltBN128.sol index 9078b049a..d68802fa9 100644 --- a/zeth_contracts/contracts/BaseMixerAltBN128.sol +++ b/zeth_contracts/contracts/AbstractMixerAltBN128.sol @@ -4,14 +4,14 @@ pragma solidity ^0.8.0; -import "./BaseMixer.sol"; -import "./LMiMC7.sol"; +import "./AbstractMixer.sol"; +import "./LibMiMC7.sol"; -/// Partial implementation of abstract BaseMixer which implements the +/// Partial implementation of AbstractMixer which implements the /// curve-specific methods to use the ALT-BN128 pairing. -abstract contract BaseMixerAltBN128 is BaseMixer +abstract contract AbstractMixerAltBN128 is AbstractMixer { - // Constants regarding the _hash digest length, the prime number used and + // Constants regarding the hash digest length, the prime number used and // its associated length in bits and the max values (v_in and v_out) // FIELD_CAPACITY = floor( log_2(r) ) uint256 internal constant _FIELD_CAPACITY = 253; @@ -35,18 +35,18 @@ abstract contract BaseMixerAltBN128 is BaseMixer address permittedDispatcher, uint256[2] memory vkHash ) - BaseMixer(mkDepth, token, vk, permittedDispatcher, vkHash) + AbstractMixer(mkDepth, token, vk, permittedDispatcher, vkHash) { } - /// Use LMiMC7 as the Merkle tree _hash function. + /// Use MiMC7 as the Merkle tree hash function. function _hash(bytes32 left, bytes32 right) internal pure override returns(bytes32) { - return LMiMC7._hash(left, right); + return LibMiMC7._hash(left, right); } /// Utility function to extract a full uint256 from a field element and the diff --git a/zeth_contracts/contracts/BaseMixerBLS12_377.sol b/zeth_contracts/contracts/AbstractMixerBLS12_377.sol similarity index 83% rename from zeth_contracts/contracts/BaseMixerBLS12_377.sol rename to zeth_contracts/contracts/AbstractMixerBLS12_377.sol index 9729ef048..a8672d71a 100644 --- a/zeth_contracts/contracts/BaseMixerBLS12_377.sol +++ b/zeth_contracts/contracts/AbstractMixerBLS12_377.sol @@ -4,18 +4,18 @@ pragma solidity ^0.8.0; -import "./BaseMixer.sol"; -import "./LMiMC31.sol"; +import "./AbstractMixer.sol"; +import "./LibMiMC31.sol"; -/// Partial implementation of abstract BaseMixer which implements the +/// Partial implementation of AbstractMixer which implements the /// curve-specific methods to use the BLS12-377 pairing. -abstract contract BaseMixerBLS12_377 is BaseMixer +abstract contract AbstractMixerBLS12_377 is AbstractMixer { - // TODO: Code here is very similar to BaseMixerAltBN128, with only the + // TODO: Code here is very similar to AbstractMixerAltBN128, with only the // constants changed. Look into sharing more code (possibly by making some // of these constants dynamic). - // Constants regarding the _hash digest length, the prime number used and + // Constants regarding the hash digest length, the prime number used and // its associated length in bits and the max values (v_in and v_out) // Number of bits that can be reliably represented by a single field @@ -42,17 +42,18 @@ abstract contract BaseMixerBLS12_377 is BaseMixer address permittedDispatcher, uint256[2] memory vkHash ) - BaseMixer(mkDepth, token, vk, permittedDispatcher, vkHash) + AbstractMixer(mkDepth, token, vk, permittedDispatcher, vkHash) { } + /// Use MiMC31 as the Merkle tree hash function. function _hash(bytes32 left, bytes32 right) internal pure override returns(bytes32) { - return LMiMC31._hash(left, right); + return LibMiMC31._hash(left, right); } /// Extract a full uint256 from a field element and the n-th set of diff --git a/zeth_contracts/contracts/LGroth16AltBN128.sol b/zeth_contracts/contracts/LibGroth16AltBN128.sol similarity index 96% rename from zeth_contracts/contracts/LGroth16AltBN128.sol rename to zeth_contracts/contracts/LibGroth16AltBN128.sol index 337cb8d6c..2de984772 100644 --- a/zeth_contracts/contracts/LGroth16AltBN128.sol +++ b/zeth_contracts/contracts/LibGroth16AltBN128.sol @@ -4,7 +4,7 @@ pragma solidity ^0.8.0; -library LGroth16AltBN128 +library LibGroth16AltBN128 { // The structure of the verification key differs from the reference paper. // It doesn't contain any element of GT, but only elements of G1 and G2 @@ -63,11 +63,11 @@ library LGroth16AltBN128 // vk_x = \sum_{i=0}^{l} a_i * vk.ABC[i], vk_x in G1. // // ORIGINAL CODE: - // LPairing.G1Point memory vk_x = vk.ABC[0]; // a_0 = 1 + // LibPairing.G1Point memory vk_x = vk.ABC[0]; // a_0 = 1 // for (uint256 i = 0; i < input.length; i++) { // vk_x = - // LPairing._addG1(vk_x, - // LPairing._scalarMulG1(vk.ABC[i + 1], input[i])); + // LibPairing._addG1(vk_x, + // LibPairing._scalarMulG1(vk.ABC[i + 1], input[i])); // } // // The linear combination loop was the biggest cost center of the mixer @@ -112,7 +112,7 @@ library LGroth16AltBN128 let g := sub(gas(), 2000) // Compute starting slot of vk data. - mstore(pad, vk.slot) + mstore(pad, 0x20) // TO REMOVE vk_slot_num := keccak256(pad, 0x20) let abc_slot_num := add(vk_slot_num, 0x0a) @@ -169,7 +169,7 @@ library LGroth16AltBN128 // e(vk_x, -g2) * e(vk.Alpha, vk.Minus_Beta) * // e(negate(Proof.A), Proof.B) * e(Proof.C, vk.Minus_Delta) == 1 // - // See LPairing.pairing(). + // See LibPairing.pairing(). // Note terms have been re-ordered since vk_x is already at offset // 0x00. Memory is laid out: // diff --git a/zeth_contracts/contracts/LGroth16BLS12_377.sol b/zeth_contracts/contracts/LibGroth16BLS12_377.sol similarity index 99% rename from zeth_contracts/contracts/LGroth16BLS12_377.sol rename to zeth_contracts/contracts/LibGroth16BLS12_377.sol index 6d8413d86..be8c5f399 100644 --- a/zeth_contracts/contracts/LGroth16BLS12_377.sol +++ b/zeth_contracts/contracts/LibGroth16BLS12_377.sol @@ -4,7 +4,7 @@ pragma solidity ^0.8.0; -library LGroth16BLS12_377 +library LibGroth16BLS12_377 { // Fr elements occupy 1 uint256, and Fq elements occupy 2 uint256s. // Therefore G1 elements occupy 4 uint256s. G2 elements have coordinates in @@ -94,7 +94,7 @@ library LGroth16BLS12_377 let g := sub(gas(), 2000) // Compute starting slot of the vk data and abc data. - mstore(pad, vk.slot) + mstore(pad, 0x20) // TO REMOVE vk_slot_num := keccak256(pad, 0x20) let abc_slot_num := add(vk_slot_num, 0x14) diff --git a/zeth_contracts/contracts/LMiMC31.sol b/zeth_contracts/contracts/LibMiMC31.sol similarity index 98% rename from zeth_contracts/contracts/LMiMC31.sol rename to zeth_contracts/contracts/LibMiMC31.sol index a4ec73b85..9239cff13 100644 --- a/zeth_contracts/contracts/LMiMC31.sol +++ b/zeth_contracts/contracts/LibMiMC31.sol @@ -23,8 +23,8 @@ pragma solidity ^0.8.0; /// e (exponent) = 31, so that e=2^t-1 (t=5) and 1 == gcd(e, r-1) /// rounds = 51 /// -/// See LMiMC7.sol for details. -library LMiMC31 +/// See LibMiMC7.sol for details. +library LibMiMC31 { function _hash(bytes32 x, bytes32 y) internal pure returns(bytes32 out) { // Round function (see [AGRRT16]): diff --git a/zeth_contracts/contracts/LMiMC7.sol b/zeth_contracts/contracts/LibMiMC7.sol similarity index 99% rename from zeth_contracts/contracts/LMiMC7.sol rename to zeth_contracts/contracts/LibMiMC7.sol index 4f74831b7..a7a4cd3b8 100644 --- a/zeth_contracts/contracts/LMiMC7.sol +++ b/zeth_contracts/contracts/LibMiMC7.sol @@ -16,7 +16,7 @@ pragma solidity ^0.8.0; /// Section: "Miyaguchi–Preneel" // solhint-disable-next-line max-line-length /// -library LMiMC7 +library LibMiMC7 { function _hash(bytes32 x, bytes32 y) internal pure returns (bytes32 out) { // See [AGRRT16]: diff --git a/zeth_contracts/contracts/LOTSchnorrVerifier.sol b/zeth_contracts/contracts/LibOTSchnorrVerifier.sol similarity index 83% rename from zeth_contracts/contracts/LOTSchnorrVerifier.sol rename to zeth_contracts/contracts/LibOTSchnorrVerifier.sol index f277d7a5a..041dee97e 100644 --- a/zeth_contracts/contracts/LOTSchnorrVerifier.sol +++ b/zeth_contracts/contracts/LibOTSchnorrVerifier.sol @@ -11,7 +11,7 @@ pragma solidity ^0.8.0; /// Mihir Bellare, Sarah Shoup, /// International Workshop on Public Key Cryptography, 2007, /// -library LOTSchnorrVerifier { +library LibOTSchnorrVerifier { function _verify( uint256 vk0, @@ -30,17 +30,17 @@ library LOTSchnorrVerifier { // abi.encodePacked(vk[2], vk[3], hashToBeSigned)); // uint256 h = uint256(h_bytes); // - // // X = g^{x}, where g represents a generator of the cyclic group G - // LPairing.G1Point memory X = LPairing.G1Point(vk[0], vk[1]); + // // X = g^{x}, where g is a generator of the cyclic group G + // LibPairing.G1Point memory X = LibPairing.G1Point(vk[0], vk[1]); // // Y = g^{y} - // LPairing.G1Point memory Y = LPairing.G1Point(vk[2], vk[3]); + // LibPairing.G1Point memory Y = LibPairing.G1Point(vk[2], vk[3]); // // // S = g^{sigma} - // LPairing.G1Point memory S = LPairing._scalarMulG1( - // LPairing._genG1(), sigma); + // LibPairing.G1Point memory S = + // LibPairing._scalarMulG1(LibPairing._genG1(), sigma); // // S_comp = g^{y + xh} - // LPairing.G1Point memory S_comp = LPairing._addG1(Y, - // LPairing._scalarMulG1(X, h)); + // LibPairing.G1Point memory S_comp = + // LibPairing._addG1(Y, LibPairing._scalarMulG1(X, h)); // // // Check that g^{sigma} == g^{y + xh} // return (S.X == S_comp.X && S.Y == S_comp.Y); @@ -90,7 +90,7 @@ library LOTSchnorrVerifier { // 0x40 // 0x20 (Y + h.X)[1] // 0x00 (Y + h.X)[0] - // copy _genG1 and sigma (see LPairing.sol for values) + // copy _genG1 and sigma (see LibPairing.sol for values) mstore(add(pad, 0x40), 1) mstore(add(pad, 0x60), 2) diff --git a/zeth_contracts/contracts/LPairing.sol b/zeth_contracts/contracts/LibPairing.sol similarity index 99% rename from zeth_contracts/contracts/LPairing.sol rename to zeth_contracts/contracts/LibPairing.sol index e1709d4db..f09064c26 100644 --- a/zeth_contracts/contracts/LPairing.sol +++ b/zeth_contracts/contracts/LibPairing.sol @@ -13,7 +13,7 @@ pragma solidity ^0.8.0; /// gas and costs: // solhint-disable-next-line /// https://github.com/ethereum/go-ethereum/blob/master/params/protocol_params.go -library LPairing { +library LibPairing { struct G1Point { uint256 X; diff --git a/zeth_contracts/contracts/MixerGroth16AltBN128.sol b/zeth_contracts/contracts/MixerGroth16AltBN128.sol index 676e4cde0..7fc4953d5 100644 --- a/zeth_contracts/contracts/MixerGroth16AltBN128.sol +++ b/zeth_contracts/contracts/MixerGroth16AltBN128.sol @@ -4,12 +4,12 @@ pragma solidity ^0.8.0; -import "./BaseMixerAltBN128.sol"; -import "./LGroth16AltBN128.sol"; +import "./AbstractMixerAltBN128.sol"; +import "./LibGroth16AltBN128.sol"; -/// Instance of BaseMixerAltBN128 implementing the Groth16 verifier for the +/// Instance of AbstractMixerAltBN128 implementing the Groth16 verifier for the /// alt-bn128 pairing. -contract MixerGroth16AltBN128 is BaseMixerAltBN128 +contract MixerGroth16AltBN128 is AbstractMixerAltBN128 { constructor( uint256 mkDepth, @@ -18,7 +18,7 @@ contract MixerGroth16AltBN128 is BaseMixerAltBN128 address permittedDispatcher, uint256[2] memory vkHash ) - BaseMixerAltBN128(mkDepth, token, vk, permittedDispatcher, vkHash) + AbstractMixerAltBN128(mkDepth, token, vk, permittedDispatcher, vkHash) { } @@ -34,6 +34,6 @@ contract MixerGroth16AltBN128 is BaseMixerAltBN128 // expected by the verifier. uint256[] memory inputValues = new uint256[](1); inputValues[0] = publicInputsHash; - return LGroth16AltBN128._verify(_vk, proof, inputValues); + return LibGroth16AltBN128._verify(_vk, proof, inputValues); } } diff --git a/zeth_contracts/contracts/MixerGroth16BLS12_377.sol b/zeth_contracts/contracts/MixerGroth16BLS12_377.sol index ae38b58c0..9226e09ef 100644 --- a/zeth_contracts/contracts/MixerGroth16BLS12_377.sol +++ b/zeth_contracts/contracts/MixerGroth16BLS12_377.sol @@ -4,12 +4,12 @@ pragma solidity ^0.8.0; -import "./LGroth16BLS12_377.sol"; -import "./BaseMixerBLS12_377.sol"; +import "./LibGroth16BLS12_377.sol"; +import "./AbstractMixerBLS12_377.sol"; -// Instance of BaseMixerBLS12_377 implementing the Groth16 verifier for the +// Instance of AbstractMixerBLS12_377 implementing the Groth16 verifier for the // bls12-377 pairing. -contract MixerGroth16BLS12_377 is BaseMixerBLS12_377 +contract MixerGroth16BLS12_377 is AbstractMixerBLS12_377 { constructor( uint256 mkDepth, @@ -18,7 +18,7 @@ contract MixerGroth16BLS12_377 is BaseMixerBLS12_377 address permittedDispatcher, uint256[2] memory vkHash ) - BaseMixerBLS12_377(mkDepth, token, vk, permittedDispatcher, vkHash) + AbstractMixerBLS12_377(mkDepth, token, vk, permittedDispatcher, vkHash) { } @@ -34,6 +34,6 @@ contract MixerGroth16BLS12_377 is BaseMixerBLS12_377 // expected by the verifier. uint256[] memory input_values = new uint256[](1); input_values[0] = publicInputsHash; - return LGroth16BLS12_377._verify(_vk, proof, input_values); + return LibGroth16BLS12_377._verify(_vk, proof, input_values); } } diff --git a/zeth_contracts/contracts/MixerPghr13AltBN128.sol b/zeth_contracts/contracts/MixerPghr13AltBN128.sol index 577b7285d..afecee2a9 100644 --- a/zeth_contracts/contracts/MixerPghr13AltBN128.sol +++ b/zeth_contracts/contracts/MixerPghr13AltBN128.sol @@ -4,31 +4,31 @@ pragma solidity ^0.8.0; -import "./LPairing.sol"; -import "./BaseMixerAltBN128.sol"; +import "./LibPairing.sol"; +import "./AbstractMixerAltBN128.sol"; -contract MixerPghr13AltBN128 is BaseMixerAltBN128 +contract MixerPghr13AltBN128 is AbstractMixerAltBN128 { struct VerifyingKey { - LPairing.G2Point A; - LPairing.G1Point B; - LPairing.G2Point C; - LPairing.G2Point gamma; - LPairing.G1Point gammaBeta1; - LPairing.G2Point gammaBeta2; - LPairing.G2Point Z; - LPairing.G1Point[] IC; + LibPairing.G2Point A; + LibPairing.G1Point B; + LibPairing.G2Point C; + LibPairing.G2Point gamma; + LibPairing.G1Point gammaBeta1; + LibPairing.G2Point gammaBeta2; + LibPairing.G2Point Z; + LibPairing.G1Point[] IC; } struct Proof { - LPairing.G1Point A; - LPairing.G1Point A_p; - LPairing.G2Point B; - LPairing.G1Point B_p; - LPairing.G1Point C; - LPairing.G1Point C_p; - LPairing.G1Point K; - LPairing.G1Point H; + LibPairing.G1Point A; + LibPairing.G1Point A_p; + LibPairing.G2Point B; + LibPairing.G1Point B_p; + LibPairing.G1Point C; + LibPairing.G1Point C_p; + LibPairing.G1Point K; + LibPairing.G1Point H; } constructor( @@ -38,7 +38,7 @@ contract MixerPghr13AltBN128 is BaseMixerAltBN128 address permittedDispatcher, uint256[2] memory vkHash ) - BaseMixerAltBN128(mkDepth, token, vk, permittedDispatcher, vkHash) + AbstractMixerAltBN128(mkDepth, token, vk, permittedDispatcher, vkHash) { uint256 vk_words = vk.length; require(vk_words >= 26, "invalid vk length"); @@ -58,16 +58,16 @@ contract MixerPghr13AltBN128 is BaseMixerAltBN128 uint256 ic_length = (vk_words - 24) / 2; VerifyingKey memory vk; - vk.IC = new LPairing.G1Point[](ic_length); - vk.A = LPairing.G2Point(_vk[0], _vk[1], _vk[2], _vk[3]); - vk.B = LPairing.G1Point(_vk[4], _vk[5]); - vk.C = LPairing.G2Point(_vk[6], _vk[7], _vk[8], _vk[9]); - vk.gamma = LPairing.G2Point(_vk[10], _vk[11], _vk[12], _vk[13]); - vk.gammaBeta1 = LPairing.G1Point(_vk[14], _vk[15]); - vk.gammaBeta2 = LPairing.G2Point(_vk[16], _vk[17], _vk[18], _vk[19]); - vk.Z = LPairing.G2Point(_vk[20], _vk[21], _vk[22], _vk[23]); + vk.IC = new LibPairing.G1Point[](ic_length); + vk.A = LibPairing.G2Point(_vk[0], _vk[1], _vk[2], _vk[3]); + vk.B = LibPairing.G1Point(_vk[4], _vk[5]); + vk.C = LibPairing.G2Point(_vk[6], _vk[7], _vk[8], _vk[9]); + vk.gamma = LibPairing.G2Point(_vk[10], _vk[11], _vk[12], _vk[13]); + vk.gammaBeta1 = LibPairing.G1Point(_vk[14], _vk[15]); + vk.gammaBeta2 = LibPairing.G2Point(_vk[16], _vk[17], _vk[18], _vk[19]); + vk.Z = LibPairing.G2Point(_vk[20], _vk[21], _vk[22], _vk[23]); for (uint256 i = 24; i < vk_words ; i += 2) { - vk.IC[(i-24)/2] = LPairing.G1Point(_vk[i], _vk[i+1]); + vk.IC[(i-24)/2] = LibPairing.G1Point(_vk[i], _vk[i+1]); } // |I_{in}| == input.length, and vk.IC also contains A_0(s). Thus @@ -87,32 +87,32 @@ contract MixerPghr13AltBN128 is BaseMixerAltBN128 // // |I_{in}| = n here as we assume that we have a vector x of inputs of // size n. - LPairing.G1Point memory vk_x = LPairing.G1Point(0, 0); + LibPairing.G1Point memory vk_x = LibPairing.G1Point(0, 0); for (uint256 i = 0; i < inputs.length; i++) { - vk_x = LPairing._addG1(vk_x, - LPairing._scalarMulG1(vk.IC[i + 1], inputs[i])); + vk_x = LibPairing._addG1(vk_x, + LibPairing._scalarMulG1(vk.IC[i + 1], inputs[i])); } - vk_x = LPairing._addG1(vk_x, vk.IC[0]); + vk_x = LibPairing._addG1(vk_x, vk.IC[0]); // 2. Check the validity of knowledge commitments for A, B, C // e(π_A, vk_A) = e(π′A, _genG2), e(vk_B, π_B) // = e(π′_B, _genG2), e(vk_C, π_C) // = e(π′_C, _genG2), - if (!LPairing._pairingProd2( + if (!LibPairing._pairingProd2( proof.A, vk.A, - LPairing._negateG2(proof.A_p), LPairing._genG2()) + LibPairing._negateG2(proof.A_p), LibPairing._genG2()) ) { return 1; } - if (!LPairing._pairingProd2( + if (!LibPairing._pairingProd2( vk.B, proof.B, - LPairing._negateG2(proof.B_p), LPairing._genG2()) + LibPairing._negateG2(proof.B_p), LibPairing._genG2()) ) { return 2; } - if (!LPairing._pairingProd2( + if (!LibPairing._pairingProd2( proof.C, vk.C, - LPairing._negateG2(proof.C_p), LPairing._genG2()) + LibPairing._negateG2(proof.C_p), LibPairing._genG2()) ) { return 3; } @@ -120,13 +120,13 @@ contract MixerPghr13AltBN128 is BaseMixerAltBN128 // 3. Check same coefficients were used // e(π_K, vk_γ) = e(vk_x + π_A + π_C, vk_{γβ2}) · e(vk_{γβ1}, π_B) - bool pairing_check = LPairing._pairingProd3( + bool pairing_check = LibPairing._pairingProd3( proof.K, vk.gamma, - LPairing._negateG2(LPairing._addG1(vk_x, - LPairing._addG1(proof.A, proof.C))), + LibPairing._negateG2(LibPairing._addG1(vk_x, + LibPairing._addG1(proof.A, proof.C))), vk.gammaBeta2, - LPairing._negateG2(vk.gammaBeta1), + LibPairing._negateG2(vk.gammaBeta1), proof.B); if (!pairing_check) { return 4; @@ -134,13 +134,13 @@ contract MixerPghr13AltBN128 is BaseMixerAltBN128 // 4. Check QAP divisibility // e(vk_x + π_A, π_B) = e(π_H, vk_Z) · e(π_C, _genG2) - pairing_check = LPairing._pairingProd3( - LPairing._addG1(vk_x, proof.A), + pairing_check = LibPairing._pairingProd3( + LibPairing._addG1(vk_x, proof.A), proof.B, - LPairing._negateG2(proof.H), + LibPairing._negateG2(proof.H), vk.Z, - LPairing._negateG2(proof.C), - LPairing._genG2()); + LibPairing._negateG2(proof.C), + LibPairing._genG2()); if (!pairing_check) { return 5; } @@ -162,15 +162,15 @@ contract MixerPghr13AltBN128 is BaseMixerAltBN128 // Slightly redundant Proof memory proof; - proof.A = LPairing.G1Point(proofData[0], proofData[1]); - proof.A_p = LPairing.G1Point(proofData[2], proofData[3]); - proof.B = LPairing.G2Point( + proof.A = LibPairing.G1Point(proofData[0], proofData[1]); + proof.A_p = LibPairing.G1Point(proofData[2], proofData[3]); + proof.B = LibPairing.G2Point( proofData[4], proofData[5], proofData[6], proofData[7]); - proof.B_p = LPairing.G1Point(proofData[8], proofData[9]); - proof.C = LPairing.G1Point(proofData[10], proofData[11]); - proof.C_p = LPairing.G1Point(proofData[12], proofData[13]); - proof.H = LPairing.G1Point(proofData[14], proofData[15]); - proof.K = LPairing.G1Point(proofData[16], proofData[17]); + proof.B_p = LibPairing.G1Point(proofData[8], proofData[9]); + proof.C = LibPairing.G1Point(proofData[10], proofData[11]); + proof.C_p = LibPairing.G1Point(proofData[12], proofData[13]); + proof.H = LibPairing.G1Point(proofData[14], proofData[15]); + proof.K = LibPairing.G1Point(proofData[16], proofData[17]); require( publicInputsHash < r, diff --git a/zeth_contracts/contracts/TestBLS12_377.sol b/zeth_contracts/contracts/TestBLS12_377.sol index 0aa682962..9326d4fb9 100644 --- a/zeth_contracts/contracts/TestBLS12_377.sol +++ b/zeth_contracts/contracts/TestBLS12_377.sol @@ -16,7 +16,7 @@ contract TestBLS12_377 uint256 private constant _G2_POINT_WORDS = 2 * _G2_COORD_WORDS; /// `input` is the concatenation of 2 encoded points in G1 - function ecAddTest(bytes32[2 * _G1_POINT_WORDS] memory input) + function testECAdd(bytes32[2 * _G1_POINT_WORDS] memory input) external returns(bytes32[_G1_POINT_WORDS] memory) { @@ -32,7 +32,7 @@ contract TestBLS12_377 } /// `input` is an encoded point in G1, followed by an encoded scalar. - function ecMulTest(bytes32[_G1_POINT_WORDS + _SCALAR_WORDS] memory input) + function testECMul(bytes32[_G1_POINT_WORDS + _SCALAR_WORDS] memory input) external returns(bytes32[_G1_POINT_WORDS] memory) { @@ -50,7 +50,7 @@ contract TestBLS12_377 /// `input` is the concatenation of 4 pairs of encoded points. Each pair is /// a G1 point, followed by a G2 point. For BW6-761, both of these points /// are 6 words, so there should be 4 * 2 * 6 = 48 words. - function ecPairingTest( + function testECPairing( bytes32[4 * (_G1_POINT_WORDS + _G2_POINT_WORDS)] memory input ) external diff --git a/zeth_contracts/contracts/TestBW6_761.sol b/zeth_contracts/contracts/TestBW6_761.sol index be885c092..6638b1497 100644 --- a/zeth_contracts/contracts/TestBW6_761.sol +++ b/zeth_contracts/contracts/TestBW6_761.sol @@ -14,7 +14,7 @@ contract TestBW6_761 uint256 private constant _POINT_WORDS = 2 * _COORD_WORDS; /// `input` is the concatenation of 2 encoded points in G1 - function ecAddTest(bytes32[2 * _POINT_WORDS] memory input) + function testECAdd(bytes32[2 * _POINT_WORDS] memory input) external returns (bytes32[_POINT_WORDS] memory) { bytes32[_POINT_WORDS] memory output; @@ -29,7 +29,7 @@ contract TestBW6_761 } // `input` is an encoded point, followed by an encoded scalar. - function ecMulTest(bytes32[_POINT_WORDS + _SCALAR_WORDS] memory input) + function testECMul(bytes32[_POINT_WORDS + _SCALAR_WORDS] memory input) external returns (bytes32[_POINT_WORDS] memory) { bytes32[_POINT_WORDS] memory output; @@ -46,7 +46,7 @@ contract TestBW6_761 // `input` is the concatenation of 4 pairs of encoded points. Each pair is // a G1 point, followed by a G2 point. For BW6-761, both of these points // are 6 words, so there should be 4 * 2 * 6 = 48 words ( - function ecPairingTest(bytes32[8 * _POINT_WORDS] memory input) + function testECPairing(bytes32[8 * _POINT_WORDS] memory input) external returns (uint256) { uint256[1] memory output; diff --git a/zeth_contracts/contracts/TestBaseMixerAltBN128.sol b/zeth_contracts/contracts/TestBaseMixerAltBN128.sol index bd58c6db1..84634227d 100644 --- a/zeth_contracts/contracts/TestBaseMixerAltBN128.sol +++ b/zeth_contracts/contracts/TestBaseMixerAltBN128.sol @@ -4,19 +4,19 @@ pragma solidity ^0.8.0; -import "./BaseMixerAltBN128.sol"; +import "./AbstractMixerAltBN128.sol"; -// Implementation of BaseMixerAltBN128 contract, to allow testing +// Implementation of AbstractMixerAltBN128 contract, to allow testing // specific methods. -contract TestBaseMixerAltBN128 is BaseMixerAltBN128 +contract TestAbstractMixerAltBN128 is AbstractMixerAltBN128 { constructor( uint256 mkDepth, address permittedDispatcher, uint256[2] memory vkHash ) - BaseMixerAltBN128( + AbstractMixerAltBN128( mkDepth, address(0), new uint256[](0), @@ -25,7 +25,7 @@ contract TestBaseMixerAltBN128 is BaseMixerAltBN128 { } - function hashPublicProofDataTest( + function testHashPublicProofData( uint256[_NUM_INPUTS] memory publicData ) external @@ -34,7 +34,7 @@ contract TestBaseMixerAltBN128 is BaseMixerAltBN128 return _hashPublicProofData(publicData); } - function assemblePublicValuesTest(uint256 residualBits) + function testAssemblePublicValues(uint256 residualBits) external pure returns (uint256 vpub_in, uint256 vpub_out) @@ -42,7 +42,7 @@ contract TestBaseMixerAltBN128 is BaseMixerAltBN128 return _assemblePublicValues(residualBits); } - function assembleHsigTest( + function testAssembleHsig( uint256[_NUM_INPUTS] memory primaryInputs ) external @@ -52,7 +52,7 @@ contract TestBaseMixerAltBN128 is BaseMixerAltBN128 return _assembleHsig(primaryInputs); } - function assembleNullifierTest( + function testAssembleNullifier( uint256 index, uint256[_NUM_INPUTS] memory primaryInputs ) diff --git a/zeth_contracts/contracts/TestGroth16BLS12_377.sol b/zeth_contracts/contracts/TestGroth16BLS12_377.sol index 2883dbca2..adc0f2097 100644 --- a/zeth_contracts/contracts/TestGroth16BLS12_377.sol +++ b/zeth_contracts/contracts/TestGroth16BLS12_377.sol @@ -4,13 +4,13 @@ pragma solidity ^0.8.0; -import "./LGroth16BLS12_377.sol"; +import "./LibGroth16BLS12_377.sol"; contract TestGroth16BLS12_377 { uint256[] private _vk; - function verifyTest( + function testVerify( uint256[] memory vk, uint256[] memory proof, uint256[] memory inputs @@ -19,6 +19,6 @@ contract TestGroth16BLS12_377 returns(bool) { _vk = vk; - return LGroth16BLS12_377._verify(_vk, proof, inputs); + return LibGroth16BLS12_377._verify(_vk, proof, inputs); } } diff --git a/zeth_contracts/contracts/TestMerkleTreeMiMC7.sol b/zeth_contracts/contracts/TestMerkleTreeMiMC7.sol index 362647402..4d69f9524 100644 --- a/zeth_contracts/contracts/TestMerkleTreeMiMC7.sol +++ b/zeth_contracts/contracts/TestMerkleTreeMiMC7.sol @@ -4,8 +4,8 @@ pragma solidity ^0.8.0; -import "./BaseMerkleTree.sol"; -import "./LMiMC7.sol"; +import "./AbstractMerkleTree.sol"; +import "./LibMiMC7.sol"; /// The Merkle tree implementation must trade-off complexity, storage, /// initialization cost, and update & root computation cost. @@ -13,9 +13,9 @@ import "./LMiMC7.sol"; /// This implementation stores all leaves and nodes, skipping those that have /// not been populated yet. The final entry in each layer stores that layer's /// default value. -contract TestMerkleTreeMiMC7 is BaseMerkleTree +contract TestMerkleTreeMiMC7 is AbstractMerkleTree { - constructor(uint treeDepth) BaseMerkleTree(treeDepth) + constructor(uint treeDepth) AbstractMerkleTree(treeDepth) { } @@ -23,7 +23,7 @@ contract TestMerkleTreeMiMC7 is BaseMerkleTree /// recomputing the root. Returns the full set of nodes at the end. This /// allows testing of the update code paths for any starting / finishing /// state combination. - function addLeavesTest( + function testAddLeaves( bytes32[] memory first, bytes32[] memory second ) @@ -42,13 +42,13 @@ contract TestMerkleTreeMiMC7 is BaseMerkleTree return root; } - /// Use LMiMC7 as the Merkle tree hash function. + /// Use MiMC7 as the Merkle tree hash function. function _hash(bytes32 left, bytes32 right) internal pure override returns(bytes32) { - return LMiMC7._hash(left, right); + return LibMiMC7._hash(left, right); } } diff --git a/zeth_contracts/contracts/TestMiMC.sol b/zeth_contracts/contracts/TestMiMC.sol index b6d534908..fd0e4168d 100644 --- a/zeth_contracts/contracts/TestMiMC.sol +++ b/zeth_contracts/contracts/TestMiMC.sol @@ -4,19 +4,19 @@ pragma solidity ^0.8.0; -import "./LMiMC7.sol"; -import "./LMiMC31.sol"; +import "./LibMiMC7.sol"; +import "./LibMiMC31.sol"; /// Contract to test the MiMC libraries contract TestMiMC { - /// Test function for LMiMC7 - function mimc7Test(bytes32 x, bytes32 y) external pure returns (bytes32) { - return LMiMC7._hash(x, y); + /// Test function for LibMiMC7 + function testMimc7(bytes32 x, bytes32 y) external pure returns (bytes32) { + return LibMiMC7._hash(x, y); } - /// Test function for LMiMC31 - function mimc31Test(bytes32 x, bytes32 y) external pure returns (bytes32) { - return LMiMC31._hash(x, y); + /// Test function for LibMiMC31 + function testMimc31(bytes32 x, bytes32 y) external pure returns (bytes32) { + return LibMiMC31._hash(x, y); } }