feat: implements burn circuit (#56)

* feat: implements burn circuit

* test: adds burn circuit tests

* removes burn user

* Add burn verifier (#57)

* feat: add burn verifier

* feat: deploy verifiers script updated with burn verifier

---------

Co-authored-by: Furkan Boyraz <[email protected]>
Co-authored-by: Faedon <[email protected]>

Author: 3 people

circom/build/burn/burn.wasm

@@ -0,0 +1,184 @@
+{
+ "protocol": "groth16",
+ "curve": "bn128",
+ "nPublic": 19,
+ "vk_alpha_1": [
+  "20491192805390485299153009773594534940189261866228447918068658471970481763042",
+  "9383485363053290200918347156157836566562967994039712273449902621266178545958",
+  "1"
+ ],
+ "vk_beta_2": [
+  [
+   "6375614351688725206403948262868962793625744043794305715222011528459656738731",
+   "4252822878758300859123897981450591353533073413197771768651442665752259397132"
+  ],
+  [
+   "10505242626370262277552901082094356697409835680220590971873171140371331206856",
+   "21847035105528745403288232691147584728191162732299865338377159692350059136679"
+  ],
+  [
+   "1",
+   "0"
+  ]
+ ],
+ "vk_gamma_2": [
+  [
+   "10857046999023057135944570762232829481370756359578518086990519993285655852781",
+   "11559732032986387107991004021392285783925812861821192530917403151452391805634"
+  ],
+  [
+   "8495653923123431417604973247489272438418190587263600148770280649306958101930",
+   "4082367875863433681332203403145435568316851327593401208105741076214120093531"
+  ],
+  [
+   "1",
+   "0"
+  ]
+ ],
+ "vk_delta_2": [
+  [
+   "17951494579165795533532847235529611089521789751209994758862962564682445617412",
+   "20500123508036250241732436039045855491142840147741568076165900093824331281316"
+  ],
+  [
+   "15268404118840851015046775717571916089738924216088942953684197626467386210997",
+   "5834387578477044714458263369208539598498352288497332887384107712494722576583"
+  ],
+  [
+   "1",
+   "0"
+  ]
+ ],
+ "vk_alphabeta_12": [
+  [
+   [
+    "2029413683389138792403550203267699914886160938906632433982220835551125967885",
+    "21072700047562757817161031222997517981543347628379360635925549008442030252106"
+   ],
+   [
+    "5940354580057074848093997050200682056184807770593307860589430076672439820312",
+    "12156638873931618554171829126792193045421052652279363021382169897324752428276"
+   ],
+   [
+    "7898200236362823042373859371574133993780991612861777490112507062703164551277",
+    "7074218545237549455313236346927434013100842096812539264420499035217050630853"
+   ]
+  ],
+  [
+   [
+    "7077479683546002997211712695946002074877511277312570035766170199895071832130",
+    "10093483419865920389913245021038182291233451549023025229112148274109565435465"
+   ],
+   [
+    "4595479056700221319381530156280926371456704509942304414423590385166031118820",
+    "19831328484489333784475432780421641293929726139240675179672856274388269393268"
+   ],
+   [
+    "11934129596455521040620786944827826205713621633706285934057045369193958244500",
+    "8037395052364110730298837004334506829870972346962140206007064471173334027475"
+   ]
+  ]
+ ],
+ "IC": [
+  [
+   "11786268729161045937652164714990691490770027441460947932012316631529733292940",
+   "9581132102330540074693305331254898451475664668584360899026097918947512977366",
+   "1"
+  ],
+  [
+   "914822366018062648285730205402683692599853766866159406178623354781735659599",
+   "8553697750564092712813746981763759579862680918228138684307182805192139236520",
+   "1"
+  ],
+  [
+   "17908121343774581376092646765067170799970925894057937307165335210962871507135",
+   "6739483966006459958647545663755815825611388802168101513616676265213547687212",
+   "1"
+  ],
+  [
+   "143359351657650308208480824138891765346610788279862658068353643164441844115",
+   "1688658345879791302522420761526578526163188876279486731177660400972657648742",
+   "1"
+  ],
+  [
+   "18309718863517978042660293994537440591428742486455947599492279373595114219500",
+   "3543366565414834921232477531525858456841505305202548147687587105557694958104",
+   "1"
+  ],
+  [
+   "2179968961403977829543241099157331775731416225717055667057125732267317798366",
+   "14579564811228528586131093319854876770716135551807922280189147940915226636750",
+   "1"
+  ],
+  [
+   "12128037778350917133400346467296434075039661406517118820895803963198786951800",
+   "12810377956478161485381774828600271058686148075894654796038454545352947160776",
+   "1"
+  ],
+  [
+   "9593873745453136272405518724864540111195676150385738265238288297101461351389",
+   "18140226050853380485925948980064648409518762214351351505488025177062130412015",
+   "1"
+  ],
+  [
+   "5344462067192893979551241744484644250693230460027867247351105468329395690915",
+   "2435072349815413116277252545573449685604686772441816336584542983683379409914",
+   "1"
+  ],
+  [
+   "15867459271796662494529143386082298582993967528167005628586571617103329782767",
+   "1031216327552632558464991513003642749331915406636029936411939647607628738052",
+   "1"
+  ],
+  [
+   "11710830742293210758218398274130454937288722189717294688374583983853957500247",
+   "18095934287133238566717320534781010028273178446261522698705303702525394211898",
+   "1"
+  ],
+  [
+   "5451223849987641096615559250356903902465481513182931751171182631482949381911",
+   "6791511973211811945927811502706661666842895298126970397039460184655612620453",
+   "1"
+  ],
+  [
+   "12576390828389735220141209658777087276380270144557056528857559882798323629447",
+   "19191122649652045476856774223103624470066531140701020233373995430155185392289",
+   "1"
+  ],
+  [
+   "3208115974817470421120218397409974778673673537533531169452261659740974257278",
+   "1563495302870822079389756646952495877672019554537528044396737285924026906103",
+   "1"
+  ],
+  [
+   "15803266454704411593372706477399336420388826076293995292354385277988446601281",
+   "14061261779941396671642560007918916383355024387096318566313366433584709024499",
+   "1"
+  ],
+  [
+   "1473892103720096233092115851822223251992401285317974909943916318348184767365",
+   "3670020837101119839757171869792531530222770849398108379916390350369899561438",
+   "1"
+  ],
+  [
+   "8909686676336745813415338575513600352109241710831786249590248291624151036333",
+   "4561980313802046241453616743996179799784948333408123666456078054975402233930",
+   "1"
+  ],
+  [
+   "9644420134970614917918276763660740255881705883613568754990717610748161142338",
+   "6057246608400625128574045490366205109267182635495031148770746354579442521952",
+   "1"
+  ],
+  [
+   "3478588600416828411411103709929443364350875935722379535054531373495869197302",
+   "14312139497598775136457694532354226575027823182198251149840842365373433448408",
+   "1"
+  ],
+  [
+   "16478469522390352876826812932849485876750021274758447084770343652372421581875",
+   "5525105724620928136283079314841429313946285054350434613540639344526895834484",
+   "1"
+  ]
+ ]
+}

circom/build/burn/burn.zkey

@@ -0,0 +1,82 @@
+pragma circom 2.1.9;
+
+include "./components.circom";
+
+template BurnCircuit () {
+    signal input ValueToBurn;
+    
+    signal input SenderPrivateKey;
+    signal input SenderPublicKey[2];
+    signal input SenderBalance;
+    signal input SenderBalanceC1[2];
+    signal input SenderBalanceC2[2];
+
+    signal input SenderVTBC1[2];
+    signal input SenderVTBC2[2];
+
+    signal input AuditorPublicKey[2];
+    signal input AuditorPCT[4];
+    signal input AuditorPCTAuthKey[2];
+    signal input AuditorPCTNonce;
+    signal input AuditorPCTRandom;
+
+    // Verify that the transfer amount is less than or equal to the sender's balance and is less than the base order
+    var baseOrder = 2736030358979909402780800718157159386076813972158567259200215660948447373041;   
+
+    component bitCheck1 = Num2Bits(252);
+    bitCheck1.in <== ValueToBurn;
+
+    component bitCheck2 = Num2Bits(252);
+    bitCheck2.in <== baseOrder;
+
+    component lt = LessThan(252);
+    lt.in[0] <== ValueToBurn;
+    lt.in[1] <== baseOrder;
+    lt.out === 1;
+
+    component bitCheck3 = Num2Bits(252);
+    bitCheck3.in <== SenderBalance + 1;
+
+    component checkValue = LessThan(252);
+    checkValue.in[0] <== ValueToBurn;
+    checkValue.in[1] <== SenderBalance + 1;
+    checkValue.out === 1;
+
+
+    // Verify that the sender's public key is well-formed
+    component checkSenderPK = CheckPublicKey();
+    checkSenderPK.privKey <== SenderPrivateKey;
+    checkSenderPK.pubKey[0] <== SenderPublicKey[0];
+    checkSenderPK.pubKey[1] <== SenderPublicKey[1];
+
+    // Verify that the sender's encrypted balance is well-formed
+    component checkSenderBalance = CheckValue();
+    checkSenderBalance.value <== SenderBalance;
+    checkSenderBalance.privKey <== SenderPrivateKey;
+    checkSenderBalance.valueC1[0] <== SenderBalanceC1[0];
+    checkSenderBalance.valueC1[1] <== SenderBalanceC1[1];
+    checkSenderBalance.valueC2[0] <== SenderBalanceC2[0];
+    checkSenderBalance.valueC2[1] <== SenderBalanceC2[1];
+
+    // Verify that the sender's encrypted value to burn is the burn amount
+    component checkSenderVTB = CheckValue();
+    checkSenderVTB.value <== ValueToBurn;
+    checkSenderVTB.privKey <== SenderPrivateKey;
+    checkSenderVTB.valueC1[0] <== SenderVTBC1[0];
+    checkSenderVTB.valueC1[1] <== SenderVTBC1[1];
+    checkSenderVTB.valueC2[0] <== SenderVTBC2[0];
+    checkSenderVTB.valueC2[1] <== SenderVTBC2[1];
+
+    // Verify auditor's encrypted summary includes the burn amount and is encrypted with the auditor's public key
+    component checkAuditorPCT = CheckPCT();
+    checkAuditorPCT.publicKey[0] <== AuditorPublicKey[0];
+    checkAuditorPCT.publicKey[1] <== AuditorPublicKey[1];
+    checkAuditorPCT.pct <== AuditorPCT;
+    checkAuditorPCT.authKey[0] <== AuditorPCTAuthKey[0];
+    checkAuditorPCT.authKey[1] <== AuditorPCTAuthKey[1];
+    checkAuditorPCT.nonce <== AuditorPCTNonce;
+    checkAuditorPCT.random <== AuditorPCTRandom;
+    checkAuditorPCT.value <== ValueToBurn;
+}
+
+component main { public [ SenderPublicKey, AuditorPublicKey, SenderBalanceC1, SenderBalanceC2, SenderVTBC1, SenderVTBC2, AuditorPCT, AuditorPCTAuthKey, AuditorPCTNonce ] } = BurnCircuit();

circom/build/burn/burn_verification_key.json

@@ -187,6 +187,11 @@ template CheckPublicKey() {
     signal input privKey;
     signal input pubKey[2];
 
+    // Verify the private key is not zero
+    component checkIsZero = IsZero();
+    checkIsZero.in <== privKey;
+    checkIsZero.out === 0;
+
     component checkPoint = BabyCheck();
     checkPoint.x <== pubKey[0];
     checkPoint.y <== pubKey[1];