| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172 |
- include "../node_modules/circomlib/circuits/poseidon.circom";
- include "../node_modules/circomlib/circuits/bitify.circom";
- // Computes Poseidon([left, right])
- template HashLeftRight() {
- signal input left;
- signal input right;
- signal output hash;
- component hasher = Poseidon(2);
- hasher.inputs[0] <== left;
- hasher.inputs[1] <== right;
- hash <== hasher.out;
- }
- // if s == 0 returns [in[0], in[1]]
- // if s == 1 returns [in[1], in[0]]
- template DualMux() {
- signal input in[2];
- signal input s;
- signal output out[2];
- s * (1 - s) === 0;
- out[0] <== (in[1] - in[0])*s + in[0];
- out[1] <== (in[0] - in[1])*s + in[1];
- }
- // Verifies that merkle proof is correct for given merkle root and a leaf
- // pathIndices input is an array of 0/1 selectors telling whether given pathElement is on the left or right side of merkle path
- template RawMerkleTree(levels) {
- signal input leaf;
- signal input pathElements[levels];
- signal input pathIndices[levels];
- signal output root;
- component selectors[levels];
- component hashers[levels];
- for (var i = 0; i < levels; i++) {
- selectors[i] = DualMux();
- selectors[i].in[0] <== i == 0 ? leaf : hashers[i - 1].hash;
- selectors[i].in[1] <== pathElements[i];
- selectors[i].s <== pathIndices[i];
- hashers[i] = HashLeftRight();
- hashers[i].left <== selectors[i].out[0];
- hashers[i].right <== selectors[i].out[1];
- }
- root <== hashers[levels - 1].hash;
- }
- template MerkleTree(levels) {
- signal input leaf;
- signal input pathElements[levels];
- signal input pathIndices;
- signal output root;
- component indexBits = Num2Bits(levels);
- indexBits.in <== pathIndices;
- component tree = RawMerkleTree(levels)
- tree.leaf <== leaf;
- for (var i = 0; i < levels; i++) {
- tree.pathIndices[i] <== indexBits.out[i];
- tree.pathElements[i] <== pathElements[i];
- }
- root <== tree.root
- }
|
