ZK-818: remove trapdoor (#91)

kroist · web-flow · commit ee2fd0b5d446 · 2025-04-09T11:42:46.000+02:00
diff --git a/crates/shielder-circuits/src/chips/note.rs b/crates/shielder-circuits/src/chips/note.rs
@@ -24,7 +24,6 @@ pub struct Note<T> {
     pub version: NoteVersion,
     pub id: T,
     pub nullifier: T,
-    pub trapdoor: T,
     pub account_balance: T,
     pub token_address: T,
 }
@@ -43,7 +42,6 @@ impl Embed for Note<Value> {
             version: self.version,
             id: self.id.embed(synthesizer, annotation.clone())?,
             nullifier: self.nullifier.embed(synthesizer, annotation.clone())?,
-            trapdoor: self.trapdoor.embed(synthesizer, annotation.clone())?,
             account_balance: self
                 .account_balance
                 .embed(synthesizer, annotation.clone())?,
@@ -72,7 +70,6 @@ pub mod off_circuit {
             note.version.as_field(),
             note.id,
             note.nullifier,
-            note.trapdoor,
             balance_hash,
         ];
 
@@ -101,7 +98,7 @@ impl NoteChip {
 
     /// Calculates the note_hash as follows:
     ///
-    ///   `note_hash = poseidon2(NOTE_VERSION, note.id, note.nullifier, note.trapdoor,
+    ///   `note_hash = poseidon2(NOTE_VERSION, note.id, note.nullifier,
     ///                          poseidon2(note.balance, note.token_address, 0, 0, 0, 0, 0))`
     ///
     /// The reason for the double nesting and for the padding is historical: we keep this hash shape
@@ -126,7 +123,6 @@ impl NoteChip {
             note_version,
             note.id.clone(),
             note.nullifier.clone(),
-            note.trapdoor.clone(),
             h_balance,
         ];
 
@@ -223,7 +219,6 @@ mod tests {
                 version: note.version,
                 id: Value::known(note.id.into()),
                 nullifier: Value::known(note.nullifier.into()),
-                trapdoor: Value::known(note.trapdoor.into()),
                 account_balance: Value::known(note.account_balance.into()),
                 token_address: Value::known(note.token_address.into()),
             })
@@ -281,7 +276,6 @@ mod tests {
                     version: NoteVersion::new(0),
                     id: Value::unknown(),
                     nullifier: Value::unknown(),
-                    trapdoor: Value::unknown(),
                     account_balance: Value::unknown(),
                     token_address: Value::unknown(),
                 }),
@@ -350,17 +344,15 @@ mod tests {
             version: NoteVersion::new(0),
             id: Fr::from(1),
             nullifier: Fr::from(2),
-            trapdoor: Fr::from(3),
-            account_balance: Fr::from(4),
+            account_balance: Fr::from(3),
             token_address,
         });
         let expected_output = hash(&[
             Fr::from(0),
             Fr::from(1),
             Fr::from(2),
-            Fr::from(3),
             hash(&[
-                Fr::from(4),
+                Fr::from(3),
                 token_address,
                 Fr::ZERO,
                 Fr::ZERO,
@@ -380,11 +372,10 @@ mod tests {
             version: NoteVersion::new(0),
             id: Fr::from(1),
             nullifier: Fr::from(2),
-            trapdoor: Fr::from(3),
-            account_balance: Fr::from(4),
-            token_address: Fr::from(5),
+            account_balance: Fr::from(3),
+            token_address: Fr::from(4),
         });
-        let pub_input = [Fr::from(5), Fr::from(999999)];
+        let pub_input = [Fr::from(4), Fr::from(999999)];
 
         let failures = expect_prover_success_and_run_verification(circuit, &pub_input)
             .expect_err("Verification must fail");
@@ -402,9 +393,8 @@ mod tests {
             version: NoteVersion::new(0),
             id: Fr::from(1),
             nullifier: Fr::from(2),
-            trapdoor: Fr::from(3),
-            account_balance: Fr::from(4),
-            token_address: Fr::from(5),
+            account_balance: Fr::from(3),
+            token_address: Fr::from(4),
         };
         let circuit = TestCircuit::note_hash_test(note);
         let pub_input = [Fr::from(999999), super::off_circuit::note_hash(&note)];
diff --git a/crates/shielder-circuits/src/circuits/deposit/chip.rs b/crates/shielder-circuits/src/circuits/deposit/chip.rs
@@ -40,7 +40,6 @@ impl DepositChip {
                 version: NOTE_VERSION,
                 id: knowledge.id.clone(),
                 nullifier: knowledge.nullifier_old.clone(),
-                trapdoor: knowledge.trapdoor_old.clone(),
                 account_balance: knowledge.account_old_balance.clone(),
                 token_address: knowledge.token_address.clone(),
             },
@@ -89,7 +88,6 @@ impl DepositChip {
                 version: NOTE_VERSION,
                 id: knowledge.id.clone(),
                 nullifier: knowledge.nullifier_new.clone(),
-                trapdoor: knowledge.trapdoor_new.clone(),
                 account_balance: account_balance_new,
                 token_address: knowledge.token_address.clone(),
             },
diff --git a/crates/shielder-circuits/src/circuits/deposit/circuit.rs b/crates/shielder-circuits/src/circuits/deposit/circuit.rs
@@ -160,7 +160,6 @@ mod tests {
                 version: NOTE_VERSION,
                 id: pk.id,
                 nullifier: pk.nullifier_old,
-                trapdoor: pk.trapdoor_old,
                 account_balance: pk.account_old_balance,
                 token_address: pk.token_address,
             }) + modification /* Modification here! */;
@@ -178,7 +177,6 @@ mod tests {
                 version: NOTE_VERSION,
                 id: pk.id,
                 nullifier: pk.nullifier_new,
-                trapdoor: pk.trapdoor_new,
                 account_balance: account_balance_new,
                 token_address: pk.token_address,
             });
@@ -219,7 +217,6 @@ mod tests {
             version: NoteVersion::new(0),
             id: pk.id,
             nullifier: pk.nullifier_old,
-            trapdoor: pk.trapdoor_old,
             account_balance: pk.account_old_balance,
             token_address: pk.token_address,
         });
@@ -242,7 +239,6 @@ mod tests {
             Fr::ZERO, // Note version.
             pk.id,
             pk.nullifier_new,
-            pk.trapdoor_new,
             new_balance_hash,
         ]);
         assert_eq!(new_note_hash, pub_input[2]);
diff --git a/crates/shielder-circuits/src/circuits/deposit/knowledge.rs b/crates/shielder-circuits/src/circuits/deposit/knowledge.rs
@@ -28,7 +28,6 @@ pub struct DepositProverKnowledge<T> {
     // Old note
     pub id: T,
     pub nullifier_old: T,
-    pub trapdoor_old: T,
     pub account_old_balance: T,
     pub token_address: T,
 
@@ -37,7 +36,6 @@ pub struct DepositProverKnowledge<T> {
 
     // New note
     pub nullifier_new: T,
-    pub trapdoor_new: T,
 
     // Salt for MAC.
     pub mac_salt: T,
@@ -56,27 +54,23 @@ impl ProverKnowledge for DepositProverKnowledge<Fr> {
         let id = curve_arithmetic::generate_user_id(Fr::random(&mut *rng).to_bytes());
 
         let nullifier_old = Fr::random(&mut *rng);
-        let trapdoor_old = Fr::random(&mut *rng);
         let account_old_balance = Fr::from(10);
         let token_address = Fr::ZERO;
         let h_note_old = note_hash(&Note {
             version: NOTE_VERSION,
             id,
             nullifier: nullifier_old,
-            trapdoor: trapdoor_old,
             account_balance: account_old_balance,
             token_address,
         });
         let (_, path) = generate_example_path_with_given_leaf(h_note_old, &mut *rng);
         Self {
             id,
             nullifier_old,
-            trapdoor_old,
             account_old_balance,
             token_address,
             path,
             nullifier_new: Fr::random(&mut *rng),
-            trapdoor_new: Fr::random(&mut *rng),
             deposit_value: Fr::ONE,
             mac_salt: Fr::random(&mut *rng),
             caller_address: Fr::random(rng),
@@ -85,8 +79,6 @@ impl ProverKnowledge for DepositProverKnowledge<Fr> {
 
     fn create_circuit(&self) -> Self::Circuit {
         DepositCircuit(DepositProverKnowledge {
-            trapdoor_new: Value::known(self.trapdoor_new),
-            trapdoor_old: Value::known(self.trapdoor_old),
             nullifier_new: Value::known(self.nullifier_new),
             nullifier_old: Value::known(self.nullifier_old),
             account_old_balance: Value::known(self.account_old_balance),
@@ -111,7 +103,6 @@ impl PublicInputProvider<DepositInstance> for DepositProverKnowledge<Fr> {
                 version: NOTE_VERSION,
                 id: self.id,
                 nullifier: self.nullifier_new,
-                trapdoor: self.trapdoor_new,
                 account_balance: self.account_old_balance + self.deposit_value,
                 token_address: self.token_address,
             }),
diff --git a/crates/shielder-circuits/src/circuits/new_account/chip.rs b/crates/shielder-circuits/src/circuits/new_account/chip.rs
@@ -44,7 +44,6 @@ impl NewAccountChip {
                 version: NOTE_VERSION,
                 id: knowledge.id.clone(),
                 nullifier: knowledge.nullifier.clone(),
-                trapdoor: knowledge.trapdoor.clone(),
                 account_balance: knowledge.initial_deposit.clone(),
                 token_address: knowledge.token_address.clone(),
             },
diff --git a/crates/shielder-circuits/src/circuits/new_account/circuit.rs b/crates/shielder-circuits/src/circuits/new_account/circuit.rs
@@ -115,7 +115,6 @@ mod tests {
             Fr::ZERO, // Note version.
             pk.id,
             pk.nullifier,
-            pk.trapdoor,
             balance_hash,
         ]);
         assert_eq!(note_hash, pub_input[0]);
diff --git a/crates/shielder-circuits/src/circuits/new_account/knowledge.rs b/crates/shielder-circuits/src/circuits/new_account/knowledge.rs
@@ -26,7 +26,6 @@ use crate::{
 pub struct NewAccountProverKnowledge<T> {
     pub id: T,
     pub nullifier: T,
-    pub trapdoor: T,
     pub initial_deposit: T,
     pub caller_address: T,
     pub token_address: T,
@@ -40,7 +39,6 @@ impl<T: Default + Copy> Default for NewAccountProverKnowledge<T> {
         Self {
             id: T::default(),
             nullifier: T::default(),
-            trapdoor: T::default(),
             initial_deposit: T::default(),
             caller_address: T::default(),
             token_address: T::default(),
@@ -59,7 +57,6 @@ impl ProverKnowledge for NewAccountProverKnowledge<Fr> {
         Self {
             id: curve_arithmetic::generate_user_id(Fr::random(&mut *rng).to_bytes()),
             nullifier: Fr::random(&mut *rng),
-            trapdoor: Fr::random(&mut *rng),
             initial_deposit: Fr::ONE,
             caller_address: Fr::random(&mut *rng),
             token_address: Fr::ZERO,
@@ -72,7 +69,6 @@ impl ProverKnowledge for NewAccountProverKnowledge<Fr> {
     fn create_circuit(&self) -> Self::Circuit {
         NewAccountCircuit(NewAccountProverKnowledge {
             id: Value::known(self.id),
-            trapdoor: Value::known(self.trapdoor),
             nullifier: Value::known(self.nullifier),
             initial_deposit: Value::known(self.initial_deposit),
             caller_address: Value::known(self.caller_address),
@@ -110,7 +106,6 @@ impl PublicInputProvider<NewAccountInstance> for NewAccountProverKnowledge<Fr> {
                 version: NOTE_VERSION,
                 id: self.id,
                 nullifier: self.nullifier,
-                trapdoor: self.trapdoor,
                 account_balance: self.initial_deposit,
                 token_address: self.token_address,
             }),
diff --git a/crates/shielder-circuits/src/circuits/withdraw/chip.rs b/crates/shielder-circuits/src/circuits/withdraw/chip.rs
@@ -43,7 +43,6 @@ impl WithdrawChip {
                 version: NOTE_VERSION,
                 id: knowledge.id.clone(),
                 nullifier: knowledge.nullifier_old.clone(),
-                trapdoor: knowledge.trapdoor_old.clone(),
                 account_balance: knowledge.account_old_balance.clone(),
                 token_address: knowledge.token_address.clone(),
             },
@@ -95,7 +94,6 @@ impl WithdrawChip {
                 version: NOTE_VERSION,
                 id: knowledge.id.clone(),
                 nullifier: knowledge.nullifier_new.clone(),
-                trapdoor: knowledge.trapdoor_new.clone(),
                 account_balance: new_balance,
                 token_address: knowledge.token_address.clone(),
             },
diff --git a/crates/shielder-circuits/src/circuits/withdraw/circuit.rs b/crates/shielder-circuits/src/circuits/withdraw/circuit.rs
@@ -106,7 +106,6 @@ mod tests {
             version: NoteVersion::new(0),
             id: pk.id,
             nullifier: pk.nullifier_old,
-            trapdoor: pk.trapdoor_old,
             account_balance: pk.account_old_balance,
             token_address: pk.token_address,
         });
@@ -129,7 +128,6 @@ mod tests {
             Fr::ZERO, // Note version.
             pk.id,
             pk.nullifier_new,
-            pk.trapdoor_new,
             new_balance_hash,
         ]);
         assert_eq!(new_note_hash, pub_input[2]);
@@ -207,7 +205,6 @@ mod tests {
                 version: NOTE_VERSION,
                 id: pk.id,
                 nullifier: pk.nullifier_old,
-                trapdoor: pk.trapdoor_old,
                 account_balance: pk.account_old_balance,
                 token_address: pk.token_address,
             }) + modification /* Modification here! */;
@@ -225,7 +222,6 @@ mod tests {
                 version: NOTE_VERSION,
                 id: pk.id,
                 nullifier: pk.nullifier_new,
-                trapdoor: pk.trapdoor_new,
                 account_balance: account_balance_new,
                 token_address: pk.token_address,
             });
diff --git a/crates/shielder-circuits/src/circuits/withdraw/knowledge.rs b/crates/shielder-circuits/src/circuits/withdraw/knowledge.rs
@@ -32,7 +32,6 @@ pub struct WithdrawProverKnowledge<T> {
     // Old note
     pub id: T,
     pub nullifier_old: T,
-    pub trapdoor_old: T,
     pub account_old_balance: T,
     pub token_address: T,
 
@@ -41,7 +40,6 @@ pub struct WithdrawProverKnowledge<T> {
 
     // New note
     pub nullifier_new: T,
-    pub trapdoor_new: T,
 
     // Salt for MAC.
     pub mac_salt: T,
@@ -63,15 +61,13 @@ impl ProverKnowledge for WithdrawProverKnowledge<Fr> {
     fn random_correct_example(rng: &mut impl RngCore) -> Self {
         let id = curve_arithmetic::generate_user_id(Fr::random(&mut *rng).to_bytes());
         let nullifier_old = Fr::random(&mut *rng);
-        let trapdoor_old = Fr::random(&mut *rng);
 
         let account_old_balance = Fr::from_u128(MAX_ACCOUNT_BALANCE_PASSING_RANGE_CHECK);
         let token_address = Fr::ZERO;
         let h_note_old = note_hash(&Note {
             version: NOTE_VERSION,
             id,
             nullifier: nullifier_old,
-            trapdoor: trapdoor_old,
             account_balance: account_old_balance,
             token_address,
         });
@@ -83,21 +79,16 @@ impl ProverKnowledge for WithdrawProverKnowledge<Fr> {
             commitment: Fr::random(&mut *rng),
             id,
             nullifier_old,
-            trapdoor_old,
             account_old_balance,
             token_address,
             path,
             nullifier_new: Fr::random(&mut *rng),
-            trapdoor_new: Fr::random(&mut *rng),
             mac_salt: Fr::random(rng),
         }
     }
 
     fn create_circuit(&self) -> Self::Circuit {
         WithdrawCircuit(WithdrawProverKnowledge {
-            trapdoor_new: Value::known(self.trapdoor_new),
-            trapdoor_old: Value::known(self.trapdoor_old),
-
             nullifier_new: Value::known(self.nullifier_new),
             nullifier_old: Value::known(self.nullifier_old),
 
@@ -126,7 +117,6 @@ impl PublicInputProvider<WithdrawInstance> for WithdrawProverKnowledge<Fr> {
                 version: NOTE_VERSION,
                 id: self.id,
                 nullifier: self.nullifier_new,
-                trapdoor: self.trapdoor_new,
                 account_balance: self.account_old_balance - self.withdrawal_value,
                 token_address: self.token_address,
             }),
