npm - @hula-privacy/mixer - Versions diffs - 0.1.0 - Mend

@hula-privacy/mixer 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (12) hide show

package/src/merkle.ts ADDED Viewed

@@ -0,0 +1,220 @@
+/**
+ * Merkle Tree utilities for Hula Privacy Protocol
+ *
+ * Provides functions for building merkle paths from relayer data
+ */
+import { MERKLE_TREE_DEPTH } from "./constants";
+import { poseidonHash, getPoseidon, isPoseidonInitialized } from "./crypto";
+import { getRelayerClient } from "./api";
+import type { MerklePath, LeafData } from "./types";
+// ============================================================================
+// Zero Values
+// ============================================================================
+let ZEROS: bigint[] = [];
+/**
+ * Compute zero hashes for the merkle tree using Poseidon
+ * ZEROS[0] = 0 (empty leaf)
+ * ZEROS[i+1] = Poseidon(ZEROS[i], ZEROS[i])
+ */
+export function computeZeros(): bigint[] {
+  if (!isPoseidonInitialized()) {
+    throw new Error("Poseidon not initialized. Call initPoseidon() first.");
+  }
+  if (ZEROS.length > 0) {
+    return ZEROS;
+  }
+  const zeros: bigint[] = [0n]; // ZEROS[0] = 0 (empty leaf)
+  const poseidon = getPoseidon();
+  for (let i = 0; i < MERKLE_TREE_DEPTH; i++) {
+    const hash = poseidon([zeros[i], zeros[i]]);
+    zeros.push(poseidon.F.toObject(hash));
+  }
+  ZEROS = zeros;
+  return zeros;
+}
+/**
+ * Get zero value at a specific level
+ */
+export function getZeroAtLevel(level: number): bigint {
+  if (ZEROS.length === 0) {
+    computeZeros();
+  }
+  return ZEROS[level];
+}
+/**
+ * Get the root of an empty merkle tree
+ */
+export function getEmptyTreeRoot(): bigint {
+  if (ZEROS.length === 0) {
+    computeZeros();
+  }
+  return ZEROS[MERKLE_TREE_DEPTH];
+}
+// ============================================================================
+// Merkle Path Computation
+// ============================================================================
+/**
+ * Compute merkle path from a list of leaves
+ *
+ * This builds the full tree locally and extracts the path for the given leaf.
+ * Use this when you have fetched all leaves from the relayer.
+ */
+export function computeMerklePathFromLeaves(
+  leafIndex: number,
+  leaves: bigint[]
+): MerklePath {
+  if (!isPoseidonInitialized()) {
+    throw new Error("Poseidon not initialized. Call initPoseidon() first.");
+  }
+  const zeros = computeZeros();
+  const pathElements: bigint[] = [];
+  const pathIndices: number[] = [];
+  const poseidon = getPoseidon();
+  // Build tree level by level
+  let currentLevel = [...leaves];
+  // Pad to tree size with zeros
+  const treeSize = 1 << MERKLE_TREE_DEPTH;
+  while (currentLevel.length < treeSize) {
+    currentLevel.push(zeros[0]);
+  }
+  let targetIndex = leafIndex;
+  for (let level = 0; level < MERKLE_TREE_DEPTH; level++) {
+    const isLeft = (targetIndex & 1) === 0;
+    pathIndices.push(isLeft ? 0 : 1);
+    // Get sibling
+    const siblingIndex = isLeft ? targetIndex + 1 : targetIndex - 1;
+    pathElements.push(currentLevel[siblingIndex]);
+    // Compute next level
+    const nextLevel: bigint[] = [];
+    for (let i = 0; i < currentLevel.length; i += 2) {
+      const left = currentLevel[i];
+      const right = currentLevel[i + 1] ?? zeros[level];
+      const hash = poseidon([left, right]);
+      nextLevel.push(poseidon.F.toObject(hash));
+    }
+    currentLevel = nextLevel;
+    targetIndex = Math.floor(targetIndex / 2);
+  }
+  return { pathElements, pathIndices, root: currentLevel[0] };
+}
+/**
+ * Compute merkle root from leaves
+ */
+export function computeMerkleRoot(leaves: bigint[]): bigint {
+  if (leaves.length === 0) {
+    return getEmptyTreeRoot();
+  }
+  const { root } = computeMerklePathFromLeaves(0, leaves);
+  return root;
+}
+/**
+ * Verify a merkle path is valid
+ */
+export function verifyMerklePath(
+  leafValue: bigint,
+  path: MerklePath
+): boolean {
+  if (!isPoseidonInitialized()) {
+    throw new Error("Poseidon not initialized. Call initPoseidon() first.");
+  }
+  let current = leafValue;
+  const poseidon = getPoseidon();
+  for (let i = 0; i < path.pathElements.length; i++) {
+    const sibling = path.pathElements[i];
+    const isLeft = path.pathIndices[i] === 0;
+    const left = isLeft ? current : sibling;
+    const right = isLeft ? sibling : current;
+    const hash = poseidon([left, right]);
+    current = poseidon.F.toObject(hash);
+  }
+  return current === path.root;
+}
+// ============================================================================
+// Relayer Integration
+// ============================================================================
+/**
+ * Fetch merkle path for a UTXO from the relayer
+ *
+ * This fetches all leaves for the tree and computes the path locally.
+ */
+export async function fetchMerklePath(
+  treeIndex: number,
+  leafIndex: number,
+  relayerUrl?: string
+): Promise<MerklePath> {
+  const client = getRelayerClient(relayerUrl);
+  // Get all leaves for this tree
+  const leaves = await client.getCommitmentsForTree(treeIndex);
+  if (leafIndex >= leaves.length) {
+    throw new Error(`Leaf index ${leafIndex} not found in tree ${treeIndex} (has ${leaves.length} leaves)`);
+  }
+  return computeMerklePathFromLeaves(leafIndex, leaves);
+}
+/**
+ * Fetch current merkle root for a tree from the relayer
+ */
+export async function fetchMerkleRoot(
+  treeIndex: number,
+  relayerUrl?: string
+): Promise<bigint> {
+  const client = getRelayerClient(relayerUrl);
+  const tree = await client.getTree(treeIndex);
+  return BigInt(tree.root);
+}
+/**
+ * Get next leaf index for a tree
+ */
+export async function getNextLeafIndex(
+  treeIndex: number,
+  relayerUrl?: string
+): Promise<number> {
+  const client = getRelayerClient(relayerUrl);
+  const tree = await client.getTree(treeIndex);
+  return tree.nextIndex;
+}
+/**
+ * Get current active tree index
+ */
+export async function getCurrentTreeIndex(relayerUrl?: string): Promise<number> {
+  const client = getRelayerClient(relayerUrl);
+  const pool = await client.getPool();
+  return pool.currentTreeIndex;
+}

package/src/proof.ts ADDED Viewed

@@ -0,0 +1,251 @@
+/**
+ * ZK Proof generation utilities
+ *
+ * Uses snarkjs to generate Groth16 proofs for the transaction circuit
+ */
+import { existsSync, readFileSync, writeFileSync, unlinkSync } from "fs";
+import { execSync } from "child_process";
+import path from "path";
+import { PROOF_SIZE } from "./constants";
+import type { CircuitInputs } from "./types";
+// ============================================================================
+// Circuit Paths
+// ============================================================================
+let circuitWasmPath: string | null = null;
+let circuitZkeyPath: string | null = null;
+/**
+ * Set circuit file paths
+ */
+export function setCircuitPaths(wasmPath: string, zkeyPath: string): void {
+  circuitWasmPath = wasmPath;
+  circuitZkeyPath = zkeyPath;
+}
+/**
+ * Get circuit file paths (with fallback to default locations)
+ */
+export function getCircuitPaths(): { wasmPath: string; zkeyPath: string } {
+  if (circuitWasmPath && circuitZkeyPath) {
+    return { wasmPath: circuitWasmPath, zkeyPath: circuitZkeyPath };
+  }
+  // Try to find circuits in common locations
+  const possibleBasePaths = [
+    path.join(process.cwd(), "circuits", "build"),
+    path.join(process.cwd(), "..", "circuits", "build"),
+    path.join(process.cwd(), "assets"),
+  ];
+  for (const basePath of possibleBasePaths) {
+    const wasmPath = path.join(basePath, "transaction_js", "transaction.wasm");
+    const zkeyPath = path.join(basePath, "keys", "transaction_final.zkey");
+    if (existsSync(wasmPath) && existsSync(zkeyPath)) {
+      return { wasmPath, zkeyPath };
+    }
+    // Also check if files are directly in assets folder
+    const altWasmPath = path.join(basePath, "transaction.wasm");
+    const altZkeyPath = path.join(basePath, "transaction_final.zkey");
+    if (existsSync(altWasmPath) && existsSync(altZkeyPath)) {
+      return { wasmPath: altWasmPath, zkeyPath: altZkeyPath };
+    }
+  }
+  throw new Error(
+    "Circuit files not found. Either:\n" +
+    "1. Run 'make' in circuits/ directory to build them, or\n" +
+    "2. Call setCircuitPaths() with the correct paths"
+  );
+}
+/**
+ * Verify circuit files exist
+ */
+export function verifyCircuitFiles(): void {
+  const { wasmPath, zkeyPath } = getCircuitPaths();
+  if (!existsSync(wasmPath)) {
+    throw new Error(`Circuit WASM not found: ${wasmPath}`);
+  }
+  if (!existsSync(zkeyPath)) {
+    throw new Error(`Circuit zkey not found: ${zkeyPath}`);
+  }
+}
+// ============================================================================
+// Proof Parsing
+// ============================================================================
+/**
+ * Convert a decimal string to 32-byte big-endian Uint8Array
+ */
+function toBigEndianBytes(decimalStr: string): Uint8Array {
+  let hex = BigInt(decimalStr).toString(16);
+  hex = hex.padStart(64, "0");
+  const bytes = new Uint8Array(32);
+  for (let i = 0; i < 32; i++) {
+    bytes[i] = parseInt(hex.slice(i * 2, i * 2 + 2), 16);
+  }
+  return bytes;
+}
+/**
+ * Parse snarkjs proof JSON into 256-byte proof array
+ *
+ * Format: proof_a (64 bytes) + proof_b (128 bytes) + proof_c (64 bytes)
+ */
+export function parseProof(proofJson: {
+  pi_a: string[];
+  pi_b: string[][];
+  pi_c: string[];
+}): Uint8Array {
+  const proof = new Uint8Array(PROOF_SIZE);
+  // proof_a: G1 point (x, y) - 64 bytes
+  const pi_a_x = toBigEndianBytes(proofJson.pi_a[0]);
+  const pi_a_y = toBigEndianBytes(proofJson.pi_a[1]);
+  proof.set(pi_a_x, 0);
+  proof.set(pi_a_y, 32);
+  // proof_b: G2 point - 128 bytes
+  // G2 points have coordinates in extension field: [[x0, x1], [y0, y1]]
+  // Order for Solana/Solidity verifier: x1 || x0 || y1 || y0
+  const pi_b_x0 = toBigEndianBytes(proofJson.pi_b[0][1]);
+  const pi_b_x1 = toBigEndianBytes(proofJson.pi_b[0][0]);
+  const pi_b_y0 = toBigEndianBytes(proofJson.pi_b[1][1]);
+  const pi_b_y1 = toBigEndianBytes(proofJson.pi_b[1][0]);
+  proof.set(pi_b_x0, 64);
+  proof.set(pi_b_x1, 96);
+  proof.set(pi_b_y0, 128);
+  proof.set(pi_b_y1, 160);
+  // proof_c: G1 point (x, y) - 64 bytes
+  const pi_c_x = toBigEndianBytes(proofJson.pi_c[0]);
+  const pi_c_y = toBigEndianBytes(proofJson.pi_c[1]);
+  proof.set(pi_c_x, 192);
+  proof.set(pi_c_y, 224);
+  return proof;
+}
+// ============================================================================
+// Proof Generation
+// ============================================================================
+/**
+ * Generate ZK proof using snarkjs CLI (subprocess for Bun compatibility)
+ *
+ * This spawns snarkjs as a subprocess to avoid web-worker issues with Bun.
+ * Works in both Node.js and Bun environments.
+ */
+export async function generateProof(
+  circuitInputs: CircuitInputs
+): Promise<{ proof: Uint8Array; publicSignals: string[] }> {
+  verifyCircuitFiles();
+  const { wasmPath, zkeyPath } = getCircuitPaths();
+  // Get temp directory
+  const tempDir = path.dirname(zkeyPath);
+  // Create unique temp file names
+  const timestamp = Date.now();
+  const inputPath = path.join(tempDir, `temp_input_${timestamp}.json`);
+  const witnessPath = path.join(tempDir, `temp_witness_${timestamp}.wtns`);
+  const proofPath = path.join(tempDir, `temp_proof_${timestamp}.json`);
+  const publicPath = path.join(tempDir, `temp_public_${timestamp}.json`);
+  try {
+    // Write input to temp file
+    writeFileSync(inputPath, JSON.stringify(circuitInputs));
+    // Find witness generation script
+    const witnessGenScript = path.join(
+      path.dirname(wasmPath),
+      "generate_witness.cjs"
+    );
+    if (!existsSync(witnessGenScript)) {
+      throw new Error(`Witness generation script not found: ${witnessGenScript}`);
+    }
+    // Generate witness using node (not bun) to avoid web-worker issues
+    execSync(`node ${witnessGenScript} ${wasmPath} ${inputPath} ${witnessPath}`, {
+      stdio: "pipe",
+      cwd: tempDir,
+    });
+    // Generate proof using snarkjs CLI
+    execSync(
+      `npx snarkjs groth16 prove ${zkeyPath} ${witnessPath} ${proofPath} ${publicPath}`,
+      {
+        stdio: "pipe",
+        cwd: tempDir,
+      }
+    );
+    // Read proof and public signals
+    const proofJson = JSON.parse(readFileSync(proofPath, "utf-8"));
+    const publicSignals = JSON.parse(readFileSync(publicPath, "utf-8"));
+    const proof = parseProof(proofJson);
+    return { proof, publicSignals };
+  } finally {
+    // Cleanup temp files
+    const cleanup = (filePath: string) => {
+      try {
+        if (existsSync(filePath)) unlinkSync(filePath);
+      } catch {}
+    };
+    cleanup(inputPath);
+    cleanup(witnessPath);
+    cleanup(proofPath);
+    cleanup(publicPath);
+  }
+}
+/**
+ * Generate proof using snarkjs in-memory (for Node.js environments)
+ *
+ * This is more efficient but may not work in all environments.
+ */
+export async function generateProofInMemory(
+  circuitInputs: CircuitInputs
+): Promise<{ proof: Uint8Array; publicSignals: string[] }> {
+  verifyCircuitFiles();
+  const { wasmPath, zkeyPath } = getCircuitPaths();
+  // Dynamic import to handle environments where snarkjs isn't available
+  // eslint-disable-next-line @typescript-eslint/no-var-requires
+  const snarkjs = await import("snarkjs" as string) as {
+    groth16: {
+      fullProve: (
+        inputs: CircuitInputs,
+        wasmPath: string,
+        zkeyPath: string
+      ) => Promise<{
+        proof: { pi_a: string[]; pi_b: string[][]; pi_c: string[] };
+        publicSignals: string[];
+      }>;
+    };
+  };
+  const { proof: proofData, publicSignals } = await snarkjs.groth16.fullProve(
+    circuitInputs,
+    wasmPath,
+    zkeyPath
+  );
+  const proof = parseProof(proofData);
+  return { proof, publicSignals };
+}