@opaquecash/psr-prover 0.1.0

package/dist/defaultReputationArtifacts.d.ts

@@ -0,0 +1,10 @@
+import type { ArtifactPaths } from "./prove.js";
+/**
+ * Host for reputation Groth16 assets (same `/circuits/...` paths as the Opaque frontend).
+ */
+export declare const DEFAULT_REPUTATION_ARTIFACTS_ORIGIN = "https://www.opaque.cash";
+/**
+ * Default wasm + zkey URLs for `generateReputationProof` when `artifacts` is omitted.
+ */
+export declare const DEFAULT_REPUTATION_ARTIFACT_PATHS: ArtifactPaths;
+//# sourceMappingURL=defaultReputationArtifacts.d.ts.map

package/dist/defaultReputationArtifacts.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"defaultReputationArtifacts.d.ts","sourceRoot":"","sources":["../src/defaultReputationArtifacts.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,YAAY,CAAC;AAEhD;;GAEG;AACH,eAAO,MAAM,mCAAmC,4BAA4B,CAAC;AAE7E;;GAEG;AACH,eAAO,MAAM,iCAAiC,EAAE,aAG/C,CAAC"}

package/dist/defaultReputationArtifacts.js

@@ -0,0 +1,12 @@
+/**
+ * Host for reputation Groth16 assets (same `/circuits/...` paths as the Opaque frontend).
+ */
+export const DEFAULT_REPUTATION_ARTIFACTS_ORIGIN = "https://www.opaque.cash";
+/**
+ * Default wasm + zkey URLs for `generateReputationProof` when `artifacts` is omitted.
+ */
+export const DEFAULT_REPUTATION_ARTIFACT_PATHS = {
+    wasmPath: `${DEFAULT_REPUTATION_ARTIFACTS_ORIGIN}/circuits/stealth_attestation_js/stealth_attestation.wasm`,
+    zkeyPath: `${DEFAULT_REPUTATION_ARTIFACTS_ORIGIN}/circuits/sa_final.zkey`,
+};
+//# sourceMappingURL=defaultReputationArtifacts.js.map

package/dist/defaultReputationArtifacts.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"defaultReputationArtifacts.js","sourceRoot":"","sources":["../src/defaultReputationArtifacts.ts"],"names":[],"mappings":"AAEA;;GAEG;AACH,MAAM,CAAC,MAAM,mCAAmC,GAAG,yBAAyB,CAAC;AAE7E;;GAEG;AACH,MAAM,CAAC,MAAM,iCAAiC,GAAkB;IAC9D,QAAQ,EAAE,GAAG,mCAAmC,2DAA2D;IAC3G,QAAQ,EAAE,GAAG,mCAAmC,yBAAyB;CAC1E,CAAC"}

package/dist/index.d.ts

@@ -0,0 +1,15 @@
+/**
+ * `@opaquecash/psr-prover` — witness construction and Groth16 proving for the stealth attestation circuit.
+ *
+ * Depends on `snarkjs` and `circomlibjs`; browser apps should polyfill `Buffer` (see {@link ensureBufferPolyfill}).
+ *
+ * @packageDocumentation
+ */
+export type { CircuitWitness } from "./witness.js";
+export { buildWitnessCircuitConsistent, buildWitnessFromWasm, ensureBufferPolyfill, } from "./witness.js";
+export type { ArtifactPaths, ProofProgressCallback } from "./prove.js";
+export { generateGroth16Proof, verifyProofLocally, } from "./prove.js";
+export { DEFAULT_REPUTATION_ARTIFACT_PATHS, DEFAULT_REPUTATION_ARTIFACTS_ORIGIN, } from "./defaultReputationArtifacts.js";
+export type { GenerateReputationProofParams } from "./pipeline.js";
+export { generateReputationProof } from "./pipeline.js";
+//# sourceMappingURL=index.d.ts.map

package/dist/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,YAAY,EAAE,cAAc,EAAE,MAAM,cAAc,CAAC;AACnD,OAAO,EACL,6BAA6B,EAC7B,oBAAoB,EACpB,oBAAoB,GACrB,MAAM,cAAc,CAAC;AAEtB,YAAY,EAAE,aAAa,EAAE,qBAAqB,EAAE,MAAM,YAAY,CAAC;AACvE,OAAO,EACL,oBAAoB,EACpB,kBAAkB,GACnB,MAAM,YAAY,CAAC;AAEpB,OAAO,EACL,iCAAiC,EACjC,mCAAmC,GACpC,MAAM,iCAAiC,CAAC;AAEzC,YAAY,EAAE,6BAA6B,EAAE,MAAM,eAAe,CAAC;AACnE,OAAO,EAAE,uBAAuB,EAAE,MAAM,eAAe,CAAC"}

package/dist/index.js

@@ -0,0 +1,12 @@
+/**
+ * `@opaquecash/psr-prover` — witness construction and Groth16 proving for the stealth attestation circuit.
+ *
+ * Depends on `snarkjs` and `circomlibjs`; browser apps should polyfill `Buffer` (see {@link ensureBufferPolyfill}).
+ *
+ * @packageDocumentation
+ */
+export { buildWitnessCircuitConsistent, buildWitnessFromWasm, ensureBufferPolyfill, } from "./witness.js";
+export { generateGroth16Proof, verifyProofLocally, } from "./prove.js";
+export { DEFAULT_REPUTATION_ARTIFACT_PATHS, DEFAULT_REPUTATION_ARTIFACTS_ORIGIN, } from "./defaultReputationArtifacts.js";
+export { generateReputationProof } from "./pipeline.js";
+//# sourceMappingURL=index.js.map

package/dist/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAGH,OAAO,EACL,6BAA6B,EAC7B,oBAAoB,EACpB,oBAAoB,GACrB,MAAM,cAAc,CAAC;AAGtB,OAAO,EACL,oBAAoB,EACpB,kBAAkB,GACnB,MAAM,YAAY,CAAC;AAEpB,OAAO,EACL,iCAAiC,EACjC,mCAAmC,GACpC,MAAM,iCAAiC,CAAC;AAGzC,OAAO,EAAE,uBAAuB,EAAE,MAAM,eAAe,CAAC"}

package/dist/pipeline.d.ts

@@ -0,0 +1,32 @@
+import type { DiscoveredTrait, ProofData } from "@opaquecash/psr-core";
+import type { StealthWasmModule } from "@opaquecash/stealth-wasm";
+import type { ArtifactPaths, ProofProgressCallback } from "./prove.js";
+/**
+ * High-level inputs for {@link generateReputationProof}.
+ */
+export interface GenerateReputationProofParams {
+    /** Initialized WASM module. */
+    wasm: StealthWasmModule;
+    /** Trait to prove (from scanner). */
+    trait: DiscoveredTrait;
+    /**
+     * When set, witness is built via Rust `generate_reputation_witness` using this JSON string.
+     * Otherwise {@link buildWitnessCircuitConsistent} is used (zero-hash tree dev mode).
+     */
+    attestationsJson?: string;
+    /** 32-byte reconstructed one-time stealth private key for the trait output. */
+    stealthPrivKeyBytes: Uint8Array;
+    /** External nullifier as decimal string (see {@link externalNullifierFromScope} in `@opaquecash/psr-core`). */
+    externalNullifier: string;
+    /**
+     * Circom wasm + zkey paths/URLs.
+     * Defaults to {@link DEFAULT_REPUTATION_ARTIFACT_PATHS} (opaque.cash).
+     */
+    artifacts?: ArtifactPaths;
+    onProgress?: ProofProgressCallback;
+}
+/**
+ * End-to-end: build witness (WASM or circomlib placeholder tree) + Groth16 prove.
+ */
+export declare function generateReputationProof(params: GenerateReputationProofParams): Promise<ProofData>;
+//# sourceMappingURL=pipeline.d.ts.map

package/dist/pipeline.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"pipeline.d.ts","sourceRoot":"","sources":["../src/pipeline.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,eAAe,EAAE,SAAS,EAAE,MAAM,sBAAsB,CAAC;AACvE,OAAO,KAAK,EAAE,iBAAiB,EAAE,MAAM,0BAA0B,CAAC;AAElE,OAAO,KAAK,EAAE,aAAa,EAAE,qBAAqB,EAAE,MAAM,YAAY,CAAC;AAQvE;;GAEG;AACH,MAAM,WAAW,6BAA6B;IAC5C,+BAA+B;IAC/B,IAAI,EAAE,iBAAiB,CAAC;IACxB,qCAAqC;IACrC,KAAK,EAAE,eAAe,CAAC;IACvB;;;OAGG;IACH,gBAAgB,CAAC,EAAE,MAAM,CAAC;IAC1B,+EAA+E;IAC/E,mBAAmB,EAAE,UAAU,CAAC;IAChC,+GAA+G;IAC/G,iBAAiB,EAAE,MAAM,CAAC;IAC1B;;;OAGG;IACH,SAAS,CAAC,EAAE,aAAa,CAAC;IAC1B,UAAU,CAAC,EAAE,qBAAqB,CAAC;CACpC;AAED;;GAEG;AACH,wBAAsB,uBAAuB,CAC3C,MAAM,EAAE,6BAA6B,GACpC,OAAO,CAAC,SAAS,CAAC,CAyBpB"}

package/dist/pipeline.js

@@ -0,0 +1,20 @@
+import { DEFAULT_REPUTATION_ARTIFACT_PATHS } from "./defaultReputationArtifacts.js";
+import { generateGroth16Proof } from "./prove.js";
+import { buildWitnessCircuitConsistent, buildWitnessFromWasm, } from "./witness.js";
+/**
+ * End-to-end: build witness (WASM or circomlib placeholder tree) + Groth16 prove.
+ */
+export async function generateReputationProof(params) {
+    params.onProgress?.("preparing-witness", 5);
+    let witness;
+    if (params.attestationsJson !== undefined) {
+        witness = buildWitnessFromWasm(params.wasm, params.attestationsJson, String(params.trait.attestationId), params.stealthPrivKeyBytes, params.externalNullifier);
+        params.onProgress?.("preparing-witness", 60);
+    }
+    else {
+        witness = await buildWitnessCircuitConsistent(params.trait.attestationId, params.stealthPrivKeyBytes, params.externalNullifier);
+        params.onProgress?.("preparing-witness", 60);
+    }
+    return generateGroth16Proof(witness, params.artifacts ?? DEFAULT_REPUTATION_ARTIFACT_PATHS, params.onProgress);
+}
+//# sourceMappingURL=pipeline.js.map

package/dist/pipeline.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"pipeline.js","sourceRoot":"","sources":["../src/pipeline.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,iCAAiC,EAAE,MAAM,iCAAiC,CAAC;AAEpF,OAAO,EAAE,oBAAoB,EAAE,MAAM,YAAY,CAAC;AAClD,OAAO,EACL,6BAA6B,EAC7B,oBAAoB,GAErB,MAAM,cAAc,CAAC;AA2BtB;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,uBAAuB,CAC3C,MAAqC;IAErC,MAAM,CAAC,UAAU,EAAE,CAAC,mBAAmB,EAAE,CAAC,CAAC,CAAC;IAC5C,IAAI,OAAuB,CAAC;IAC5B,IAAI,MAAM,CAAC,gBAAgB,KAAK,SAAS,EAAE,CAAC;QAC1C,OAAO,GAAG,oBAAoB,CAC5B,MAAM,CAAC,IAAI,EACX,MAAM,CAAC,gBAAgB,EACvB,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,aAAa,CAAC,EAClC,MAAM,CAAC,mBAAmB,EAC1B,MAAM,CAAC,iBAAiB,CACzB,CAAC;QACF,MAAM,CAAC,UAAU,EAAE,CAAC,mBAAmB,EAAE,EAAE,CAAC,CAAC;IAC/C,CAAC;SAAM,CAAC;QACN,OAAO,GAAG,MAAM,6BAA6B,CAC3C,MAAM,CAAC,KAAK,CAAC,aAAa,EAC1B,MAAM,CAAC,mBAAmB,EAC1B,MAAM,CAAC,iBAAiB,CACzB,CAAC;QACF,MAAM,CAAC,UAAU,EAAE,CAAC,mBAAmB,EAAE,EAAE,CAAC,CAAC;IAC/C,CAAC;IACD,OAAO,oBAAoB,CACzB,OAAO,EACP,MAAM,CAAC,SAAS,IAAI,iCAAiC,EACrD,MAAM,CAAC,UAAU,CAClB,CAAC;AACJ,CAAC"}

package/dist/prove.d.ts

@@ -0,0 +1,31 @@
+import type { ProofData } from "@opaquecash/psr-core";
+import type { CircuitWitness } from "./witness.js";
+/**
+ * Paths or URLs to Circom wasm + final zkey (Groth16).
+ */
+export interface ArtifactPaths {
+    /** Path/URL to `stealth_attestation.wasm`. */
+    wasmPath: string;
+    /** Path/URL to final `.zkey`. */
+    zkeyPath: string;
+}
+/**
+ * Progress callback for long-running prove steps.
+ */
+export type ProofProgressCallback = (stage: string, percent: number) => void;
+/**
+ * Run `snarkjs.groth16.fullProve` on a prepared witness.
+ *
+ * @param witness - JSON object accepted by the Circom wasm.
+ * @param artifacts - Wasm + zkey locations (browser: serve static files; Node: file paths).
+ * @param onProgress - Optional UI hook.
+ */
+export declare function generateGroth16Proof(witness: CircuitWitness, artifacts: ArtifactPaths, onProgress?: ProofProgressCallback): Promise<ProofData>;
+/**
+ * Verify a proof locally with snarkjs (development / diagnostics).
+ *
+ * @param proofData - Output of {@link generateGroth16Proof}.
+ * @param vkeyPath - Path/URL to verification key JSON from the trusted setup.
+ */
+export declare function verifyProofLocally(proofData: ProofData, vkeyPath: string): Promise<boolean>;
+//# sourceMappingURL=prove.d.ts.map

package/dist/prove.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"prove.d.ts","sourceRoot":"","sources":["../src/prove.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,sBAAsB,CAAC;AAEtD,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,cAAc,CAAC;AAMnD;;GAEG;AACH,MAAM,WAAW,aAAa;IAC5B,8CAA8C;IAC9C,QAAQ,EAAE,MAAM,CAAC;IACjB,iCAAiC;IACjC,QAAQ,EAAE,MAAM,CAAC;CAClB;AAED;;GAEG;AACH,MAAM,MAAM,qBAAqB,GAAG,CAAC,KAAK,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,KAAK,IAAI,CAAC;AAE7E;;;;;;GAMG;AACH,wBAAsB,oBAAoB,CACxC,OAAO,EAAE,cAAc,EACvB,SAAS,EAAE,aAAa,EACxB,UAAU,CAAC,EAAE,qBAAqB,GACjC,OAAO,CAAC,SAAS,CAAC,CAgCpB;AAED;;;;;GAKG;AACH,wBAAsB,kBAAkB,CACtC,SAAS,EAAE,SAAS,EACpB,QAAQ,EAAE,MAAM,GACf,OAAO,CAAC,OAAO,CAAC,CAOlB"}

package/dist/prove.js

@@ -0,0 +1,47 @@
+import { ProofError } from "@opaquecash/psr-core";
+/**
+ * Run `snarkjs.groth16.fullProve` on a prepared witness.
+ *
+ * @param witness - JSON object accepted by the Circom wasm.
+ * @param artifacts - Wasm + zkey locations (browser: serve static files; Node: file paths).
+ * @param onProgress - Optional UI hook.
+ */
+export async function generateGroth16Proof(witness, artifacts, onProgress) {
+    onProgress?.("generating-proof", 10);
+    const snarkjs = (await import("snarkjs")).groth16;
+    const { proof, publicSignals } = await snarkjs.fullProve(witness, artifacts.wasmPath, artifacts.zkeyPath);
+    onProgress?.("generating-proof", 90);
+    const nullifier = publicSignals[0];
+    const attestationIdFromProof = Number(publicSignals[3]);
+    const isValidSignal = String(publicSignals[1] ?? "0");
+    if (isValidSignal !== "1") {
+        throw new ProofError("Generated proof has is_valid≠1; witness does not satisfy the circuit.");
+    }
+    return {
+        proof: {
+            pi_a: proof.pi_a.slice(0, 2),
+            pi_b: proof.pi_b.slice(0, 2),
+            pi_c: proof.pi_c.slice(0, 2),
+        },
+        publicSignals,
+        nullifier,
+        attestationId: Number.isFinite(attestationIdFromProof)
+            ? attestationIdFromProof
+            : Number(witness.attestation_id),
+    };
+}
+/**
+ * Verify a proof locally with snarkjs (development / diagnostics).
+ *
+ * @param proofData - Output of {@link generateGroth16Proof}.
+ * @param vkeyPath - Path/URL to verification key JSON from the trusted setup.
+ */
+export async function verifyProofLocally(proofData, vkeyPath) {
+    const snarkjs = (await import("snarkjs")).groth16;
+    return snarkjs.verify(vkeyPath, proofData.publicSignals, {
+        pi_a: proofData.proof.pi_a,
+        pi_b: proofData.proof.pi_b,
+        pi_c: proofData.proof.pi_c,
+    });
+}
+//# sourceMappingURL=prove.js.map

package/dist/prove.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"prove.js","sourceRoot":"","sources":["../src/prove.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,UAAU,EAAE,MAAM,sBAAsB,CAAC;AAsBlD;;;;;;GAMG;AACH,MAAM,CAAC,KAAK,UAAU,oBAAoB,CACxC,OAAuB,EACvB,SAAwB,EACxB,UAAkC;IAElC,UAAU,EAAE,CAAC,kBAAkB,EAAE,EAAE,CAAC,CAAC;IACrC,MAAM,OAAO,GAAG,CAAC,MAAM,MAAM,CAAC,SAAS,CAAC,CAAC,CAAC,OAAuB,CAAC;IAClE,MAAM,EAAE,KAAK,EAAE,aAAa,EAAE,GAAG,MAAM,OAAO,CAAC,SAAS,CACtD,OAAO,EACP,SAAS,CAAC,QAAQ,EAClB,SAAS,CAAC,QAAQ,CACnB,CAAC;IACF,UAAU,EAAE,CAAC,kBAAkB,EAAE,EAAE,CAAC,CAAC;IAErC,MAAM,SAAS,GAAG,aAAa,CAAC,CAAC,CAAC,CAAC;IACnC,MAAM,sBAAsB,GAAG,MAAM,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC,CAAC;IACxD,MAAM,aAAa,GAAG,MAAM,CAAC,aAAa,CAAC,CAAC,CAAC,IAAI,GAAG,CAAC,CAAC;IAEtD,IAAI,aAAa,KAAK,GAAG,EAAE,CAAC;QAC1B,MAAM,IAAI,UAAU,CAClB,uEAAuE,CACxE,CAAC;IACJ,CAAC;IAED,OAAO;QACL,KAAK,EAAE;YACL,IAAI,EAAE,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC;YAC5B,IAAI,EAAE,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC;YAC5B,IAAI,EAAE,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC;SAC7B;QACD,aAAa;QACb,SAAS;QACT,aAAa,EAAE,MAAM,CAAC,QAAQ,CAAC,sBAAsB,CAAC;YACpD,CAAC,CAAC,sBAAsB;YACxB,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,cAAc,CAAC;KACnC,CAAC;AACJ,CAAC;AAED;;;;;GAKG;AACH,MAAM,CAAC,KAAK,UAAU,kBAAkB,CACtC,SAAoB,EACpB,QAAgB;IAEhB,MAAM,OAAO,GAAG,CAAC,MAAM,MAAM,CAAC,SAAS,CAAC,CAAC,CAAC,OAAuB,CAAC;IAClE,OAAO,OAAO,CAAC,MAAM,CAAC,QAAQ,EAAE,SAAS,CAAC,aAAa,EAAE;QACvD,IAAI,EAAE,SAAS,CAAC,KAAK,CAAC,IAAI;QAC1B,IAAI,EAAE,SAAS,CAAC,KAAK,CAAC,IAAI;QAC1B,IAAI,EAAE,SAAS,CAAC,KAAK,CAAC,IAAI;KAC3B,CAAC,CAAC;AACL,CAAC"}

package/dist/witness.d.ts

@@ -0,0 +1,39 @@
+import type { StealthWasmModule } from "@opaquecash/stealth-wasm";
+/**
+ * Ensure `Buffer` exists for `circomlibjs` in browser bundles.
+ */
+export declare function ensureBufferPolyfill(): Promise<void>;
+/**
+ * Circuit witness object matching `stealth_attestation` public/private input names (decimal string fields).
+ */
+export interface CircuitWitness {
+    merkle_root: string;
+    attestation_id: string;
+    external_nullifier: string;
+    stealth_private_key: string;
+    ephemeral_pubkey: [string, string];
+    announcement_attestation_id: string;
+    merkle_path_elements: string[];
+    merkle_path_indices: number[];
+}
+/**
+ * Build a **placeholder** Merkle witness using zero-hash siblings (matches Opaque wallet dev prover).
+ *
+ * For production you must align leaves with the same tree the verifier admin commits on-chain.
+ *
+ * @param traitAttestationId - Public attestation id to prove.
+ * @param stealthPrivKeyBytes - 32-byte reconstructed one-time stealth private key.
+ * @param externalNullifier - Decimal string or hex-compatible numeric string for the circuit scalar.
+ */
+export declare function buildWitnessCircuitConsistent(traitAttestationId: number, stealthPrivKeyBytes: Uint8Array, externalNullifier: string): Promise<CircuitWitness>;
+/**
+ * Delegate witness construction to Rust WASM (`generate_reputation_witness`) for full Merkle paths.
+ *
+ * @param wasm - Initialized `@opaquecash/stealth-wasm` module.
+ * @param attestationsJson - JSON array string from the scanner.
+ * @param targetTraitId - Decimal string attestation id to prove.
+ * @param stealthPrivkeyBytes - 32-byte one-time stealth private key.
+ * @param externalNullifier - Decimal string (must match {@link buildActionScope} encoding policy).
+ */
+export declare function buildWitnessFromWasm(wasm: StealthWasmModule, attestationsJson: string, targetTraitId: string, stealthPrivkeyBytes: Uint8Array, externalNullifier: string): CircuitWitness;
+//# sourceMappingURL=witness.d.ts.map

package/dist/witness.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"witness.d.ts","sourceRoot":"","sources":["../src/witness.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,iBAAiB,EAAE,MAAM,0BAA0B,CAAC;AAWlE;;GAEG;AACH,wBAAsB,oBAAoB,IAAI,OAAO,CAAC,IAAI,CAAC,CAK1D;AAED;;GAEG;AACH,MAAM,WAAW,cAAc;IAC7B,WAAW,EAAE,MAAM,CAAC;IACpB,cAAc,EAAE,MAAM,CAAC;IACvB,kBAAkB,EAAE,MAAM,CAAC;IAC3B,mBAAmB,EAAE,MAAM,CAAC;IAC5B,gBAAgB,EAAE,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IACnC,2BAA2B,EAAE,MAAM,CAAC;IACpC,oBAAoB,EAAE,MAAM,EAAE,CAAC;IAC/B,mBAAmB,EAAE,MAAM,EAAE,CAAC;CAC/B;AAED;;;;;;;;GAQG;AACH,wBAAsB,6BAA6B,CACjD,kBAAkB,EAAE,MAAM,EAC1B,mBAAmB,EAAE,UAAU,EAC/B,iBAAiB,EAAE,MAAM,GACxB,OAAO,CAAC,cAAc,CAAC,CA8DzB;AAED;;;;;;;;GAQG;AACH,wBAAgB,oBAAoB,CAClC,IAAI,EAAE,iBAAiB,EACvB,gBAAgB,EAAE,MAAM,EACxB,aAAa,EAAE,MAAM,EACrB,mBAAmB,EAAE,UAAU,EAC/B,iBAAiB,EAAE,MAAM,GACxB,cAAc,CAShB"}

package/dist/witness.js

@@ -0,0 +1,86 @@
+import { Buffer } from "buffer";
+import { generateReputationWitnessJson } from "@opaquecash/stealth-wasm";
+const TREE_DEPTH = 20;
+function bytesToBigInt(bytes) {
+    let result = 0n;
+    for (const b of bytes)
+        result = (result << 8n) + BigInt(b);
+    return result;
+}
+/**
+ * Ensure `Buffer` exists for `circomlibjs` in browser bundles.
+ */
+export async function ensureBufferPolyfill() {
+    if (typeof globalThis !== "undefined" && !("Buffer" in globalThis)) {
+        const g = globalThis;
+        g.Buffer = Buffer;
+    }
+}
+/**
+ * Build a **placeholder** Merkle witness using zero-hash siblings (matches Opaque wallet dev prover).
+ *
+ * For production you must align leaves with the same tree the verifier admin commits on-chain.
+ *
+ * @param traitAttestationId - Public attestation id to prove.
+ * @param stealthPrivKeyBytes - 32-byte reconstructed one-time stealth private key.
+ * @param externalNullifier - Decimal string or hex-compatible numeric string for the circuit scalar.
+ */
+export async function buildWitnessCircuitConsistent(traitAttestationId, stealthPrivKeyBytes, externalNullifier) {
+    await ensureBufferPolyfill();
+    const circomlib = await import("circomlibjs");
+    const poseidon = await circomlib.buildPoseidon();
+    const babyjub = await circomlib.buildBabyjub();
+    const F = poseidon.F;
+    const attestationId = BigInt(traitAttestationId);
+    const extNullifier = BigInt(externalNullifier);
+    const stealthPriv = F.toObject(F.e(bytesToBigInt(stealthPrivKeyBytes)));
+    const ephemeralPriv = F.toObject(F.e(stealthPriv + extNullifier + 1n));
+    const stealthPub = babyjub.mulPointEscalar(babyjub.Base8, stealthPriv);
+    const ephemeralPub = babyjub.mulPointEscalar(babyjub.Base8, ephemeralPriv);
+    const sharedSecret = babyjub.mulPointEscalar(ephemeralPub, stealthPriv);
+    const stealthPubX = F.toObject(stealthPub[0]);
+    const stealthPubY = F.toObject(stealthPub[1]);
+    const ephemeralPubX = F.toObject(ephemeralPub[0]);
+    const ephemeralPubY = F.toObject(ephemeralPub[1]);
+    const sharedX = F.toObject(sharedSecret[0]);
+    const sharedY = F.toObject(sharedSecret[1]);
+    const addressCommitment = F.toObject(poseidon([sharedX, sharedY, stealthPubX, stealthPubY]));
+    const leaf = F.toObject(poseidon([addressCommitment, attestationId]));
+    const zeroHashes = [];
+    zeroHashes.push(F.toObject(poseidon([0n, 0n])));
+    for (let i = 1; i < TREE_DEPTH; i++) {
+        zeroHashes.push(F.toObject(poseidon([zeroHashes[i - 1], zeroHashes[i - 1]])));
+    }
+    const merklePathElements = [];
+    const merklePathIndices = [];
+    let current = leaf;
+    for (let i = 0; i < TREE_DEPTH; i++) {
+        merklePathElements.push(zeroHashes[i].toString());
+        merklePathIndices.push(0);
+        current = F.toObject(poseidon([current, zeroHashes[i]]));
+    }
+    return {
+        merkle_root: current.toString(),
+        attestation_id: attestationId.toString(),
+        external_nullifier: extNullifier.toString(),
+        stealth_private_key: stealthPriv.toString(),
+        ephemeral_pubkey: [ephemeralPubX.toString(), ephemeralPubY.toString()],
+        announcement_attestation_id: attestationId.toString(),
+        merkle_path_elements: merklePathElements,
+        merkle_path_indices: merklePathIndices,
+    };
+}
+/**
+ * Delegate witness construction to Rust WASM (`generate_reputation_witness`) for full Merkle paths.
+ *
+ * @param wasm - Initialized `@opaquecash/stealth-wasm` module.
+ * @param attestationsJson - JSON array string from the scanner.
+ * @param targetTraitId - Decimal string attestation id to prove.
+ * @param stealthPrivkeyBytes - 32-byte one-time stealth private key.
+ * @param externalNullifier - Decimal string (must match {@link buildActionScope} encoding policy).
+ */
+export function buildWitnessFromWasm(wasm, attestationsJson, targetTraitId, stealthPrivkeyBytes, externalNullifier) {
+    const json = generateReputationWitnessJson(wasm, attestationsJson, targetTraitId, stealthPrivkeyBytes, externalNullifier);
+    return JSON.parse(json);
+}
+//# sourceMappingURL=witness.js.map

package/dist/witness.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"witness.js","sourceRoot":"","sources":["../src/witness.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAE,MAAM,QAAQ,CAAC;AAEhC,OAAO,EAAE,6BAA6B,EAAE,MAAM,0BAA0B,CAAC;AAEzE,MAAM,UAAU,GAAG,EAAE,CAAC;AAEtB,SAAS,aAAa,CAAC,KAAiB;IACtC,IAAI,MAAM,GAAG,EAAE,CAAC;IAChB,KAAK,MAAM,CAAC,IAAI,KAAK;QAAE,MAAM,GAAG,CAAC,MAAM,IAAI,EAAE,CAAC,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;IAC3D,OAAO,MAAM,CAAC;AAChB,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,oBAAoB;IACxC,IAAI,OAAO,UAAU,KAAK,WAAW,IAAI,CAAC,CAAC,QAAQ,IAAI,UAAU,CAAC,EAAE,CAAC;QACnE,MAAM,CAAC,GAAG,UAAwC,CAAC;QACnD,CAAC,CAAC,MAAM,GAAG,MAAM,CAAC;IACpB,CAAC;AACH,CAAC;AAgBD;;;;;;;;GAQG;AACH,MAAM,CAAC,KAAK,UAAU,6BAA6B,CACjD,kBAA0B,EAC1B,mBAA+B,EAC/B,iBAAyB;IAEzB,MAAM,oBAAoB,EAAE,CAAC;IAC7B,MAAM,SAAS,GAAG,MAAM,MAAM,CAAC,aAAa,CAAC,CAAC;IAC9C,MAAM,QAAQ,GAAG,MAAM,SAAS,CAAC,aAAa,EAAE,CAAC;IACjD,MAAM,OAAO,GAAG,MAAM,SAAS,CAAC,YAAY,EAAE,CAAC;IAC/C,MAAM,CAAC,GAAG,QAAQ,CAAC,CAAC,CAAC;IAErB,MAAM,aAAa,GAAG,MAAM,CAAC,kBAAkB,CAAC,CAAC;IACjD,MAAM,YAAY,GAAG,MAAM,CAAC,iBAAiB,CAAC,CAAC;IAE/C,MAAM,WAAW,GAAG,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC,aAAa,CAAC,mBAAmB,CAAC,CAAC,CAAC,CAAC;IACxE,MAAM,aAAa,GAAG,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC,WAAW,GAAG,YAAY,GAAG,EAAE,CAAC,CAAC,CAAC;IACvE,MAAM,UAAU,GAAG,OAAO,CAAC,eAAe,CACxC,OAAO,CAAC,KAAK,EACb,WAAW,CACU,CAAC;IACxB,MAAM,YAAY,GAAG,OAAO,CAAC,eAAe,CAC1C,OAAO,CAAC,KAAK,EACb,aAAa,CACQ,CAAC;IACxB,MAAM,YAAY,GAAG,OAAO,CAAC,eAAe,CAC1C,YAAY,EACZ,WAAW,CACU,CAAC;IAExB,MAAM,WAAW,GAAG,CAAC,CAAC,QAAQ,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC;IAC9C,MAAM,WAAW,GAAG,CAAC,CAAC,QAAQ,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC;IAC9C,MAAM,aAAa,GAAG,CAAC,CAAC,QAAQ,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,CAAC;IAClD,MAAM,aAAa,GAAG,CAAC,CAAC,QAAQ,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,CAAC;IAClD,MAAM,OAAO,GAAG,CAAC,CAAC,QAAQ,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,CAAC;IAC5C,MAAM,OAAO,GAAG,CAAC,CAAC,QAAQ,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,CAAC;IAE5C,MAAM,iBAAiB,GAAG,CAAC,CAAC,QAAQ,CAClC,QAAQ,CAAC,CAAC,OAAO,EAAE,OAAO,EAAE,WAAW,EAAE,WAAW,CAAC,CAAC,CACvD,CAAC;IACF,MAAM,IAAI,GAAG,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC,iBAAiB,EAAE,aAAa,CAAC,CAAC,CAAC,CAAC;IAEtE,MAAM,UAAU,GAAa,EAAE,CAAC;IAChC,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;IAChD,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,UAAU,EAAE,CAAC,EAAE,EAAE,CAAC;QACpC,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC,UAAU,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,UAAU,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IAChF,CAAC;IAED,MAAM,kBAAkB,GAAa,EAAE,CAAC;IACxC,MAAM,iBAAiB,GAAa,EAAE,CAAC;IACvC,IAAI,OAAO,GAAG,IAAI,CAAC;IACnB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,UAAU,EAAE,CAAC,EAAE,EAAE,CAAC;QACpC,kBAAkB,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,QAAQ,EAAE,CAAC,CAAC;QAClD,iBAAiB,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAC1B,OAAO,GAAG,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC,OAAO,EAAE,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IAC3D,CAAC;IAED,OAAO;QACL,WAAW,EAAE,OAAO,CAAC,QAAQ,EAAE;QAC/B,cAAc,EAAE,aAAa,CAAC,QAAQ,EAAE;QACxC,kBAAkB,EAAE,YAAY,CAAC,QAAQ,EAAE;QAC3C,mBAAmB,EAAE,WAAW,CAAC,QAAQ,EAAE;QAC3C,gBAAgB,EAAE,CAAC,aAAa,CAAC,QAAQ,EAAE,EAAE,aAAa,CAAC,QAAQ,EAAE,CAAC;QACtE,2BAA2B,EAAE,aAAa,CAAC,QAAQ,EAAE;QACrD,oBAAoB,EAAE,kBAAkB;QACxC,mBAAmB,EAAE,iBAAiB;KACvC,CAAC;AACJ,CAAC;AAED;;;;;;;;GAQG;AACH,MAAM,UAAU,oBAAoB,CAClC,IAAuB,EACvB,gBAAwB,EACxB,aAAqB,EACrB,mBAA+B,EAC/B,iBAAyB;IAEzB,MAAM,IAAI,GAAG,6BAA6B,CACxC,IAAI,EACJ,gBAAgB,EAChB,aAAa,EACb,mBAAmB,EACnB,iBAAiB,CAClB,CAAC;IACF,OAAO,IAAI,CAAC,KAAK,CAAC,IAAI,CAAmB,CAAC;AAC5C,CAAC"}

package/package.json

@@ -0,0 +1,30 @@
+{
+  "name": "@opaquecash/psr-prover",
+  "version": "0.1.0",
+  "description": "Circom witness helpers and Groth16 proving (snarkjs) for PSR",
+  "type": "module",
+  "main": "./dist/index.js",
+  "types": "./dist/index.d.ts",
+  "exports": {
+    ".": {
+      "types": "./dist/index.d.ts",
+      "import": "./dist/index.js"
+    }
+  },
+  "files": [
+    "dist"
+  ],
+  "scripts": {
+    "build": "tsc -p tsconfig.json",
+    "clean": "rm -rf dist"
+  },
+  "dependencies": {
+    "@opaquecash/psr-core": "0.1.0",
+    "@opaquecash/stealth-wasm": "0.1.0",
+    "buffer": "^6.0.3",
+    "circomlibjs": "^0.1.7",
+    "snarkjs": "^0.7.5",
+    "viem": "^2.21.0"
+  },
+  "sideEffects": false
+}