@rolly-dev/wasm-signer 0.13.1 → 1.0.0

package/dist/web/rolly_wasm_signer.js

@@ -51,7 +51,7 @@ export function compute_address_hash(address_hex) {
  * Full Poseidon2 hash of an 8-element server seed.
  *
  * Returns all 4 hash elements.  Note: the circuit stores only the
- * **first 2 elements** as the leaf commitment (see `seed_hash_truncated`).
+ * **first 3 elements** as the leaf commitment (see `seed_hash_truncated`).
  * This full variant is useful for client-side verification where all
  * 4 elements may be needed.
  *
@@ -191,6 +191,79 @@ export function goldilocks_reduce(value) {
     return BigInt.asUintN(64, ret);
 }
 
+/**
+ * Hash a raw 7-element balance leaf → 4-element Merkle node.
+ *
+ * Raw layout: `[balance_lo, balance_hi, seed_hash_0, seed_hash_1, seed_hash_2, credit_lo, credit_hi]`
+ *
+ * Identical to `hash_balance_leaf` in `prover/circuit/src/helpers/leaf_ops.rs`.
+ *
+ * **Input** : `BigUint64Array` of exactly 7 elements (each < `GOLDILOCKS_P`).
+ * **Output**: `BigUint64Array` of length 4 (one `HashOut`).
+ *
+ * ```js
+ * const raw = BigUint64Array.from([balLo, balHi, seed0, seed1, seed2, credLo, credHi]);
+ * const balanceHash = hash_balance_leaf(raw);  // length 4
+ * ```
+ * @param {BigUint64Array} raw
+ * @returns {BigUint64Array}
+ */
+export function hash_balance_leaf(raw) {
+    try {
+        const retptr = wasm.__wbindgen_add_to_stack_pointer(-16);
+        const ptr0 = passArray64ToWasm0(raw, wasm.__wbindgen_export3);
+        const len0 = WASM_VECTOR_LEN;
+        wasm.hash_balance_leaf(retptr, ptr0, len0);
+        var r0 = getDataViewMemory0().getInt32(retptr + 4 * 0, true);
+        var r1 = getDataViewMemory0().getInt32(retptr + 4 * 1, true);
+        var v2 = getArrayU64FromWasm0(r0, r1).slice();
+        wasm.__wbindgen_export2(r0, r1 * 8, 8);
+        return v2;
+    } finally {
+        wasm.__wbindgen_add_to_stack_pointer(16);
+    }
+}
+
+/**
+ * Build a main Merkle tree leaf from balance_hash, pk_hash, and address_hash.
+ *
+ * `main_leaf = Poseidon2(balance_hash[4] || pk_hash[0..2] || address_hash[0..2])`
+ *
+ * Uses truncated (128-bit) pk/address hashes to keep the preimage at 8 elements
+ * (single Poseidon2 permutation round). Identical to `make_main_leaf` in
+ * `prover/circuit/src/helpers/leaf_ops.rs`.
+ *
+ * All three inputs must be exactly 4 elements.
+ * **Output**: `BigUint64Array` of length 4 (the Merkle leaf hash).
+ *
+ * ```js
+ * const leaf = make_main_leaf(balanceHash, pkHash, addressHash);
+ * ```
+ * @param {BigUint64Array} balance_hash
+ * @param {BigUint64Array} pk_hash
+ * @param {BigUint64Array} address_hash
+ * @returns {BigUint64Array}
+ */
+export function make_main_leaf(balance_hash, pk_hash, address_hash) {
+    try {
+        const retptr = wasm.__wbindgen_add_to_stack_pointer(-16);
+        const ptr0 = passArray64ToWasm0(balance_hash, wasm.__wbindgen_export3);
+        const len0 = WASM_VECTOR_LEN;
+        const ptr1 = passArray64ToWasm0(pk_hash, wasm.__wbindgen_export3);
+        const len1 = WASM_VECTOR_LEN;
+        const ptr2 = passArray64ToWasm0(address_hash, wasm.__wbindgen_export3);
+        const len2 = WASM_VECTOR_LEN;
+        wasm.make_main_leaf(retptr, ptr0, len0, ptr1, len1, ptr2, len2);
+        var r0 = getDataViewMemory0().getInt32(retptr + 4 * 0, true);
+        var r1 = getDataViewMemory0().getInt32(retptr + 4 * 1, true);
+        var v4 = getArrayU64FromWasm0(r0, r1).slice();
+        wasm.__wbindgen_export2(r0, r1 * 8, 8);
+        return v4;
+    } finally {
+        wasm.__wbindgen_add_to_stack_pointer(16);
+    }
+}
+
 /**
  * Poseidon2 hash of an arbitrary number of Goldilocks field elements.
  *
@@ -253,13 +326,15 @@ export function poseidon2_two_to_one(left, right) {
 }
 
 /**
- * Truncated seed hash — first 2 elements of `Poseidon2(server_seed)`.
+ * Truncated seed hash — first 3 elements of `Poseidon2(server_seed)`.
  *
+ * 192 bits of commitment → ~96-bit collision resistance, which closes the
+ * multi-preimage grinding vector that an earlier 128-bit truncation left open.
  * This is the exact format stored in the Merkle-tree leaf and verified
  * by the circuit.  Matches `seed_hash_truncated` in
- * `src/block_builder/builder.rs` and `src/circuit/main_circuit.rs`.
+ * `src/block_builder/builder.rs` and `src/circuit/slot/fairness.rs`.
  *
- * Returns `BigUint64Array` of length 2: `[h[0], h[1]]`.
+ * Returns `BigUint64Array` of length 3: `[h[0], h[1], h[2]]`.
  * @param {BigUint64Array} server_seed
  * @returns {BigUint64Array}
  */

package/dist/web/rolly_wasm_signer_bg.wasm.d.ts

@@ -8,6 +8,8 @@ export const derive_session_key: (a: number, b: number, c: number) => void;
 export const generate_user_seed: (a: number) => void;
 export const goldilocks_fields_to_hex: (a: number, b: number, c: number) => void;
 export const goldilocks_reduce: (a: bigint) => bigint;
+export const hash_balance_leaf: (a: number, b: number, c: number) => void;
+export const make_main_leaf: (a: number, b: number, c: number, d: number, e: number, f: number, g: number) => void;
 export const poseidon2_hash: (a: number, b: number, c: number) => void;
 export const poseidon2_two_to_one: (a: number, b: number, c: number, d: number, e: number) => void;
 export const seed_hash_truncated: (a: number, b: number, c: number) => void;

package/js/browser.d.mts

@@ -13,6 +13,8 @@ export {
   goldilocks_reduce,
   amount_split,
   compute_address_hash,
+  hash_balance_leaf,
+  make_main_leaf,
 } from '../dist/web/rolly_wasm_signer.js';
 
 export { default as init } from '../dist/web/rolly_wasm_signer.js';

package/js/browser.mjs

@@ -15,4 +15,6 @@ export {
   goldilocks_reduce,
   amount_split,
   compute_address_hash,
+  hash_balance_leaf,
+  make_main_leaf,
 } from '../dist/web/rolly_wasm_signer.js';

package/js/index.d.ts

@@ -13,4 +13,6 @@ export {
   goldilocks_reduce,
   amount_split,
   compute_address_hash,
+  hash_balance_leaf,
+  make_main_leaf,
 } from '../dist/node-inline/rolly_wasm_signer.js';

package/js/node-inline.cjs

@@ -17,4 +17,6 @@ module.exports = {
   goldilocks_reduce:        wasm.goldilocks_reduce,
   amount_split:             wasm.amount_split,
   compute_address_hash:     wasm.compute_address_hash,
+  hash_balance_leaf:        wasm.hash_balance_leaf,
+  make_main_leaf:           wasm.make_main_leaf,
 };

package/js/node-inline.mjs

@@ -13,4 +13,6 @@ export {
   goldilocks_reduce,
   amount_split,
   compute_address_hash,
+  hash_balance_leaf,
+  make_main_leaf,
 } from '../dist/node-inline/rolly_wasm_signer.mjs';

package/js/node.cjs

@@ -17,4 +17,6 @@ module.exports = {
   goldilocks_reduce:        wasm.goldilocks_reduce,
   amount_split:             wasm.amount_split,
   compute_address_hash:     wasm.compute_address_hash,
+  hash_balance_leaf:        wasm.hash_balance_leaf,
+  make_main_leaf:           wasm.make_main_leaf,
 };

package/js/node.mjs

@@ -18,4 +18,6 @@ export const {
   goldilocks_reduce,
   amount_split,
   compute_address_hash,
+  hash_balance_leaf,
+  make_main_leaf,
 } = wasm;

package/js/react.d.mts

@@ -15,6 +15,8 @@ export interface RollyWasmResult {
   goldilocks_reduce:        (value: bigint) => bigint;
   amount_split:             (amount: bigint) => Uint32Array;
   compute_address_hash:     (address_hex: string) => BigUint64Array;
+  hash_balance_leaf:        (raw: BigUint64Array) => BigUint64Array;
+  make_main_leaf:           (balance_hash: BigUint64Array, pk_hash: BigUint64Array, address_hash: BigUint64Array) => BigUint64Array;
 }
 
 export function useRollyWasm(): RollyWasmResult;

package/js/react.mjs

@@ -14,6 +14,8 @@ import init, {
   goldilocks_reduce,
   amount_split,
   compute_address_hash,
+  hash_balance_leaf,
+  make_main_leaf,
 } from '../dist/web/rolly_wasm_signer.js';
 
 let _ready = false;
@@ -41,6 +43,8 @@ const fns = {
   goldilocks_reduce:        guard(goldilocks_reduce),
   amount_split:             guard(amount_split),
   compute_address_hash:     guard(compute_address_hash),
+  hash_balance_leaf:        guard(hash_balance_leaf),
+  make_main_leaf:           guard(make_main_leaf),
 };
 
 /**

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@rolly-dev/wasm-signer",
-  "version": "0.13.1",
+  "version": "1.0.0",
   "description": "Poseidon2 hashing & bet signing for Rolly ZK-Rollup (WASM, Goldilocks field)",
   "type": "module",
   "exports": {