npm - @unlink-xyz/core - Versions diffs - 0.1.0 → 0.1.2 - Mend

@unlink-xyz/core 0.1.0 → 0.1.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (110) hide show

package/.eslintrc.json +4 -0
package/account/zkAccount.test.ts +316 -0
package/account/zkAccount.ts +222 -0
package/clients/broadcaster.ts +67 -0
package/clients/http.ts +94 -0
package/clients/indexer.ts +150 -0
package/config.ts +39 -0
package/core.ts +17 -0
package/dist/account/railgun-imports-prototype.d.ts +12 -0
package/dist/account/railgun-imports-prototype.d.ts.map +1 -0
package/dist/account/railgun-imports-prototype.js +30 -0
package/dist/clients/indexer.d.ts.map +1 -1
package/dist/clients/indexer.js +1 -1
package/dist/state/hydrator.d.ts +16 -0
package/dist/state/hydrator.d.ts.map +1 -0
package/dist/state/hydrator.js +18 -0
package/dist/state/job-store.d.ts +12 -0
package/dist/state/job-store.d.ts.map +1 -0
package/dist/state/job-store.js +118 -0
package/dist/state/jobs.d.ts +50 -0
package/dist/state/jobs.d.ts.map +1 -0
package/dist/state/jobs.js +1 -0
package/dist/state.d.ts +83 -0
package/dist/state.d.ts.map +1 -0
package/dist/state.js +171 -0
package/dist/transactions/deposit.d.ts +0 -2
package/dist/transactions/deposit.d.ts.map +1 -1
package/dist/transactions/deposit.js +5 -9
package/dist/transactions/note-sync.d.ts.map +1 -1
package/dist/transactions/note-sync.js +1 -1
package/dist/transactions/shield.d.ts +5 -0
package/dist/transactions/shield.d.ts.map +1 -0
package/dist/transactions/shield.js +93 -0
package/dist/transactions/transact.d.ts +0 -5
package/dist/transactions/transact.d.ts.map +1 -1
package/dist/transactions/transact.js +2 -2
package/dist/transactions/utils.d.ts +10 -0
package/dist/transactions/utils.d.ts.map +1 -0
package/dist/transactions/utils.js +17 -0
package/dist/tsconfig.tsbuildinfo +1 -1
package/dist/utils/time.d.ts +2 -0
package/dist/utils/time.d.ts.map +1 -0
package/dist/utils/time.js +3 -0
package/dist/utils/witness.d.ts +11 -0
package/dist/utils/witness.d.ts.map +1 -0
package/dist/utils/witness.js +19 -0
package/errors.ts +20 -0
package/index.ts +17 -0
package/key-derivation/babyjubjub.ts +11 -0
package/key-derivation/bech32.test.ts +90 -0
package/key-derivation/bech32.ts +124 -0
package/key-derivation/bip32.ts +56 -0
package/key-derivation/bip39.ts +76 -0
package/key-derivation/bytes.ts +118 -0
package/key-derivation/hash.ts +13 -0
package/key-derivation/index.ts +7 -0
package/key-derivation/wallet-node.ts +155 -0
package/keys.ts +47 -0
package/package.json +4 -5
package/prover/config.ts +104 -0
package/prover/index.ts +1 -0
package/prover/prover.integration.test.ts +162 -0
package/prover/prover.test.ts +309 -0
package/prover/prover.ts +405 -0
package/prover/registry.test.ts +90 -0
package/prover/registry.ts +82 -0
package/schema.ts +17 -0
package/setup-artifacts.sh +57 -0
package/state/index.ts +2 -0
package/state/merkle/hydrator.ts +69 -0
package/state/merkle/index.ts +12 -0
package/state/merkle/merkle-tree.test.ts +50 -0
package/state/merkle/merkle-tree.ts +163 -0
package/state/store/ciphertext-store.ts +28 -0
package/state/store/index.ts +24 -0
package/state/store/job-store.ts +162 -0
package/state/store/jobs.ts +64 -0
package/state/store/leaf-store.ts +39 -0
package/state/store/note-store.ts +177 -0
package/state/store/nullifier-store.ts +39 -0
package/state/store/records.ts +61 -0
package/state/store/root-store.ts +34 -0
package/state/store/store.ts +25 -0
package/state.test.ts +235 -0
package/storage/index.ts +3 -0
package/storage/indexeddb.test.ts +99 -0
package/storage/indexeddb.ts +235 -0
package/storage/memory.test.ts +59 -0
package/storage/memory.ts +93 -0
package/transactions/deposit.test.ts +160 -0
package/transactions/deposit.ts +227 -0
package/transactions/index.ts +20 -0
package/transactions/note-sync.test.ts +155 -0
package/transactions/note-sync.ts +452 -0
package/transactions/reconcile.ts +73 -0
package/transactions/transact.test.ts +451 -0
package/transactions/transact.ts +811 -0
package/transactions/types.ts +141 -0
package/tsconfig.json +14 -0
package/types/global.d.ts +15 -0
package/types.ts +24 -0
package/utils/async.ts +15 -0
package/utils/bigint.ts +34 -0
package/utils/crypto.test.ts +69 -0
package/utils/crypto.ts +58 -0
package/utils/json-codec.ts +38 -0
package/utils/polling.ts +6 -0
package/utils/signature.ts +16 -0
package/utils/validators.test.ts +64 -0
package/utils/validators.ts +86 -0

package/keys.ts ADDED Viewed

@@ -0,0 +1,47 @@
+import { KeyValidationError } from "./errors.js";
+export const RESERVED_PREFIXES = [
+  "meta:",
+  "notes:",
+  "leaves:",
+  "roots:",
+  "nullifiers:",
+  "ciphertexts:",
+  "jobs:",
+  "proof_cache:",
+  "cfg:",
+  "idx:",
+  "locks:",
+] as const;
+/** Canonical builders for storage key namespaces used across core */
+export const keys = {
+  note: (c: number, i: number) => `notes:${c}:${i}`,
+  leaf: (c: number, i: number) => `leaves:${c}:${i}`,
+  ciphertext: (c: number, i: number) => `ciphertexts:${c}:${i}`,
+  /** Track note indices that remain unspent for a given master public key (mpk acts as the account identifier). */
+  unspent: (c: number, mpk: string, i: number) =>
+    `idx:notes:unspent:${c}:${mpk}:${i}`,
+  unspentPrefix: (c: number, mpk: string) => `idx:notes:unspent:${c}:${mpk}:`,
+  nullifierObs: (c: number, n: string) => `nullifiers:${c}:${n}`,
+  nullToIndex: (c: number, n: string) => `idx:nullifier:${c}:${n}`,
+  nullifier: (c: number, n: string) => `nullifiers:${c}:${n}`,
+  root: (c: number, value: string) => `roots:${c}:${value}`,
+  latestRoot: (c: number) => `roots:latest:${c}`,
+  rootCursor: (c: number) => `meta:roots:cursor:${c}`,
+  cursor: (c: number) => `meta:sync:cursors:${c}`,
+  aggregate: (c: number, a: string) => `idx:notes:agg:${c}:${a}`,
+  job: (relayId: string) => `jobs:${relayId}`,
+};
+export const MAX_KEY_LEN = 512;
+export function validateKey(key: string) {
+  if (!key) throw new KeyValidationError("key must not be empty");
+  if (key.length > MAX_KEY_LEN)
+    throw new KeyValidationError(`key exceeds ${MAX_KEY_LEN}`);
+  if (!RESERVED_PREFIXES.some((p) => key.startsWith(p)))
+    throw new KeyValidationError(
+      "key must start with a reserved namespace prefix",
+    );
+}

package/package.json CHANGED Viewed

@@ -1,18 +1,17 @@
 {
   "name": "@unlink-xyz/core",
-  "version": "0.1.0",
+  "version": "0.1.2",
   "type": "module",
   "main": "dist/index.js",
   "types": "dist/index.d.ts",
   "exports": {
     ".": {
-      "import": "./dist/index.js",
-      "types": "./dist/index.d.ts"
+      "types": "./dist/index.d.ts",
+      "import": "./dist/index.js"
     }
   },
-  "files": ["dist"],
   "publishConfig": {
-    "access": "restricted"
+    "access": "public"
   },
   "scripts": {
     "build": "tsc -p tsconfig.json",

package/prover/config.ts ADDED Viewed

@@ -0,0 +1,104 @@
+/**
+ * Configuration for the prover system
+ * Handles artifact loading from local files or remote artifact server
+ */
+/**
+ * Environment-based configuration for artifact loading
+ */
+export interface ProverConfig {
+  /** Base URL for the artifact server (browser mode) */
+  rpcUrl: string;
+  /** Whether to enable artifact caching */
+  enableCache: boolean;
+}
+/**
+ * Default configuration
+ * Can be overridden via environment variables
+ */
+export const DEFAULT_CONFIG: ProverConfig = {
+  rpcUrl:
+    typeof process !== "undefined" && process.env?.UNLINK_RPC_URL
+      ? process.env.UNLINK_RPC_URL
+      : "http://localhost:3000",
+  enableCache: true,
+};
+/**
+ * Artifact file types
+ */
+export enum ArtifactType {
+  WASM = "joinsplit.wasm",
+  ZKEY = "joinsplit.zkey",
+  VKEY = "joinsplit.vkey.json",
+}
+/**
+ * Build artifact URL for a given circuit and artifact type
+ * @param circuitName Full circuit name (e.g., "joinsplit_2x3_16")
+ * @param artifactType Type of artifact to fetch
+ * @param baseUrl Base URL of the artifact server
+ * @returns Full URL to the artifact
+ */
+export function buildArtifactUrl(
+  circuitName: string,
+  artifactType: ArtifactType,
+  baseUrl: string = DEFAULT_CONFIG.rpcUrl,
+): string {
+  // Remove trailing slash from baseUrl
+  const cleanBaseUrl = baseUrl.replace(/\/$/, "");
+  return `${cleanBaseUrl}/artifacts/${circuitName}/${artifactType}`;
+}
+/**
+ * Get relative path for local artifact loading
+ * Used in Node.js environment when artifacts are bundled
+ * @param circuitName Full circuit name (e.g., "joinsplit_2x3_16")
+ * @param artifactType Type of artifact
+ * @returns Relative path to artifact
+ */
+export function getLocalArtifactPath(
+  circuitName: string,
+  artifactType: ArtifactType,
+): string[] {
+  // Return multiple candidate paths for different build scenarios
+  return [
+    // When compiled: dist/prover/ -> ../../artifacts/circuits/{circuit}/
+    `../../artifacts/circuits/${circuitName}/${artifactType}`,
+    // When in source: prover/ -> ../artifacts/circuits/{circuit}/
+    `../artifacts/circuits/${circuitName}/${artifactType}`,
+  ];
+}
+/**
+ * Runtime detection utilities
+ */
+export const Runtime = {
+  /**
+   * Check if running in browser environment
+   */
+  isBrowser(): boolean {
+    return typeof window !== "undefined" && typeof document !== "undefined";
+  },
+  /**
+   * Check if running in Node.js environment
+   */
+  isNode(): boolean {
+    return (
+      typeof process !== "undefined" &&
+      process.versions != null &&
+      process.versions.node != null
+    );
+  },
+  /**
+   * Get environment description for debugging
+   */
+  getEnvironment(): string {
+    if (this.isBrowser()) return "browser";
+    if (this.isNode()) return "node";
+    return "unknown";
+  },
+};

package/prover/index.ts ADDED Viewed

	@@ -0,0 +1 @@
1	+ export * from "./prover.js";

package/prover/prover.integration.test.ts ADDED Viewed

@@ -0,0 +1,162 @@
+import { access } from "fs/promises";
+import { dirname, join } from "path";
+import { fileURLToPath } from "url";
+import * as snarkjs from "snarkjs";
+import { beforeAll, describe, expect, it } from "vitest";
+import {
+  getVerificationKey,
+  proveTransaction,
+  type JoinsplitProofInput,
+} from "./prover.js";
+const __filename = fileURLToPath(import.meta.url);
+const __dirname = dirname(__filename);
+describe("prover integration tests", () => {
+  beforeAll(async () => {
+    // Check if artifacts exist for 2x3 circuit (used in integration tests)
+    try {
+      await access(
+        join(
+          __dirname,
+          "../artifacts/circuits/joinsplit_2x3_16/joinsplit.wasm",
+        ),
+      );
+      await access(
+        join(
+          __dirname,
+          "../artifacts/circuits/joinsplit_2x3_16/joinsplit.zkey",
+        ),
+      );
+      await access(
+        join(
+          __dirname,
+          "../artifacts/circuits/joinsplit_2x3_16/joinsplit.vkey.json",
+        ),
+      );
+    } catch (error) {
+      throw new Error(
+        "Circuit artifacts not found. Please run 'pnpm run circuits:build' first.",
+      );
+    }
+  });
+  it("generates and verifies a proof generated from circuits input data", async () => {
+    const rawInput = {
+      merkleRoot:
+        "6651503891008261868318637545520517015441423030408583353730529205210575769897",
+      boundParamsHash:
+        "4367284183670237676694687139389936823583752501847632190787848034614846786866",
+      nullifiers: [
+        "11485370912550667629147418652010973429416469356401563507077544465653018582229",
+        "12458947539527367086074368910577127304083837870968412606004383792911977699092",
+      ],
+      commitmentsOut: [
+        "21220431320512498255211940241902464585964672736998306204392012684848332107713",
+        "10812352772790655187825976376417683652931326614980053685809861928409318557101",
+        "2361786391388492851501376027004057215483918983555223791892300314116572980398",
+      ],
+      token: "611382286831621467233887798921843936019654057231",
+      publicKey: [
+        "17403090114984634995691076088606286689905312870166298587771402004938333701956",
+        "11686443728124206965533675395218715181279824020209406379329530395240161730269",
+      ],
+      signature: [
+        "13337325824273672513648456655099758722924690095445255254284844332733013061113",
+        "11478044465897161338488651611555416955979346707535934533682695529282557178771",
+        "2690614056970046123325708657516589911150638516730022213521930951131599801259",
+      ],
+      randomIn: [
+        "311410881652967579423188304066739460260",
+        "161576146678088229090350665564580980145",
+      ],
+      valueIn: ["10000000000", "20000000000"],
+      pathElements: [
+        [
+          "14943413005531767156170859665453505874291109952298492592265028467982121566535",
+          "17140872132393658386372884137443465756166862794960926853080892710475197765189",
+          "6371505487407425546372285321506278506957375353941268479986307401454583028710",
+          "14682603619753984551536111997488330801501968646131197748838572499913532539651",
+          "4177329909171803290170279196019319447087145475250139657920728261184066492383",
+          "9144726083425293457189930182175584375755866170755203037168330473435257599943",
+          "8236371367060628245320813572019740297071112030680295018688014025332724941914",
+          "20704513355749821470300998799414731362245300238021178553122435057113528378476",
+          "16736886623818773524263138779809916105169520362832964900272252437275369959388",
+          "16415580715665869864634788741927065679186058985255106992778939765291984104497",
+          "5715205213015845364387052206849889843188282449933545435544812025608946666822",
+          "11013175031749877081979736330659999751637067247483574805902945041305483682579",
+          "10708260192616993577686743465610377735773279483333447100671640147037242870779",
+          "17708681376628530799996447981717676562184543188562031708516142906406141650368",
+          "3967876508977884960877910167550068853181553556854105674925421366723704424223",
+          "18077967785446169488603147322170139942753858441115263187838141084900323103797",
+        ],
+        [
+          "17155689016641574060256511555039569894135211745581590863068780884287641639347",
+          "17140872132393658386372884137443465756166862794960926853080892710475197765189",
+          "6371505487407425546372285321506278506957375353941268479986307401454583028710",
+          "14682603619753984551536111997488330801501968646131197748838572499913532539651",
+          "4177329909171803290170279196019319447087145475250139657920728261184066492383",
+          "9144726083425293457189930182175584375755866170755203037168330473435257599943",
+          "8236371367060628245320813572019740297071112030680295018688014025332724941914",
+          "20704513355749821470300998799414731362245300238021178553122435057113528378476",
+          "16736886623818773524263138779809916105169520362832964900272252437275369959388",
+          "16415580715665869864634788741927065679186058985255106992778939765291984104497",
+          "5715205213015845364387052206849889843188282449933545435544812025608946666822",
+          "11013175031749877081979736330659999751637067247483574805902945041305483682579",
+          "10708260192616993577686743465610377735773279483333447100671640147037242870779",
+          "17708681376628530799996447981717676562184543188562031708516142906406141650368",
+          "3967876508977884960877910167550068853181553556854105674925421366723704424223",
+          "18077967785446169488603147322170139942753858441115263187838141084900323103797",
+        ],
+      ],
+      leavesIndices: [0, 1],
+      nullifyingKey:
+        "18659841675752504949640201002407906598138517454751630186524244551004513393000",
+      npkOut: [
+        "5969622909025228762817370697760280284869505282539549033240181049624056088653",
+        "2100582032716223613287570049117084073292258181991442907862227237312284306360",
+        "742175203644052806963513562623187657396500499529893903278346823527475860966",
+      ],
+      valueOut: ["10000000000", "10000000000", "10000000000"],
+    };
+    // Format circuit inputs (convert strings to bigints)
+    // Using the exact field names the circuit expects
+    const circuitInput: JoinsplitProofInput = {
+      merkleRoot: BigInt(rawInput.merkleRoot),
+      boundParamsHash: BigInt(rawInput.boundParamsHash),
+      nullifiers: rawInput.nullifiers.map((n: string) => BigInt(n)),
+      commitmentsOut: rawInput.commitmentsOut.map((c: string) => BigInt(c)),
+      token: BigInt(rawInput.token),
+      publicKey: rawInput.publicKey.map((pk: string) => BigInt(pk)),
+      signature: rawInput.signature.map((s: string) => BigInt(s)),
+      randomIn: rawInput.randomIn.map((r: string) => BigInt(r)),
+      valueIn: rawInput.valueIn.map((v: string) => BigInt(v)),
+      pathElements: rawInput.pathElements.map((pe: string[]) =>
+        pe.map((e) => BigInt(e)),
+      ),
+      leavesIndices: rawInput.leavesIndices.map((i: number) => BigInt(i)),
+      nullifyingKey: BigInt(rawInput.nullifyingKey),
+      npkOut: rawInput.npkOut.map((npk: string) => BigInt(npk)),
+      valueOut: rawInput.valueOut.map((v: string) => BigInt(v)),
+    };
+    // Generate proof using real circuit (automatically selects 2x3 based on input dimensions)
+    const { proof, publicSignals } = await proveTransaction(circuitInput);
+    // Verify the generated proof (2 inputs, 3 outputs)
+    const vkey = await getVerificationKey(2, 3);
+    const isValid = await snarkjs.groth16.verify(vkey, publicSignals, proof);
+    // Assertions
+    expect(isValid).toBe(true);
+    expect(proof.protocol).toBe("groth16");
+    expect(proof.curve).toBe("bn128");
+    expect(publicSignals).toHaveLength(7); // Should match nPublic
+    // Verify public signals match expected values from circuit
+    expect(publicSignals[0]).toBe(rawInput.merkleRoot);
+    expect(publicSignals[1]).toBe(rawInput.boundParamsHash);
+  }, 30000); // Increase timeout as proof generation can take time
+});

package/prover/prover.test.ts ADDED Viewed

@@ -0,0 +1,309 @@
+import { access } from "fs/promises";
+import { dirname, join } from "path";
+import { fileURLToPath } from "url";
+import * as snarkjs from "snarkjs";
+import { afterEach, beforeAll, describe, expect, it, vi } from "vitest";
+import { CoreError } from "../errors.js";
+import {
+  getVerificationKey,
+  proveTransaction,
+  verifyProof,
+  type JoinsplitProofInput,
+} from "./prover.js";
+// Mock snarkjs module
+vi.mock("snarkjs");
+// Test helpers
+function createMockInput(
+  overrides?: Partial<JoinsplitProofInput>,
+): JoinsplitProofInput {
+  return {
+    merkleRoot: 1n,
+    boundParamsHash: 2n,
+    nullifiers: [3n, 4n],
+    commitmentsOut: [5n, 6n, 7n],
+    token: 8n,
+    publicKey: [9n, 10n],
+    signature: [11n, 11n, 11n],
+    randomIn: [12n, 13n],
+    valueIn: [14n, 15n],
+    pathElements: [[0n], [0n]],
+    leavesIndices: [16n, 17n],
+    nullifyingKey: 18n,
+    npkOut: [19n, 20n, 21n],
+    valueOut: [22n, 23n, 24n],
+    ...overrides,
+  };
+}
+function createMockProof() {
+  return {
+    pi_a: ["1", "2", "3"],
+    pi_b: [
+      ["4", "5"],
+      ["6", "7"],
+      ["8", "9"],
+    ],
+    pi_c: ["10", "11", "12"],
+    protocol: "groth16" as const,
+    curve: "bn128" as const,
+  };
+}
+function createMockPublicSignals() {
+  // 2x3 circuit has 7 public signals: [root, hash, nullifier1, nullifier2, commit1, commit2, commit3]
+  return ["25", "26", "27", "28", "29", "30", "31"];
+}
+describe("prover", () => {
+  beforeAll(async () => {
+    const __filename = fileURLToPath(import.meta.url);
+    const __dirname = dirname(__filename);
+    // Check if artifacts exist for 2x3 circuit (used in these tests)
+    try {
+      await access(
+        join(
+          __dirname,
+          "../artifacts/circuits/joinsplit_2x3_16/joinsplit.wasm",
+        ),
+      );
+      await access(
+        join(
+          __dirname,
+          "../artifacts/circuits/joinsplit_2x3_16/joinsplit.zkey",
+        ),
+      );
+      await access(
+        join(
+          __dirname,
+          "../artifacts/circuits/joinsplit_2x3_16/joinsplit.vkey.json",
+        ),
+      );
+    } catch (error) {
+      throw new Error(
+        "Circuit artifacts not found. Please run 'pnpm run circuits:build' first.",
+      );
+    }
+    // Mock verify to return true by default (proveTransaction calls it internally)
+    const verifyMock = vi.mocked(snarkjs.groth16.verify);
+    verifyMock.mockResolvedValue(true);
+  });
+  afterEach(() => {
+    vi.clearAllMocks();
+  });
+  describe("getVerificationKey", () => {
+    it("loads and returns the verification key", async () => {
+      // Test uses 2 inputs, 3 outputs (see createMockInput)
+      const vkey = await getVerificationKey(2, 3);
+      expect(vkey).toBeDefined();
+      expect(vkey.protocol).toBe("groth16");
+      expect(vkey.curve).toBe("bn128");
+      expect(vkey.nPublic).toBe(7); // 2 (root + hash) + 2 (nullifiers) + 3 (commitments) = 7
+      expect(vkey.vk_alpha_1).toBeInstanceOf(Array);
+      expect(vkey.vk_beta_2).toBeInstanceOf(Array);
+      expect(vkey.vk_gamma_2).toBeInstanceOf(Array);
+      expect(vkey.vk_delta_2).toBeInstanceOf(Array);
+      expect(vkey.vk_alphabeta_12).toBeInstanceOf(Array);
+      expect(vkey.IC).toBeInstanceOf(Array);
+      expect(vkey.IC.length).toBe(8); // nPublic + 1
+    });
+  });
+  describe("fetchArtifact", () => {
+    it("successfully loads wasm and zkey files", async () => {
+      const mockInput = createMockInput();
+      const mockProof = createMockProof();
+      const mockPublicSignals = createMockPublicSignals();
+      const fullProveMock = vi.mocked(snarkjs.groth16.fullProve);
+      fullProveMock.mockResolvedValue({
+        proof: mockProof,
+        publicSignals: mockPublicSignals,
+      });
+      // This should not throw file loading errors
+      const result = await proveTransaction(mockInput);
+      expect(result).toBeDefined();
+      expect(result.proof).toEqual(mockProof);
+      expect(result.publicSignals).toEqual(mockPublicSignals);
+      // Verify fullProve was called with buffers (artifacts were loaded)
+      expect(fullProveMock).toHaveBeenCalledTimes(1);
+      const call = fullProveMock.mock.calls[0];
+      expect(call[1]).toBeInstanceOf(Uint8Array); // wasm bytes
+      expect(call[2]).toBeInstanceOf(Uint8Array); // zkey bytes
+    });
+  });
+  describe("proveTransaction", () => {
+    it("generates proof with valid input", async () => {
+      const mockInput = createMockInput({
+        merkleRoot: 100n,
+      });
+      const mockProof = createMockProof();
+      const mockPublicSignals = createMockPublicSignals();
+      const fullProveMock = vi.mocked(snarkjs.groth16.fullProve);
+      fullProveMock.mockResolvedValue({
+        proof: mockProof,
+        publicSignals: mockPublicSignals,
+      });
+      const result = await proveTransaction(mockInput);
+      expect(result.proof).toEqual(mockProof);
+      expect(result.publicSignals).toEqual(mockPublicSignals);
+      expect(fullProveMock).toHaveBeenCalledTimes(1);
+      // Verify the call was made with input signals and file buffers
+      const call = fullProveMock.mock.calls[0];
+      expect(call[0]).toBeDefined(); // inputSignals
+      expect(call[1]).toBeInstanceOf(Uint8Array); // wasm bytes
+      expect(call[2]).toBeInstanceOf(Uint8Array); // zkey bytes
+    });
+    it("wraps errors with CoreError", async () => {
+      const mockInput = createMockInput({
+        nullifiers: [3n],
+        commitmentsOut: [4n],
+        randomIn: [9n],
+        valueIn: [10n],
+        pathElements: [[0n]],
+        leavesIndices: [11n],
+        npkOut: [13n],
+        valueOut: [14n],
+      });
+      const mockError = new Error("snarkjs internal error");
+      const fullProveMock = vi.mocked(snarkjs.groth16.fullProve);
+      fullProveMock.mockRejectedValue(mockError);
+      await expect(proveTransaction(mockInput)).rejects.toThrow(CoreError);
+      await expect(proveTransaction(mockInput)).rejects.toThrow(
+        "proof generation failed: snarkjs internal error",
+      );
+    });
+  });
+  describe("verifyProof", () => {
+    it("verifies a valid proof successfully", async () => {
+      const mockProof = createMockProof();
+      const mockPublicSignals = createMockPublicSignals();
+      const verifyMock = vi.mocked(snarkjs.groth16.verify);
+      verifyMock.mockResolvedValue(true);
+      const result = await verifyProof(mockProof, mockPublicSignals);
+      expect(result).toBe(true);
+      expect(verifyMock).toHaveBeenCalledTimes(1);
+      // Verify it was called with vkey, publicSignals, and proof
+      const call = verifyMock.mock.calls[0];
+      expect(call[0]).toBeDefined(); // vkey
+      expect(call[1]).toEqual(mockPublicSignals);
+      expect(call[2]).toEqual(mockProof);
+    });
+    it("returns false for invalid proof", async () => {
+      const mockProof = createMockProof();
+      const mockPublicSignals = createMockPublicSignals();
+      const verifyMock = vi.mocked(snarkjs.groth16.verify);
+      verifyMock.mockResolvedValue(false);
+      const result = await verifyProof(mockProof, mockPublicSignals);
+      expect(result).toBe(false);
+    });
+    it("wraps errors with CoreError", async () => {
+      const mockProof = createMockProof();
+      const mockPublicSignals = createMockPublicSignals();
+      const mockError = new Error("verification error");
+      const verifyMock = vi.mocked(snarkjs.groth16.verify);
+      verifyMock.mockRejectedValue(mockError);
+      await expect(verifyProof(mockProof, mockPublicSignals)).rejects.toThrow(
+        CoreError,
+      );
+      await expect(verifyProof(mockProof, mockPublicSignals)).rejects.toThrow(
+        "proof verification failed",
+      );
+    });
+    it("completes full prove and verify workflow", async () => {
+      const mockInput = createMockInput();
+      const mockProof = createMockProof();
+      const mockPublicSignals = createMockPublicSignals();
+      // Mock proof generation
+      const fullProveMock = vi.mocked(snarkjs.groth16.fullProve);
+      fullProveMock.mockResolvedValue({
+        proof: mockProof,
+        publicSignals: mockPublicSignals,
+      });
+      // Mock verification
+      const verifyMock = vi.mocked(snarkjs.groth16.verify);
+      verifyMock.mockResolvedValue(true);
+      // Generate proof
+      const proofResult = await proveTransaction(mockInput);
+      // Verify proof
+      const verificationResult = await verifyProof(
+        proofResult.proof,
+        proofResult.publicSignals,
+      );
+      expect(verificationResult).toBe(true);
+      expect(fullProveMock).toHaveBeenCalledTimes(1);
+      expect(verifyMock).toHaveBeenCalledTimes(2); // 1 internal + 1 explicit
+    });
+  });
+  describe("artifact caching", () => {
+    it("loads artifacts only once across multiple calls", async () => {
+      const mockInput = createMockInput();
+      const mockProof = createMockProof();
+      const mockPublicSignals = createMockPublicSignals();
+      const fullProveMock = vi.mocked(snarkjs.groth16.fullProve);
+      fullProveMock.mockResolvedValue({
+        proof: mockProof,
+        publicSignals: mockPublicSignals,
+      });
+      const verifyMock = vi.mocked(snarkjs.groth16.verify);
+      verifyMock.mockResolvedValue(true);
+      // Make multiple calls
+      await proveTransaction(mockInput);
+      await proveTransaction(mockInput);
+      await getVerificationKey(2, 3); // 2 inputs, 3 outputs
+      await verifyProof(mockProof, mockPublicSignals);
+      // All functions should work and be called
+      expect(fullProveMock).toHaveBeenCalledTimes(2);
+      expect(verifyMock).toHaveBeenCalledTimes(3); // 2 internal + 1 explicit
+      // Verify artifacts are being reused (same Uint8Array instances)
+      const firstCall = fullProveMock.mock.calls[0];
+      const secondCall = fullProveMock.mock.calls[1];
+      expect(firstCall[1]).toBe(secondCall[1]); // Same wasm buffer instance
+      expect(firstCall[2]).toBe(secondCall[2]); // Same zkey buffer instance
+    });
+  });
+});