### Setup Parameters and Keys Source: https://zeropool.network/docs/privacy-engine/fawkes-crypto/examples Initializes cryptographic parameters and generates proving and verification keys using the setup function. This is a prerequisite for generating and verifying proofs. ```rust let parameters = Parameters::::setup(10); let keys = setup::<_, _, _>(¶meters, circuit::circuit); ``` -------------------------------- ### Rust Setup for Zero-Knowledge Proof Source: https://zeropool.network/docs/privacy-engine/fawkes-crypto/examples Performs the trusted setup phase for generating proving and verification keys using the specified circuit. Requires Bn256 parameters. ```rust let parameters = Parameters::::setup(10); let keys = setup::<_, _, _>(¶meters, circuit::circuit::<_, { N }>); ``` -------------------------------- ### Get Merkle tree proofs at the specified position Source: https://zeropool.network/docs/privacy-engine/implementation/relayer-node/rest-api Get Merkle tree proofs at the specified position. ```APIDOC ## GET /merkle/proof ### Description Get Merkle tree proofs at the specified position. ### Method GET ### Endpoint /merkle/proof ### Parameters #### Query Parameters - **index** (Integer) - Required - The position for which to retrieve Merkle tree proofs. ### Responses #### Success Response (200: OK) Success #### Error Responses - **404: Not Found** - Specified index doesn't exist in the current tree - **500: Internal Server Error** - Something went wrong ``` -------------------------------- ### Generate R1CS Setup Parameters Source: https://zeropool.network/docs/privacy-engine/fawkes-crypto/api Generates trusted setup parameters for R1CS circuits using the Bn256 engine. This step requires a trusted party or an MPC protocol. ```rust use fawkes_crypto::backend::bellman_groth16:: engines::Bn256, setup::setup } // The Bn256 is one of the engines fawkes-crypto provides. See // fawkes_crypto::backend::bellman_groth16 for more options. let params = setup::(circuit); ``` -------------------------------- ### Example: Deriving a Private Address Source: https://zeropool.network/docs/privacy-engine/implementation/zeropool-keys/address-derivation Demonstrates the step-by-step calculation for deriving a private ZeroPool address using a specific intermediate key and diversifier. Includes intermediate values for hash, subgroup point, buffer data, checksum, and the final Base58 encoded address. ```text η=0x2dedcb9b32000d350bf1055d764302b9d4f4a3820015ea49aaf02438aaa72a85 d=0xc2767ac851b6b1e19eda Hash(d)=0x998ed1a2c59ea1ac23ea4519bd11e88cefe5c888d22bf245b8c22923b4b5488 Gd={x=0x2f6f6ef223959602c05afd2b73ea8952fe0a10ad19ed665b3ee5a0b0b9e4e3ef,y=0x2e23e2751abbb64461e9a852b7b20c8337fc279ed748c77dfa23cf6158f6a6c3} da 9e e1 b1 b6 51 c8 7a 76 c2 ef e3 e4 b9 b0 a0 e5 3e 5b 66 ed 19 ad 10 0a fe 52 89 ea 73 2b fd 5a c0 02 96 95 23 f2 6e 6f 2f f4 e1 d3 a9 45 a0 c6 4a 2c 8c 60 a6 4b ad 38 04 0f 3f 75 24 30 79 7c 30 d1 41 91 a8 0a b5 4a be da 9e e1 b1 b6 51 c8 7a 76 c2 ef e3 e4 b9 b0 a0 e5 3e 5b 66 ed 19 ad 10 0a fe 52 89 ea 73 2b fd 5a c0 02 96 95 23 f2 6e 6f 2f f4 e1 d3 a9 _**QsnTijXekjRm9hKcq5kLNPsa6P4HtMRrc3RxVx3jsLHeo2AiysYxVJP86mriHfN**_ ``` -------------------------------- ### Example Circuit Constraints Source: https://zeropool.network/docs/privacy-engine/fawkes-crypto/background Illustrates the conversion of a simple circuit into a set of constraints for a constraint system. These constraints define the relationships between variables (wires) based on the circuit's gates. ```plaintext w1 = in1 + in2 w2 = in3 * in4 w3 = in2 * w2 w4 = w1 * w3 ``` -------------------------------- ### Get the next index in the Merkle tree Source: https://zeropool.network/docs/privacy-engine/implementation/relayer-node/rest-api Get the next index in the Merkle tree. ```APIDOC ## GET /delta_index ### Description Get the next index in the Merkle tree. ### Method GET ### Endpoint /delta_index ### Responses #### Success Response (200: OK) An integer value of the index #### Error Responses - **500: Internal Server Error** - Something went wrong ``` -------------------------------- ### Generate Plonk Parameters and Keys Source: https://zeropool.network/docs/privacy-engine/fawkes-crypto/api Generates Plonk parameters and keys for the KZG10 commitment scheme using the Bn256 engine. The 'k' parameter influences the commitment scheme's properties. This setup step is crucial for both the prover and verifier. ```rust use fawkes_crypto::backend::plonk:: engines::Bn256, setup::setup, Parameters // Generate parameters. // // The k=10 here is a parameter of KZG10 commitment scheme. See its paper // for details. And Bn256 is one of the available "engines" that // fawkes-crypto implements for Plonk; for details, see // backend::plonk::engines module. let parameters = Parameters::::setup(10); // Sample keys. The vk goes to Verifier, pk goes to Prover let (vk, pk) = setup(¶meters, circuit); ``` -------------------------------- ### Prove R1CS Circuit Source: https://zeropool.network/docs/privacy-engine/fawkes-crypto/api Generates a proof for an R1CS circuit using the provided setup parameters, public, and private inputs. ```rust use fawkes_crypto::backend::bellman_groth16::prover; let (inputs, proof) = prover::prove(¶ms, &pub, &sec, circuit); ``` -------------------------------- ### Conditional assignment example Source: https://zeropool.network/docs/privacy-engine/fawkes-crypto/api Demonstrates conditional assignment using the `switch` method on a tuple of signals. This implements a ternary-like operation within the circuit. ```rust let (x, y) = (a,b).switch(bit, (c, d)) ``` -------------------------------- ### Get current Merkle tree root and delta index Source: https://zeropool.network/docs/privacy-engine/implementation/relayer-node/rest-api Get current Merkle tree root and delta index. ```APIDOC ## GET /info ### Description Get current Merkle tree root and delta index. ### Method GET ### Endpoint /info ### Responses #### Success Response (200: OK) Success #### Error Responses - **500: Internal Server Error** - Something went wrong ``` -------------------------------- ### Verify R1CS Circuit Source: https://zeropool.network/docs/privacy-engine/fawkes-crypto/api Verifies a proof for an R1CS circuit against the setup parameters and inputs. The verifier must also validate the contents of 'inputs'. ```rust use fawkes_crypto::backend::bellman_groth16::verifier; let res = verifier::verify(¶ms.get_vk(), &snark_proof, &inputs); ``` -------------------------------- ### Get Merkle tree root node at the specified index Source: https://zeropool.network/docs/privacy-engine/implementation/relayer-node/rest-api Get Merkle tree root node at the specified index. ```APIDOC ## GET /merkle/root/:index ### Description Get Merkle tree root node at the specified index. ### Method GET ### Endpoint /merkle/root/:index ### Parameters #### Path Parameters - **index** (Integer) - Optional - Index of the Merkle tree root node. ### Responses #### Success Response (200: OK) Success #### Error Responses - **404: Not Found** - Index not exist in the Merkle tree - **500: Internal Server Error** - Something went wrong ``` -------------------------------- ### Get the job status Source: https://zeropool.network/docs/privacy-engine/implementation/relayer-node/rest-api Returns incoming transaction processing state. `jobId` is returned by the /transaction method. ```APIDOC ## GET /job/:id ### Description Returns incoming transaction processing state. `jobId` is returned by the /transaction method. ### Method GET ### Endpoint /job/:id ### Parameters #### Path Parameters - **id** (Integer) - Required - Job identifier ### Responses #### Success Response (200: OK) Job status in body #### Error Responses - **404: Not Found** - Job with specified ID not found - **500: Internal Server Error** - Something went wrong ``` -------------------------------- ### ZeroPool Contract Constructor Source: https://zeropool.network/docs/privacy-engine/implementation/contracts-and-circuits/evm/the-pool-contract Initializes the ZeroPool contract with essential parameters including pool ID, token addresses, denominators, verifier contracts, and the initial Merkle root. ```solidity constructor(uint256 __pool_id, IERC20 _token, IMintable _voucher_token, uint256 _denominator, uint256 _energy_denominator, uint256 _native_denominator, ITransferVerifier _transfer_verifier, ITreeVerifier _tree_verifier, IOperatorManager _operatorManager, uint256 _first_root) ``` -------------------------------- ### Address Derivation Steps Source: https://zeropool.network/docs/privacy-engine/implementation/zeropool-keys/address-derivation Outlines the sequence of cryptographic operations required to derive a private ZeroPool address from an account's intermediate key and a random diversifier. ```text Generate a random 80-bit diversifier ddd Calculate diversifier subgroup generator point: Gd=ToSubGroupHashE(Fr)(d)G_d = \text{ToSubGroupHash}_{E(F_r)}(d)Gd​=ToSubGroupHashE(Fr​)​(d) Derive diversifier public part: Pd=ηGdP_d=\eta G_dPd​=ηGd​​ Prepare address data buffer (bufbufbuf, 42 bytes): join 10 byte of the diversifier with 32 bytes of the Pd.xP_d.xPd​.x Get address checksum: checksum=keccak256(buf)checksum = keccak256(buf)checksum=keccak256(buf) Attach checksumchecksumchecksum first 4 bytes to the bufbufbuf Encode bufbufbuf with Base58 to the string ``` -------------------------------- ### Get Current Operator Address Source: https://zeropool.network/docs/privacy-engine/implementation/contracts-and-circuits/evm/operator-manager-contract Retrieves the current operator address authorized to interact with the Pool contract. This function is viewable and does not modify state. ```solidity function operator() external view returns (address); ``` -------------------------------- ### Poseidon Hash Circuit Implementation Source: https://zeropool.network/docs/privacy-engine/fawkes-crypto/examples Implements a circuit for the Poseidon hash function. Requires initializing Poseidon parameters and connecting the hash output to public and secret inputs using assert_eq. ```rust use fawkes_crypto::{ circuit::poseidon::c_poseidon, native::poseidon::PoseidonParams, }; // Initialize Poseidon hash parameters. See Poseidon docs for more info on // these pub static POSEIDON_PARAMS: Lazy> = Lazy::new(|| PoseidonParams::::new(6, 8, 53)); pub fn circuit>(public: CNum, secret: CNum) { let h = c_poseidon(&[secret], &*POSEIDON_PARAMS); h.assert_eq(&public); } ``` -------------------------------- ### R1CS Linear Operations (Addition) Source: https://zeropool.network/docs/privacy-engine/fawkes-crypto/api Demonstrates how addition is handled in R1CS, where it does not create an explicit constraint but stores information within the CNum itself. ```rust let a: CNum = CNum<_>::alloc(rcs, …); let b: CNum = CNum<_>::alloc(rcs, …); let c: CNum = a + b; ``` -------------------------------- ### Calculate transaction proof Source: https://zeropool.network/docs/privacy-engine/implementation/relayer-node/rest-api Builds zkSNARK proof for the transaction based on public and secret transaction input calculated by a client. WARNING: This is a debug method used to decrease client overhead. DO NOT use in production, as the client should pass public and secret transactional data. This significantly decreases overall security! ```APIDOC ## POST /proof_tx ### Description Builds zkSNARK proof for the transaction based on public and secret transaction input calculated by a client. **WARNING:** This is a debug method used to decrease client overhead. DO NOT use in production, as the client should pass public and secret transactional data. This significantly decreases overall security! ### Method POST ### Endpoint /proof_tx ### Parameters #### Request Body - **pub** (Dictionary) - Required - Public inputs for the circuit - **sec** (Dictionary) - Required - Secret inputs for the circuit ### Responses #### Success Response (200: OK) Proof has been calculated successfully #### Error Responses - **400: Bad Request** - Error in the public or secret input - **500: Internal Server Error** - Something went wrong ``` -------------------------------- ### Rust Circuit for Fibonacci Proof Source: https://zeropool.network/docs/privacy-engine/fawkes-crypto/examples Converts the Fibonacci circuit into a predicate C(pub,sec) that checks if F(pub) = sec. This is used in the setup-prove-verify process for zero-knowledge proofs. ```rust pub fn circuit(public: CNum, secret: CNum) { let num = c_fibonacci::(&public); num.assert_eq(&secret); } ``` -------------------------------- ### Generate Plonk Proof Source: https://zeropool.network/docs/privacy-engine/fawkes-crypto/api Generates a Plonk proof using the provided parameters, prover key, public inputs ('pub'), and secret inputs ('sec'). The output includes the list of all public inputs and the generated proof. ```rust use fawkes_crypto::backend::plonk::prover; let (inputs, proof) = prover::prove( ¶meters, &pk, &pub, // actual value of pub to pass to circuit &sec, // actual value of sec to pass to circuit circuit, ); ``` -------------------------------- ### Account Encryption with ChaCha20Poly1305 Source: https://zeropool.network/docs/privacy-engine/implementation/transaction-overview/untitled-1/memo-block-encryption Encrypts an output account using a randomly generated symmetric key and the ChaCha20Poly1305 algorithm. The nonce is a fixed value derived from 'ZeroPool'. ```plaintext key_a = random() acc^{enc} = ChaCha20Poly1305_{key_a}^{nonce}(acc) ``` -------------------------------- ### Initial Merkle Root for Height 48 Source: https://zeropool.network/docs/privacy-engine/implementation/contracts-and-circuits/evm/the-pool-contract Specifies the fixed initial Merkle root value for a tree with a height of 48 and no initial leaves. ```plaintext 11469701942666298368112882412133877458305516134926649826543144744382391691533 ``` -------------------------------- ### Send a transaction to the contract Source: https://zeropool.network/docs/privacy-engine/implementation/relayer-node/rest-api This method checks an incoming transaction, builds the zkSNARK Merkle tree proof, and sends the transaction to the Pool contract. The transaction doesn't process immediately because contract interaction is completed in a serial manner. Incoming transactions are put into the job queue. The method returns `jobId` on success. ```APIDOC ## POST /transaction ### Description Checks an incoming transaction, builds the zkSNARK Merkle tree proof, and sends the transaction to the Pool contract. The transaction doesn't process immediately because contract interaction is completed in a serial manner. Incoming transactions are put into the job queue. The method returns `jobId` on success. ### Method POST ### Endpoint /transaction ### Parameters #### Request Body - **proof** (Dictionary) - Required - Transaction proof (built by a client) - **memo** (String) - Required - Memo block, Base64-encoded - **tx_type** (Integer) - Required - 0: deposit, 1: transfer, 2: withdrawal - **depositSignature** (String) - Optional - Account nullifier signature with the client's native chain private key (for withdrawal tx only) ### Responses #### Success Response (201: Created) Transaction has been pushed to the job queue #### Error Responses - **400: Bad Request** - Error while parsing the input JSON - **500: Internal Server Error** - Something went wrong ``` -------------------------------- ### Prover Generates Proof Source: https://zeropool.network/docs/privacy-engine/fawkes-crypto/examples The prover generates a cryptographic proof along with the inputs required for verification. This involves providing the parameters, secret keys, public inputs, and the circuit definition. ```rust let (inputs, snark_proof) = prover::prove( ¶meters, &keys.1, &Num::from(c), &(Num::from(a), Num::from(b)), circuit::circuit, ); ``` -------------------------------- ### Poseidon Hash Proof Generation Source: https://zeropool.network/docs/privacy-engine/fawkes-crypto/examples Generates a SNARK proof for the Poseidon hash relation. The prover computes the proof using the hash, secret data, and the circuit function. ```rust let (inputs, snark_proof) = prover::prove( ¶meters, &keys.1, &hash, &data, circuit::circuit, ); ``` -------------------------------- ### Allocate a new variable in Constraint System Source: https://zeropool.network/docs/privacy-engine/fawkes-crypto/api Allocates a new variable within the Constraint System. Use `Some(x)` for the Prover to set the variable's value, and `None` for the Verifier. ```rust fn CS::alloc(self, value: Option) -> CNum ``` -------------------------------- ### Rust Utility Functions for Tx Decoder Source: https://zeropool.network/docs/privacy-engine/implementation/contracts-and-circuits/substrate/tx_decoder Utility functions used within the TxDecoder for number manipulation and proof decoding. `ensure_twos_complement` adjusts U256 values, and `decode_proof` is a placeholder for actual proof decoding logic. ```rust use crate::utils::U256; pub fn ensure_twos_complement(val: U256) -> U256 { // In this context, we assume the values are already in the correct format // or that the underlying U256 implementation handles two's complement correctly // for the operations intended. If specific adjustments are needed based on // how the bytes are interpreted (e.g., signed vs unsigned interpretation of a range), // that logic would be implemented here. val } pub fn decode_proof(proof_bytes: &[u8]) -> Vec { // Placeholder for actual proof decoding logic. // In a real implementation, this would parse the proof_bytes // according to the specific proof format (e.g., Groth16, PLONK). proof_bytes.to_vec() } // Assuming U256 is available, e.g., from the `primitive_types` crate // If not, you would need to define or import a U256 type. // For demonstration, let's assume a basic structure if not provided: #[derive(Debug, Clone, Copy, PartialEq, Eq, PartialOrd, Ord)] pub struct U256(pub [u8; 32]); impl U256 { pub fn from_big_endian(bytes: &[u8]) -> Self { let mut data = [0u8; 32]; data.copy_from_slice(&bytes[..32]); U256(data) } pub fn low_u32(&self) -> u32 { // Extracts the lowest 32 bits (4 bytes) let mut bytes = [0u8; 4]; bytes.copy_from_slice(&self.0[28..32]); u32::from_be_bytes(bytes) } } ``` -------------------------------- ### ZeroPool Denominators Source: https://zeropool.network/docs/privacy-engine/implementation/contracts-and-circuits/evm/the-pool-contract Defines the constants for token and native coin denominators, typically set to 1 gwei. ```solidity uint256 constant TOKEN_DENOMINATOR = 1 gwei; uint256 constant NATIVE_DENOMINATOR = 1 gwei; ``` -------------------------------- ### Verify Plonk Proof Source: https://zeropool.network/docs/privacy-engine/fawkes-crypto/api Verifies a Plonk proof using the provided parameters, verifier key, the proof itself, and the list of public inputs. Returns a boolean indicating whether the proof is valid. ```rust use fawkes_crypto::backend::plonk::verifier; let result: bool = verifier::verify( ¶meters, &vk, &proof, &inputs, ); ``` -------------------------------- ### Rust Transaction Decoder Implementation Source: https://zeropool.network/docs/privacy-engine/implementation/contracts-and-circuits/substrate/tx_decoder This Rust code defines the TxType enum and the TxDecoder struct for decoding ZeroPool transactions. It includes methods to extract various transaction fields like nullifier, commitment, amounts, and proof details from raw byte data. ```rust use crate::tx_decoder::TxType; use crate::utils::U256; use crate::utils::ensure_twos_complement; use crate::utils::decode_proof; pub struct TxDecoder { data: Vec, } impl TxDecoder { pub fn new(data: Vec) -> Self { Self { data } } pub fn nullifier(&self) -> U256 { self.num(0, 32) } pub fn out_commit(&self) -> U256 { self.num(32, 32) } pub fn transfer_index(&self) -> U256 { self.num(64, 32) } pub fn energy_amount(&self) -> U256 { self.num(96, 32) } pub fn token_amount(&self) -> U256 { self.num(128, 32) } pub fn delta(&self) -> U256 { self.num(160, 32) } pub fn transact_proof(&self) -> Vec { self.data[192..192 + 128].to_vec() } pub fn root_after(&self) -> U256 { self.num(192 + 128, 32) } pub fn tree_proof(&self) -> Vec { self.data[192 + 128 + 32..192 + 128 + 32 + 128].to_vec() } pub fn tx_type(&self) -> TxType { let tx_type_val = self.num(192 + 128 + 32 + 128, 1); match tx_type_val.low_u32() { 0 => TxType::Deposit, 1 => TxType::Transfer, 2 => TxType::Withdraw, _ => panic!("Unknown tx type") } } pub fn memo_size(&self) -> U256 { self.num(192 + 128 + 32 + 128 + 1, 4) } pub fn memo_message(&self) -> Vec { let memo_size = self.memo_size().low_u32() as usize; self.data[192 + 128 + 32 + 128 + 1 + 4..192 + 128 + 32 + 128 + 1 + 4 + memo_size].to_vec() } pub fn memo_fee(&self) -> U256 { let memo_size = self.memo_size().low_u32() as usize; self.num(192 + 128 + 32 + 128 + 1 + 4 + memo_size, 32) } pub fn memo_native_amount(&self) -> U256 { let memo_size = self.memo_size().low_u32() as usize; self.num(192 + 128 + 32 + 128 + 1 + 4 + memo_size + 32, 32) } pub fn memo_address(&self) -> U256 { let memo_size = self.memo_size().low_u32() as usize; self.num(192 + 128 + 32 + 128 + 1 + 4 + memo_size + 32 + 32, 32) } pub fn ciphertext(&self) -> Vec { let memo_size = self.memo_size().low_u32() as usize; let memo_fields_size = 32 + 32 + 32 + 32; self.data[192 + 128 + 32 + 128 + 1 + 4 + memo_size + memo_fields_size..].to_vec() } fn num(&self, start: usize, len: usize) -> U256 { let end = start + len; let slice = &self.data[start..end]; ensure_twos_complement(U256::from_big_endian(slice)) } } #[derive(Debug, PartialEq)] pub enum TxType { Deposit, Transfer, Withdraw, } ``` -------------------------------- ### Note Encryption with ChaCha20Poly1305 Source: https://zeropool.network/docs/privacy-engine/implementation/transaction-overview/untitled-1/memo-block-encryption Encrypts an output note using an ephemeral secret key, calculating a public key and deriving a symmetric key for ChaCha20Poly1305 encryption. The nonce is a fixed value derived from 'ZeroPool'. ```plaintext a_i = random() A_i = a_i ToSubGroupHash_{E(F_r)}(Note_i.d) key_i = keccak256(a_i Note_i.P_d) Note_i^{enc} = ChaCha20Poly1305_{key_i}^{nonce}(Note_i) ``` -------------------------------- ### Query transactions Source: https://zeropool.network/docs/privacy-engine/implementation/relayer-node/rest-api Returns memo blocks and out commits for transactions at the specified offset. This method is used by clients to synchronize account state. ```APIDOC ## GET /transactions/:limit/:offset ### Description Returns memo blocks and out commits for transactions at the specified offset. This method is used by clients to synchronize account state. ### Method GET ### Endpoint /transactions/:limit/:offset ### Parameters #### Path Parameters - **limit** (Integer) - Required - Number of transactions to query - **offset** (Integer) - Required - The Index of the first transaction (in the Merkle tree, should be a multiple of 128) ### Responses #### Success Response (200: OK) Array of requested transactions #### Error Responses - **400: Bad Request** - Check query parameters - **500: Internal Server Error** - Something went wrong ``` -------------------------------- ### Verifier Verifies Proof Source: https://zeropool.network/docs/privacy-engine/fawkes-crypto/examples The verifier checks the validity of the proof provided by the prover using the public parameters, verification keys, the proof itself, and the associated inputs. An assertion confirms the proof's validity. ```rust assert!(verifier::verify( ¶meters, &keys.0, &snark_proof, &inputs )); ``` -------------------------------- ### Rust Prover Generates SNARK Proof Source: https://zeropool.network/docs/privacy-engine/fawkes-crypto/examples The prover generates a SNARK proof that demonstrates knowledge of the nth Fibonacci number without revealing the number itself. 'n' is public, and 'num' is secret. ```rust let (inputs, snark_proof) = prover::prove( ¶meters, &keys.1, &Num::from(n as u64), &Num::from(num), circuit::circuit::<_, { N }>, ); ``` -------------------------------- ### Rust Circuit for Fibonacci Numbers Source: https://zeropool.network/docs/privacy-engine/fawkes-crypto/examples Defines a Rust circuit to compute the nth Fibonacci number. The constant N specifies the maximum value of n the circuit can handle. Use this when you need to prove knowledge of a Fibonacci number without revealing its value. ```rust /// Simple circuit that computes the nth fibonacci number. fn c_fibonacci(n: &CNum) -> CNum { let mut a: CNum = n.derive_const(&Num::from(0)); let mut b: CNum = n.derive_const(&Num::from(1)); let mut res = a.clone(); for i in 1..N { // Regular Fibonacci iteration. let tmp = &a + &b; a = b.clone(); b = tmp; // Check if n == i, and update res if so. let i_const: CNum = n.derive_const(&Num::from(i as u32)); let update_res: CBool = n.is_eq(&i_const); res = a.switch(&update_res, &res); } res } ``` -------------------------------- ### Rust Prover Computes Fibonacci Number Source: https://zeropool.network/docs/privacy-engine/fawkes-crypto/examples The prover computes the actual Fibonacci number for a given public input 'n'. This value will be kept secret during the proof generation. ```rust let n = 4; let num = fibonacci_number(n); ``` -------------------------------- ### ZeroPool Transaction Method Source: https://zeropool.network/docs/privacy-engine/implementation/contracts-and-circuits/evm/the-pool-contract The external payable method used to process incoming transactions. It requires the sender to be an authorized operator. ```solidity function transact() external payable onlyOperator; ``` -------------------------------- ### Make a secret variable public Source: https://zeropool.network/docs/privacy-engine/fawkes-crypto/api Converts a secret variable (from sec) into a public variable (in pub) within the Constraint System. ```rust fn CS::inputize(n: CNum); ``` -------------------------------- ### Deriving Note Decryption Key (Receiver Case) Source: https://zeropool.network/docs/privacy-engine/implementation/transaction-overview/untitled-1/memo-block-encryption A receiver can derive the symmetric key for a note using the note's public key (A_i) and the account's key (eta). ```plaintext key_i = keccak256(A_i \eta) ``` -------------------------------- ### Magic Square Constraint System Source: https://zeropool.network/docs/privacy-engine/fawkes-crypto/examples Defines the constraints for a 3x3 magic square where row, column, and diagonal sums must equal a public value. This circuit compiles to WebAssembly for browser execution. ```rust pub fn circuit(public: CNum, secret: SizedVec, 9>) { (&secret[0] + &secret[1] + &secret[2]).assert_eq(&public); (&secret[3] + &secret[4] + &secret[5]).assert_eq(&public); (&secret[6] + &secret[7] + &secret[8]).assert_eq(&public); (&secret[0] + &secret[3] + &secret[6]).assert_eq(&public); (&secret[1] + &secret[4] + &secret[7]).assert_eq(&public); (&secret[2] + &secret[5] + &secret[8]).assert_eq(&public); (&secret[0] + &secret[4] + &secret[8]).assert_eq(&public); (&secret[2] + &secret[4] + &secret[6]).assert_eq(&public); } ``` -------------------------------- ### Conditional signal switching Source: https://zeropool.network/docs/privacy-engine/fawkes-crypto/api Returns `self` if the `bit` is true, otherwise returns `if_else`. This is used for conditional assignments and control flow within the circuit. ```rust // Returns self if bit is true, if_else otherwise fn Signal::switch(&self, bit: CBool, if_else: Self) -> Self ``` -------------------------------- ### Define Plonk Circuit Function Signature Source: https://zeropool.network/docs/privacy-engine/fawkes-crypto/api The signature for a Plonk circuit function in Fawkes-crypto. It accepts two signals, 'pub' for public inputs and 'sec' for secret inputs, both of which must implement the Signal trait and belong to the same BuildCS instance. ```rust circuit: Fn(Signal>, Signal>) ``` -------------------------------- ### Shared Secrets Encryption Source: https://zeropool.network/docs/privacy-engine/implementation/transaction-overview/untitled-1/memo-block-encryption Encrypts a bundle of symmetric keys (for account and notes) using a randomly generated key and the ChaCha20Poly1305 algorithm. An ephemeral public key is generated for the shared secrets. ```plaintext a_p = random() A_p = a_p G key_p = keccak256(A_p acc.\eta) keys^{enc} = ChaCha20Poly1305_{key_p}^{nonce}(keys) ```