Documentation
¶
Overview ¶
voteverifier package contains the Gnark circuit definition that verifies a vote package to be aggregated by the vote aggregator and included in a new state transition. A vote package includes a ballot proof (generated from a circom circuit with snarkjs), the public inputs of the ballot proof circuit, the signature of the public inputs, and a census proof. The vote package is valid if the ballot proof is valid if:
- The public inputs of the ballot proof are valid (match with the hash provided).
- The ballot proof is valid for the public inputs.
- The public inputs of the verification circuit are valid (match with the hash provided).
- The signature of the public inputs is valid for the public key of the voter.
- The address derived from the user public key is part of the census, and verifies the census proof with the user weight provided.
Public inputs:
- InputsHash: The hash of all the inputs that could be public.
Private inputs:
- MaxCount: The maximum number of votes that can be included in the package.
- ForceUniqueness: A flag that indicates if the votes in the package values should be unique.
- MaxValue: The maximum value that a vote can have.
- MinValue: The minimum value that a vote can have.
- MaxTotalCost: The maximum total cost of the votes in the package.
- MinTotalCost: The minimum total cost of the votes in the package.
- CostExp: The exponent used to calculate the cost of a vote.
- CostFromWeight: A flag that indicates if the cost of a vote is calculated from the weight of the user or from the value of the vote.
- Address: The address of the voter.
- UserWeight: The weight of the user that is voting.
- EncryptionPubKey: The public key used to encrypt the votes in the package.
- Nullifier: The nullifier of the votes in the package.
- Commitment: The commitment of the votes in the package.
- ProcessId: The process id of the votes in the package.
- EncryptedBallot: The encrypted votes in the package.
- CensusRoot: The root of the census tree.
- CensusSiblings: The siblings of the address in the census tree.
- Msg: The hash of the public inputs of the ballot proof but as scalar element of the Secp256k1 curve.
- PublicKey: The public key of the voter.
- Signature: The signature of the inputs hash.
- CircomProof: The proof of the ballot proof.
- CircomPublicInputsHash: The hash of the public inputs of the ballot proof.
- CircomVerificationKey: The verification key of the ballot proof (fixed).
Note: The inputs of the circom circuit should be provided as elements of the bn254 scalar field, and the inputs of the gnark circuit should be provided as elements of the current compiler field (BLS12377 expected).
Index ¶
Constants ¶
This section is empty.
Variables ¶
View Source
var Artifacts = circuits.NewCircuitArtifacts( &circuits.Artifact{ RemoteURL: config.VoteVerifierProvingKeyURL, Hash: types.HexStringToHexBytes(config.VoteVerifierProvingKeyHash), }, &circuits.Artifact{ RemoteURL: config.VoteVerifierVerificationKeyURL, Hash: types.HexStringToHexBytes(config.VoteVerifierVerificationKeyHash), }, )
Functions ¶
This section is empty.
Types ¶
type VerifyVoteCircuit ¶
type VerifyVoteCircuit struct {
// Single public input that is the hash of all the public inputs
InputsHash emulated.Element[sw_bn254.ScalarField] `gnark:",public"`
// User public inputs
Vote circuits.EmulatedVote[sw_bn254.ScalarField]
Process circuits.Process[emulated.Element[sw_bn254.ScalarField]]
UserWeight emulated.Element[sw_bn254.ScalarField]
CensusSiblings [circuits.CensusProofMaxLevels]emulated.Element[sw_bn254.ScalarField]
// The following variables are private inputs and they are used to verify
// the user identity ownership
Msg emulated.Element[emulated.Secp256k1Fr]
PublicKey ecdsa.PublicKey[emulated.Secp256k1Fp, emulated.Secp256k1Fr]
Signature ecdsa.Signature[emulated.Secp256k1Fr]
// The ballot proof is passed as private inputs
CircomProof circuits.InnerProofBN254
}
Source Files
Click to show internal directories.
Click to hide internal directories.