Merge pull request #105 from hyperledger-labs/withdraw-event

Add UTXOWithdraw event

Author: Chengxuan

solidity/contracts/lib/interfaces/izeto_base.sol

@@ -17,4 +17,11 @@ pragma solidity ^0.8.20;
 
 interface IZetoBase {
     event UTXOMint(uint256[] outputs, address indexed submitter, bytes data);
+    event UTXOWithdraw(
+        uint256 amount,
+        uint256[] inputs,
+        uint256 output,
+        address indexed submitter,
+        bytes data
+    );
 }

solidity/contracts/lib/verifier_check_hashes_value.sol

@@ -43,14 +43,17 @@ contract Groth16Verifier_CheckHashesValue {
     uint256 constant deltay2 = 8495653923123431417604973247489272438418190587263600148770280649306958101930;
 
 
-    uint256 constant IC0x = 7451946452627654831087368244416850811848640051585835431774006564787696394579;
-    uint256 constant IC0y = 3335938186741695161920937664249081252546904250712465973121885140080729804559;
+    uint256 constant IC0x = 17792762022125287046321768098607171320071618631211367966788587488825455404458;
+    uint256 constant IC0y = 11155528019403985287117957011181683282276980330791900414761420530701336492839;
 
-    uint256 constant IC1x = 4825167184845404163337490360685409593368334234867416547655377178016060612776;
-    uint256 constant IC1y = 20216917433859335199329194148245717058149862581677751710529776924054717858789;
+    uint256 constant IC1x = 6717605603646218844646921196814073522173739325926307699116887265970061883098;
+    uint256 constant IC1y = 516153472147520123255754218210841627924243470206670179828454953236590121912;
 
-    uint256 constant IC2x = 15958914812085923571729409913935907268381565403173614269925036163982984629903;
-    uint256 constant IC2y = 12537821265017874170836131082487633026846634600904134063136842002739226714069;
+    uint256 constant IC2x = 8087731838810758210112265887449747110390409349987938026778639089761261395232;
+    uint256 constant IC2y = 19857276812072296411781253738593366602790857251698964067504889225833057563826;
+    
+    uint256 constant IC3x = 473105502461913999202734899658281137764286492931790885921074401072316990093;
+    uint256 constant IC3y = 19795449967604900309902005580999588375004713323386672270649013487860620808493;
 
 
     // Memory data
@@ -59,7 +62,7 @@ contract Groth16Verifier_CheckHashesValue {
 
     uint16 constant pLastMem = 896;
 
-    function verifyProof(uint[2] calldata _pA, uint[2][2] calldata _pB, uint[2] calldata _pC, uint[2] calldata _pubSignals) public view returns (bool) {
+    function verifyProof(uint[2] calldata _pA, uint[2][2] calldata _pB, uint[2] calldata _pC, uint[3] calldata _pubSignals) public view returns (bool) {
         assembly {
             function checkField(v) {
                 if iszero(lt(v, r)) {
@@ -107,6 +110,8 @@ contract Groth16Verifier_CheckHashesValue {
 
                 g1_mulAccC(_pVk, IC2x, IC2y, calldataload(add(pubSignals, 32)))
 
+                g1_mulAccC(_pVk, IC3x, IC3y, calldataload(add(pubSignals, 64)))
+                
 
                 // -A
                 mstore(_pPairing, calldataload(pA))
@@ -164,6 +169,10 @@ contract Groth16Verifier_CheckHashesValue {
 
             checkField(calldataload(add(_pubSignals, 32)))
 
+            checkField(calldataload(add(_pubSignals, 64)))
+            
+            checkField(calldataload(add(_pubSignals, 96)))
+            
 
             // Validate all evaluations
             let isValid := checkPairing(_pA, _pB, _pC, _pubSignals, pMem)

solidity/contracts/zeto_anon.sol

@@ -156,14 +156,7 @@ contract Zeto_Anon is IZeto, ZetoBase, ZetoFungibleWithdraw, UUPSUpgradeable {
         }
 
         processInputsAndOutputs(inputs, outputs);
-
-        uint256[] memory inputArray = new uint256[](inputs.length);
-        uint256[] memory outputArray = new uint256[](outputs.length);
-        for (uint256 i = 0; i < inputs.length; ++i) {
-            inputArray[i] = inputs[i];
-            outputArray[i] = outputs[i];
-        }
-        emit UTXOTransfer(inputArray, outputArray, msg.sender, data);
+        emit UTXOTransfer(inputs, outputs, msg.sender, data);
 
         return true;
     }
@@ -182,7 +175,8 @@ contract Zeto_Anon is IZeto, ZetoBase, ZetoFungibleWithdraw, UUPSUpgradeable {
         uint256 amount,
         uint256[] memory inputs,
         uint256 output,
-        Commonlib.Proof calldata proof
+        Commonlib.Proof calldata proof,
+        bytes calldata data
     ) public {
         // Check and pad inputs and outputs based on the max size
         uint256[] memory outputs = new uint256[](inputs.length);
@@ -191,6 +185,7 @@ contract Zeto_Anon is IZeto, ZetoBase, ZetoFungibleWithdraw, UUPSUpgradeable {
         validateTransactionProposal(inputs, outputs, proof);
         _withdraw(amount, inputs, output, proof);
         processInputsAndOutputs(inputs, outputs);
+        emit UTXOWithdraw(amount, inputs, output, msg.sender, data);
     }
 
     function mint(

solidity/contracts/zeto_anon_enc.sol

@@ -220,7 +220,8 @@ contract Zeto_AnonEnc is
         uint256 amount,
         uint256[] memory inputs,
         uint256 output,
-        Commonlib.Proof calldata proof
+        Commonlib.Proof calldata proof,
+        bytes calldata data
     ) public {
         uint256[] memory outputs = new uint256[](inputs.length);
         outputs[0] = output;
@@ -229,6 +230,7 @@ contract Zeto_AnonEnc is
         validateTransactionProposal(inputs, outputs, proof);
         _withdraw(amount, inputs, output, proof);
         processInputsAndOutputs(inputs, outputs);
+        emit UTXOWithdraw(amount, inputs, output, msg.sender, data);
     }
 
     function mint(

solidity/contracts/zeto_anon_enc_nullifier.sol

@@ -236,7 +236,8 @@ contract Zeto_AnonEncNullifier is
         uint256[] memory nullifiers,
         uint256 output,
         uint256 root,
-        Commonlib.Proof calldata proof
+        Commonlib.Proof calldata proof,
+        bytes calldata data
     ) public {
         uint256[] memory outputs = new uint256[](nullifiers.length);
         outputs[0] = output;
@@ -249,6 +250,7 @@ contract Zeto_AnonEncNullifier is
         validateTransactionProposal(nullifiers, outputs, root);
         _withdrawWithNullifiers(amount, nullifiers, output, root, proof);
         processInputsAndOutputs(nullifiers, outputs);
+        emit UTXOWithdraw(amount, nullifiers, output, msg.sender, data);
     }
 
     function mint(

solidity/contracts/zeto_anon_enc_nullifier_kyc.sol

@@ -251,7 +251,8 @@ contract Zeto_AnonEncNullifierKyc is
         uint256[] memory nullifiers,
         uint256 output,
         uint256 root,
-        Commonlib.Proof calldata proof
+        Commonlib.Proof calldata proof,
+        bytes calldata data
     ) public {
         uint256[] memory outputs = new uint256[](nullifiers.length);
         outputs[0] = output;
@@ -264,6 +265,7 @@ contract Zeto_AnonEncNullifierKyc is
         validateTransactionProposal(nullifiers, outputs, root);
         _withdrawWithNullifiers(amount, nullifiers, output, root, proof);
         processInputsAndOutputs(nullifiers, outputs);
+        emit UTXOWithdraw(amount, nullifiers, output, msg.sender, data);
     }
 
     function mint(

solidity/contracts/zeto_anon_enc_nullifier_non_repudiation.sol

@@ -287,7 +287,8 @@ contract Zeto_AnonEncNullifierNonRepudiation is
         uint256[] memory nullifiers,
         uint256 output,
         uint256 root,
-        Commonlib.Proof calldata proof
+        Commonlib.Proof calldata proof,
+        bytes calldata data
     ) public {
         uint256[] memory outputs = new uint256[](nullifiers.length);
         outputs[0] = output;
@@ -300,6 +301,7 @@ contract Zeto_AnonEncNullifierNonRepudiation is
         validateTransactionProposal(nullifiers, outputs, root);
         _withdrawWithNullifiers(amount, nullifiers, output, root, proof);
         processInputsAndOutputs(nullifiers, outputs);
+        emit UTXOWithdraw(amount, nullifiers, output, msg.sender, data);
     }
 
     function mint(

solidity/contracts/zeto_anon_nullifier.sol

@@ -205,7 +205,8 @@ contract Zeto_AnonNullifier is
         uint256[] memory nullifiers,
         uint256 output,
         uint256 root,
-        Commonlib.Proof calldata proof
+        Commonlib.Proof calldata proof,
+        bytes calldata data
     ) public {
         uint256[] memory outputs = new uint256[](nullifiers.length);
         outputs[0] = output;
@@ -218,6 +219,7 @@ contract Zeto_AnonNullifier is
         validateTransactionProposal(nullifiers, outputs, root);
         _withdrawWithNullifiers(amount, nullifiers, output, root, proof);
         processInputsAndOutputs(nullifiers, outputs);
+        emit UTXOWithdraw(amount, nullifiers, output, msg.sender, data);
     }
 
     function mint(

solidity/contracts/zeto_anon_nullifier_kyc.sol

@@ -215,7 +215,8 @@ contract Zeto_AnonNullifierKyc is
         uint256[] memory nullifiers,
         uint256 output,
         uint256 root,
-        Commonlib.Proof calldata proof
+        Commonlib.Proof calldata proof,
+        bytes calldata data
     ) public {
         uint256[] memory outputs = new uint256[](nullifiers.length);
         outputs[0] = output;
@@ -228,6 +229,7 @@ contract Zeto_AnonNullifierKyc is
         validateTransactionProposal(nullifiers, outputs, root);
         _withdrawWithNullifiers(amount, nullifiers, output, root, proof);
         processInputsAndOutputs(nullifiers, outputs);
+        emit UTXOWithdraw(amount, nullifiers, output, msg.sender, data);
     }
 
     function mint(

solidity/test/zeto_anon.ts

@@ -151,7 +151,7 @@ describe("Zeto based fungible token with anonymity without encryption or nullifi
     // Alice withdraws her UTXOs to ERC20 tokens
     const tx = await zeto
       .connect(Alice.signer)
-      .withdraw(3, inputCommitments, outputCommitments[0], encodedProof);
+      .withdraw(3, inputCommitments, outputCommitments[0], encodedProof, "0x");
     await tx.wait();
 
     // Alice checks her ERC20 balance
@@ -262,7 +262,7 @@ describe("Zeto based fungible token with anonymity without encryption or nullifi
     // Alice withdraws her UTXOs to ERC20 tokens
     const tx = await zeto
       .connect(Alice.signer)
-      .withdraw(80, inputCommitments, outputCommitments[0], encodedProof);
+      .withdraw(80, inputCommitments, outputCommitments[0], encodedProof, "0x");
     await tx.wait();
 
     // Alice checks her ERC20 balance
@@ -329,7 +329,7 @@ describe("Zeto based fungible token with anonymity without encryption or nullifi
       await expect(
         zeto
           .connect(Alice.signer)
-          .withdraw(10, inputCommitments, outputCommitments[0], encodedProof),
+          .withdraw(10, inputCommitments, outputCommitments[0], encodedProof, "0x"),
       ).rejectedWith("UTXOAlreadySpent");
     });
 

solidity/test/zeto_anon_enc.ts

@@ -172,7 +172,7 @@ describe("Zeto based fungible token with anonymity and encryption", function ()
     // Alice withdraws her UTXOs to ERC20 tokens
     const tx = await zeto
       .connect(Alice.signer)
-      .withdraw(3, inputCommitments, outputCommitments[0], encodedProof);
+      .withdraw(3, inputCommitments, outputCommitments[0], encodedProof, "0x");
     await tx.wait();
 
     // Alice checks her ERC20 balance
@@ -283,7 +283,7 @@ describe("Zeto based fungible token with anonymity and encryption", function ()
     // Alice withdraws her UTXOs to ERC20 tokens
     const tx = await zeto
       .connect(Alice.signer)
-      .withdraw(80, inputCommitments, outputCommitments[0], encodedProof);
+      .withdraw(80, inputCommitments, outputCommitments[0], encodedProof, "0x");
     await tx.wait();
 
     // Alice checks her ERC20 balance
@@ -313,7 +313,7 @@ describe("Zeto based fungible token with anonymity and encryption", function ()
       await expect(
         zeto
           .connect(Alice.signer)
-          .withdraw(10, inputCommitments, outputCommitments[0], encodedProof),
+          .withdraw(10, inputCommitments, outputCommitments[0], encodedProof, "0x"),
       ).rejectedWith("UTXOAlreadySpent");
     });
 

solidity/test/zeto_anon_enc_nullifier.ts

@@ -256,6 +256,7 @@ describe("Zeto based fungible token with anonymity using nullifiers and encrypti
         withdrawCommitments[0],
         root.bigInt(),
         withdrawEncodedProof,
+        "0x"
       );
     await tx.wait();
 
@@ -457,6 +458,7 @@ describe("Zeto based fungible token with anonymity using nullifiers and encrypti
         outputCommitments[0],
         root.bigInt(),
         encodedProof,
+        "0x"
       );
     await tx.wait();
 
@@ -517,6 +519,7 @@ describe("Zeto based fungible token with anonymity using nullifiers and encrypti
             outputCommitments[0],
             root.bigInt(),
             encodedProof,
+            "0x"
           ),
       ).rejectedWith("UTXOAlreadySpent");
     });
@@ -842,9 +845,7 @@ describe("Zeto based fungible token with anonymity using nullifiers and encrypti
     );
     const results: ContractTransactionReceipt | null = await tx.wait();
     console.log(
-      `Time to execute transaction: ${Date.now() - startTx}ms. Gas used: ${
-        results?.gasUsed
-      }`,
+      `Time to execute transaction: ${Date.now() - startTx}ms. Gas used: ${results?.gasUsed}`,
     );
     return results;
   }

solidity/test/zeto_anon_enc_nullifier_kyc.ts

@@ -318,6 +318,7 @@ describe("Zeto based fungible token with anonymity using nullifiers and encrypti
         withdrawCommitments[0],
         root.bigInt(),
         withdrawEncodedProof,
+        "0x"
       );
     await tx.wait();
 
@@ -565,6 +566,7 @@ describe("Zeto based fungible token with anonymity using nullifiers and encrypti
         outputCommitments[0],
         root.bigInt(),
         encodedProof,
+        "0x"
       );
     await tx.wait();
 
@@ -720,6 +722,7 @@ describe("Zeto based fungible token with anonymity using nullifiers and encrypti
           outputCommitments[0],
           root.bigInt(),
           encodedProof,
+          "0x"
         );
       await tx.wait();
 
@@ -787,6 +790,7 @@ describe("Zeto based fungible token with anonymity using nullifiers and encrypti
             outputCommitments[0],
             root.bigInt(),
             encodedProof,
+            "0x"
           ),
       ).rejectedWith("UTXOAlreadySpent");
     });
@@ -1186,9 +1190,7 @@ describe("Zeto based fungible token with anonymity using nullifiers and encrypti
     );
     const results: ContractTransactionReceipt | null = await tx.wait();
     console.log(
-      `Time to execute transaction: ${Date.now() - startTx}ms. Gas used: ${
-        results?.gasUsed
-      }`,
+      `Time to execute transaction: ${Date.now() - startTx}ms. Gas used: ${results?.gasUsed}`,
     );
     return results;
   }

solidity/test/zeto_anon_enc_nullifier_non_repudiation.ts

@@ -312,6 +312,7 @@ describe("Zeto based fungible token with anonymity using nullifiers and encrypti
         withdrawCommitments[0],
         root.bigInt(),
         withdrawEncodedProof,
+        "0x"
       );
     await tx.wait();
 
@@ -569,6 +570,7 @@ describe("Zeto based fungible token with anonymity using nullifiers and encrypti
         outputCommitments[0],
         root.bigInt(),
         encodedProof,
+        "0x"
       );
     await tx.wait();
 
@@ -629,6 +631,7 @@ describe("Zeto based fungible token with anonymity using nullifiers and encrypti
             outputCommitments[0],
             root.bigInt(),
             encodedProof,
+            "0x"
           ),
       ).rejectedWith("UTXOAlreadySpent");
     });
@@ -951,9 +954,7 @@ describe("Zeto based fungible token with anonymity using nullifiers and encrypti
     );
     const results: ContractTransactionReceipt | null = await tx.wait();
     console.log(
-      `Time to execute transaction: ${Date.now() - startTx}ms. Gas used: ${
-        results?.gasUsed
-      }`,
+      `Time to execute transaction: ${Date.now() - startTx}ms. Gas used: ${results?.gasUsed}`,
     );
     return results;
   }