Merge branch 'main' into dark-pool

olehmisar · olehmisar · commit c8d8fe95631c · 2025-02-10T09:20:07.000+01:00
diff --git a/README.md b/README.md
@@ -1,6 +1,8 @@
-# Waztec
+<img align="right" width="150" height="150" top="100" src="https://github.com/user-attachments/assets/c80982e6-103e-45b0-8bd1-b6c38c5debe5">
 
-Walmart version of [Aztec](https://aztec.network).
+# Mezcal
+
+Mezcal (Nahuatl: mexcalli) - agave booze.
 
 ## TODO
 
@@ -14,12 +16,11 @@ Walmart version of [Aztec](https://aztec.network).
 - [x] use bignumber for amounts
 - [ ] support ETH
 - [ ] fees
-- [ ] get the remained of tokens from router to relayer/treasury
+- [ ] prove against a historical note hash tree root
 - [x] PublicInputsBuilder
 - [ ] deploy as proxy
 - [ ] test contracts with larger token amounts
-- [x] Rename ValueNote to Erc20Note and namespace all erc20 circuit names
-- [ ] Make PoolGeneric permissionless and make PoolERC20.execute permissionless (if possible)
+- [ ] TODO(security): parse inputs to circuits instead of assuming they are correct. Same applies to types returned from `unconstrained` functions. <https://github.com/noir-lang/noir/issues/7181> <https://github.com/noir-lang/noir/issues/4218>
 
 ### Backend
 
@@ -33,9 +34,9 @@ Walmart version of [Aztec](https://aztec.network).
 - [x] transfer
 - [ ] join (maybe behind the scenes, multicall)
 - [ ] unshield
-- [ ] wallet connect to interact with dapps
 
-### compliance (so I don't go to jail)
+### compliance
 
 - [ ] unshield only mode
 - [ ] set shield limit to 10 USDC
+- [ ] disclaimer that the rollup is not audited
diff --git a/apps/interface/src/lib/reown.ts b/apps/interface/src/lib/reown.ts
@@ -9,7 +9,7 @@ const core = new Core({
 });
 
 const metadata = {
-  name: "Walmart Aztec",
+  name: "Mezcal",
   description: "Private anything",
   url: "https://reown.com/appkit", // origin must match your domain & subdomain
   icons: ["https://assets.reown.com/reown-profile-pic.png"],
diff --git a/apps/interface/src/lib/services/EvmAccountService.svelte.ts b/apps/interface/src/lib/services/EvmAccountService.svelte.ts
@@ -40,8 +40,7 @@ export class EvmAccountService {
   }
 
   async getSecretKey(account: ethers.Signer) {
-    const message =
-      "Sign this message to generate a encrypted-evm.oleh.wtf secret key"; // TODO(security): put the correct domain here
+    const message = "Sign this message to derive a Mezcal secret key"; // TODO(security): put the correct domain here
     const address = (await account.getAddress()).toLowerCase();
     if (!this.#secretKeys[address]) {
       this.#secretKeys[address] = utils.iife(async () => {
diff --git a/packages/contracts/contracts/PoolGeneric.sol b/packages/contracts/contracts/PoolGeneric.sol
@@ -54,7 +54,7 @@ contract PoolGeneric {
             .root = 0x1fd848aa69e1633722fe249a5b7f53b094f1c9cef9f5c694b073fd1cc5850dfb; // empty tree
         _poolGenericStorage()
             .nullifierTree
-            .root = 0x0aa63c509390ad66ecd821998aabb16a818bcc5db5cf4accc0ce1821745244e9; // nullifier tree filled with 1 canonical subtree of nullifiers
+            .root = 0x2767ce7e247423302eb0ea55fd0aa14294d1b2e9914bce677373d932c0bd1b75; // nullifier tree filled with 1 canonical subtree of nullifiers
         _poolGenericStorage()
             .nullifierTree
             .nextAvailableLeafIndex = MAX_NULLIFIERS_PER_ROLLUP;
diff --git a/packages/contracts/noir/README.md b/packages/contracts/noir/README.md
diff --git a/packages/contracts/noir/common/src/erc20_note.nr b/packages/contracts/noir/common/src/erc20_note.nr
@@ -6,6 +6,8 @@ pub struct Erc20Note {
     pub randomness: Field,
 }
 
+impl crate::Note for Erc20Note {}
+
 impl Erc20Note {
     pub fn sub_and_emit_change<let N: u32>(
         context: &mut crate::Context,
@@ -39,14 +41,6 @@ impl crate::Serialize<4> for Erc20Note {
     }
 }
 
-impl crate::Note for Erc20Note {
-    fn hash(self) -> Field {
-        let serialized = self.serialize();
-        // TODO(security): use poseidon2_hash_with_separator
-        std::hash::poseidon2::Poseidon2::hash(serialized, serialized.len())
-    }
-}
-
 impl crate::OwnedNote for Erc20Note {
     fn owner(self) -> crate::WaAddress {
         self.owner
diff --git a/packages/contracts/noir/common/src/lib.nr b/packages/contracts/noir/common/src/lib.nr
@@ -7,8 +7,7 @@ mod note;
 mod owned_note;
 
 pub use context::{Context, Result};
-pub use erc20_note::{Erc20Note, Erc20NoteConsumptionInputs};
-pub use note::Note;
+pub use note::{compute_note_hash, Note};
 pub use owned_note::{NoteConsumptionInputs, OwnedNote};
 pub use protocol_types::{address::EthAddress, traits::Serialize};
 
@@ -41,13 +40,15 @@ pub global MAX_TOKENS_OUT_PER_EXECUTION: u32 = 4;
 pub global GENERATOR_INDEX__WA_ADDRESS: Field = 1;
 // Note: keep in sync with other languages
 pub global GENERATOR_INDEX__NOTE_NULLIFIER: Field = 2;
+// Note: keep in sync with other languages
+pub global GENERATOR_INDEX__NOTE_HASH: Field = 3;
 
 // Note: keep in sync with other languages
 pub global U256_LIMBS: u32 = 3;
 
 pub type U256 = uint252::U252;
 
-/// Walmart Aztec address
+/// User address within the rollup
 #[derive(Eq, Serialize)]
 pub struct WaAddress {
     inner: Field,
diff --git a/packages/contracts/noir/common/src/note.nr b/packages/contracts/noir/common/src/note.nr
@@ -1,7 +1,18 @@
-pub trait Note {
-    fn hash(self) -> Field;
+use protocol_types::hash::poseidon2_hash_with_separator;
+
+/// A marker trait to mark structs as notes
+pub trait Note: crate::Serialize<_> {
 
     pub fn emit(self, context: &mut crate::Context) {
-        context.push_note_hash(self.hash());
+        context.push_note_hash(crate::compute_note_hash(self));
     }
 }
+
+pub fn compute_note_hash<T>(note: T) -> Field
+where
+    T: Note,
+{
+    let serialized = note.serialize();
+    // TODO(security): add note type to the hash (erc20, erc721, etc.)
+    poseidon2_hash_with_separator(serialized, crate::GENERATOR_INDEX__NOTE_HASH)
+}
diff --git a/packages/contracts/noir/common/src/owned_note.nr b/packages/contracts/noir/common/src/owned_note.nr
@@ -11,9 +11,10 @@ fn compute_nullifier_of_owned_note<T>(note: T, secret_key: Field) -> Field
 where
     T: OwnedNote,
 {
+    // TODO(perf): pass note hash as an argument to avoid hashing twice?
     assert_eq(note.owner(), crate::WaAddress::from_secret_key(secret_key), "invalid secret key");
     poseidon2_hash_with_separator(
-        [note.hash(), secret_key],
+        [crate::compute_note_hash(note), secret_key],
         crate::GENERATOR_INDEX__NOTE_NULLIFIER,
     )
 }
@@ -32,7 +33,7 @@ where
 {
     pub fn consume(self, context: &mut crate::Context, secret_key: Field) {
         merkle_tree::assert_check_membership(
-            self.note.hash(),
+            crate::compute_note_hash(self.note),
             self.note_index,
             self.note_sibling_path,
             context.tree_roots().note_hash_root,
diff --git a/packages/contracts/noir/erc20/src/lib.nr b/packages/contracts/noir/erc20/src/lib.nr
@@ -1,4 +1,4 @@
-pub use common::{Erc20Note, Erc20NoteConsumptionInputs};
+pub use common::erc20_note::{Erc20Note, Erc20NoteConsumptionInputs};
 
 pub mod Token {
     pub fn mint(
@@ -7,17 +7,17 @@ pub mod Token {
         amount: common::TokenAmount,
         randomness: Field,
     ) {
-        common::Erc20Note { owner: to, amount, randomness }.emit(context);
+        crate::Erc20Note { owner: to, amount, randomness }.emit(context);
     }
 
     pub fn burn(
         context: &mut common::Context,
         from_secret_key: Field,
-        from_note_inputs: common::Erc20NoteConsumptionInputs,
+        from_note_inputs: crate::Erc20NoteConsumptionInputs,
         amount: common::TokenAmount,
         change_randomness: Field,
     ) {
-        common::Erc20Note::sub_and_emit_change(
+        crate::Erc20Note::sub_and_emit_change(
             context,
             [from_note_inputs],
             amount,
@@ -29,7 +29,7 @@ pub mod Token {
     pub fn join<let N: u32>(
         context: &mut common::Context,
         from_secret_key: Field,
-        notes: [common::Erc20NoteConsumptionInputs; N],
+        notes: [crate::Erc20NoteConsumptionInputs; N],
         to: common::WaAddress,
         join_randomness: Field,
     ) {
@@ -42,27 +42,27 @@ pub mod Token {
             joined_amount += notes[i].note.amount;
         }
 
-        common::Erc20Note { owner: to, amount: joined_amount, randomness: join_randomness }.emit(
+        crate::Erc20Note { owner: to, amount: joined_amount, randomness: join_randomness }.emit(
             context,
         );
     }
 
     pub fn transfer(
         context: &mut common::Context,
         from_secret_key: Field,
-        from_note_inputs: common::Erc20NoteConsumptionInputs,
+        from_note_inputs: crate::Erc20NoteConsumptionInputs,
         to: common::WaAddress,
         amount: common::TokenAmount,
         to_randomness: Field,
         change_randomness: Field,
     ) {
-        common::Erc20Note::sub_and_emit_change(
+        crate::Erc20Note::sub_and_emit_change(
             context,
             [from_note_inputs],
             amount,
             change_randomness,
             from_secret_key,
         );
-        common::Erc20Note { owner: to, amount, randomness: to_randomness }.emit(context);
+        crate::Erc20Note { owner: to, amount, randomness: to_randomness }.emit(context);
     }
 }
diff --git a/packages/contracts/noir/erc20_join/src/main.nr b/packages/contracts/noir/erc20_join/src/main.nr
@@ -5,7 +5,7 @@ fn main(
     tree_roots: pub common::TreeRoots,
     // params
     from_secret_key: Field,
-    notes: [common::Erc20NoteConsumptionInputs; MAX_NOTES_TO_JOIN],
+    notes: [erc20::Erc20NoteConsumptionInputs; MAX_NOTES_TO_JOIN],
     to: common::WaAddress,
     join_randomness: Field,
 ) -> pub common::Result<1, MAX_NOTES_TO_JOIN> {
diff --git a/packages/contracts/sdk/RollupService.ts b/packages/contracts/sdk/RollupService.ts
@@ -27,6 +27,8 @@ export const MAX_NULLIFIERS_PER_ROLLUP = 64;
 const GENERATOR_INDEX__WA_ADDRESS = 1;
 // Note: keep in sync with other languages
 const GENERATOR_INDEX__NOTE_NULLIFIER = 2;
+// Note: keep in sync with other languages
+const GENERATOR_INDEX__NOTE_HASH = 3;
 
 // Note: keep in sync with other languages
 export const MAX_TOKENS_IN_PER_EXECUTION = 4;
@@ -392,7 +394,12 @@ export class Erc20Note {
   }
 
   async hash(): Promise<string> {
-    return (await poseidon2Hash(await this.serialize())).toString();
+    return (
+      await poseidon2Hash([
+        GENERATOR_INDEX__NOTE_HASH,
+        ...(await this.serialize()),
+      ])
+    ).toString();
   }
 
   async computeNullifier(secretKey: string) {
diff --git a/packages/contracts/sdk/TreesService.ts b/packages/contracts/sdk/TreesService.ts
@@ -11,7 +11,6 @@ import {
   MAX_NULLIFIERS_PER_ROLLUP,
   NOTE_HASH_TREE_HEIGHT,
   NULLIFIER_TREE_HEIGHT,
-  poseidon2Hash,
 } from "./RollupService";
 
 export class TreesService {
@@ -22,6 +21,7 @@ export class TreesService {
     .args()
     .implement(async () => {
       const { noteHashTree, nullifierTree } = await this.getTrees();
+      // console.log("nullifier_tree_root", nullifierTree.getRoot());
       return {
         note_hash_root: ethers.hexlify(
           noteHashTree.getRoot(INCLUDE_UNCOMMITTED),
@@ -116,15 +116,10 @@ export class TreesService {
       await this.contract.queryFilter(this.contract.filters.Nullifiers()),
     ).map((x) => x.nullifiers.map((n) => new Fr(BigInt(n))));
 
-    const initialNullifiersSeed = new Fr(
-      0x08a1735994d16db43c2373d0258b8f4d82ae162c297687bba68aa8a3912b042dn,
-    );
-    // TODO(security): sometimes tests fail with error "Empty low leaf". This is probably related how the nullifier tree is set up. I guess adding `1` in the nullifier tree should resolve the issue as the it's impossible to get an actual nullifier to be 1.
-    const initialNullifiers = await Promise.all(
-      // sub 1 because the tree has a 0 leaf already
-      times(MAX_NULLIFIERS_PER_ROLLUP - 1, (i) =>
-        poseidon2Hash([initialNullifiersSeed.toString(), i]),
-      ),
+    // add 1 to the nullifier tree, so it's possible to add new nullifiers to it(adding requires a non-zero low leaf)
+    const initialNullifiers = [new Fr(1)].concat(
+      // sub 2 because `0` and `1` are the first 2 leaves
+      times(MAX_NULLIFIERS_PER_ROLLUP - 2, () => new Fr(0)),
     );
     const allNullifiers = initialNullifiers.concat(nullifiers.flat());
     const nullifierTree = await NonMembershipTree.new(

Original file line number	Diff line number	Diff line change
`@@ -40,8 +40,7 @@ export class EvmAccountService {`
`40`	`40`	`}`
`41`	`41`
`42`	`42`	`async getSecretKey(account: ethers.Signer) {`
`43`		`- const message =`
`44`		`- "Sign this message to generate a encrypted-evm.oleh.wtf secret key"; // TODO(security): put the correct domain here`
	`43`	`+ const message = "Sign this message to derive a Mezcal secret key"; // TODO(security): put the correct domain here`
`45`	`44`	`const address = (await account.getAddress()).toLowerCase();`
`46`	`45`	`if (!this.#secretKeys[address]) {`
`47`	`46`	`this.#secretKeys[address] = utils.iife(async () => {`
Original file line number	Diff line number	Diff line change
`@@ -11,9 +11,10 @@ fn compute_nullifier_of_owned_note<T>(note: T, secret_key: Field) -> Field`
`11`	`11`	`where`
`12`	`12`	`T: OwnedNote,`
`13`	`13`	`{`
	`14`	`+ // TODO(perf): pass note hash as an argument to avoid hashing twice?`
`14`	`15`	`assert_eq(note.owner(), crate::WaAddress::from_secret_key(secret_key), "invalid secret key");`
`15`	`16`	`poseidon2_hash_with_separator(`
`16`		`- [note.hash(), secret_key],`
	`17`	`+ [crate::compute_note_hash(note), secret_key],`
`17`	`18`	`crate::GENERATOR_INDEX__NOTE_NULLIFIER,`
`18`	`19`	`)`
`19`	`20`	`}`
`@@ -32,7 +33,7 @@ where`
`32`	`33`	`{`
`33`	`34`	`pub fn consume(self, context: &mut crate::Context, secret_key: Field) {`
`34`	`35`	`merkle_tree::assert_check_membership(`
`35`		`- self.note.hash(),`
	`36`	`+ crate::compute_note_hash(self.note),`
`36`	`37`	`self.note_index,`
`37`	`38`	`self.note_sibling_path,`
`38`	`39`	`context.tree_roots().note_hash_root,`