Comments (9)
Hmm I kinda understand what you're getting at. Though I'm not sure this will work in practice. Our field is quite larger than 2^32, and nullifiers are expected to be random elements there. So this would require some decent amount of preprocessing to select nullifiers, likely more than simply generating a random value in the field to use as one.
You do bring up a good point about storage, though if we reach that storage limit it's definitely a double-edged sword. It will be a hugely populated tree! This is good to think about though.
from anon.
Since we initialize all the leaves as 0, the preprocessing is basically like the one you did previously: https://github.com/edgeware-builders/anon/blob/1f2a7f589b43d1cc58ecc3f9a486f16bdc9b36f4/pallets/merkle/src/lib.rs#L155-L173 just for 256 height (our field is 2 ** 256?). This can be done off-chain and stored into a constant and reused when a new tree is created
EDIT: I guess what I'm explaining is a sparse tree
from anon.
I guess what I'm trying to say is that nullifier corresponds to an index of a leaf node in some sparse tree. We initialize all leaves as 0, and when a nullifier gets used, we update the leaf node at that index (we set it to 1).
from anon.
The downside is that users would need to sync their clients before verifying ZK proof, which could become a problem if a lot of people wants to do it at once
from anon.
This is also the case for the group tree, which can be solved by periodically saving the tree state users will prove against. The period should be long enough so all the nodes can sync before trying to submit the proof
EDIT: I guess this is happening by default, given how blockchain works this is not true after all
from anon.
Closing until we find a solution to this:
The downside is that users would need to sync their clients before verifying ZK proof, which could become a problem if a lot of people wants to do it at once
from anon.
We introduce a queue of nullifiers + their paths. Every time user submits a nullified, we check if it isn't in the tree using the method above, and we also check if it isn't in the queue. Then we insert the nullified and the path into the queue.
Every t
block we take all nullifiers from the queue and insert it in the tree using the provided path. At each insert, we have to keep track of changed nodes on each level (this doesn't need to be in the storage) to be able to insert the next nullifier.
This computation can be done inside on_finalize
or using an off-chain worker.
In the end, we delete nullifiers from the queue and their paths
from anon.
@drewstone Let me know your solution
from anon.
The solution is to add nullifiers into yet another incrementally built merkle tree and then require users to provide non-membership proofs to this merkle tree. It would require the user to still get all the nullifiers in order to generate this proof. I think given the complexity of this I will still hold off from implementation and resort to storing nullifiers on chain. We can continue to spec this part out as an update/optimisation.
from anon.
Related Issues (20)
- Add caching speed-up to existing WASM Mixer implementation.
- Check poseidon parameters and re-generate them using hadeshash gitlab. HOT 1
- `Data` name conflict with polkadot change it to be `ScalarData`
- Fix CI build errors
- Update bulletproof-gadgets version and PoseidonBuilder uses across the repo
- Implement meta transactions and fee-less transactions
- Fix issues with recipient not being in circuit.
- Add index to deposit/insert event. HOT 2
- Explore merkle mountain range pallets
- extract `gadgets`, `crypto-constants` and `wasm-utils` into a seprate crates/repos HOT 4
- Build and store entire merkle trees for each merkle group or mixer.
- max_leaves of group tree looks incorrect HOT 1
- Add pedersen commitments to leaf commitments instead of only Poseidon HOT 1
- Generalise the mixer sizes as a trait parameter.
- Implement delayed withdrawal processing.
- Offchain worker implementation for fee-less transactions. HOT 1
- Spec the bridge gadget for pallet implementation.
- Benchmark storage of poseidon parameters in runtime storage to initialise hasher against current usage.
- Store PedersenGens and BulletproofGens in runtime storage and benchmark against creating on the fly.
- Integrate ORML-tokens and wrap native token into webbNATIVE (such as webbEDG).
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from anon.