Nullifier
Defined in: lib/provable/crypto/nullifier.ts:20
Nullifiers are used as a public commitment to a specific anonymous account, to forbid actions like double spending, or allow a consistent identity between anonymous actions.
RFC: https://github.com/o1-labs/o1js/issues/756
Paper: https://eprint.iacr.org/2022/1255.pdf
Extends
- {
private: {c:Field;g_r:Group;h_m_pk_r:Group; };public: {nullifier:Group;s:Scalar; };publicKey:Group; }
Constructors
new Nullifier()
new Nullifier(value: {
private: {
c: Field;
g_r: Group;
h_m_pk_r: Group;
};
public: {
nullifier: Group;
s: Scalar;
};
publicKey: Group;
}): Nullifier
Defined in: lib/provable/types/struct.ts:133
Parameters
value
private
{
c: Field;
g_r: Group;
h_m_pk_r: Group;
} = ...
private.c
Field = Field
private.g_r
Group = Group
private.h_m_pk_r
Group = Group
public
{
nullifier: Group;
s: Scalar;
} = ...
public.nullifier
Group = Group
public.s
Scalar = Scalar
publicKey
Group = Group
Returns
Inherited from
Struct({
publicKey: Group,
public: {
nullifier: Group,
s: Scalar,
},
private: {
c: Field,
g_r: Group,
h_m_pk_r: Group,
},
}).constructor
Properties
private
private: {
c: Field;
g_r: Group;
h_m_pk_r: Group;
};
Defined in: lib/provable/crypto/nullifier.ts:26
c
c: Field = Field;
g_r
g_r: Group = Group;
h_m_pk_r
h_m_pk_r: Group = Group;
Inherited from
Struct({
publicKey: Group,
public: {
nullifier: Group,
s: Scalar,
},
private: {
c: Field,
g_r: Group,
h_m_pk_r: Group,
},
}).private
public
public: {
nullifier: Group;
s: Scalar;
};
Defined in: lib/provable/crypto/nullifier.ts:22
nullifier
nullifier: Group = Group;
s
s: Scalar = Scalar;
Inherited from
Struct({
publicKey: Group,
public: {
nullifier: Group,
s: Scalar,
},
private: {
c: Field,
g_r: Group,
h_m_pk_r: Group,
},
}).public
publicKey
publicKey: Group = Group;
Defined in: lib/provable/crypto/nullifier.ts:21
Inherited from
Struct({
publicKey: Group,
public: {
nullifier: Group,
s: Scalar,
},
private: {
c: Field,
g_r: Group,
h_m_pk_r: Group,
},
}).publicKey
_isStruct
static _isStruct: true;
Defined in: lib/provable/types/struct.ts:133
Inherited from
Struct({
publicKey: Group,
public: {
nullifier: Group,
s: Scalar,
},
private: {
c: Field,
g_r: Group,
h_m_pk_r: Group,
},
})._isStruct
check()
static check: (value: {
private: {
c: Field;
g_r: Group;
h_m_pk_r: Group;
};
public: {
nullifier: Group;
s: Scalar;
};
publicKey: Group;
}) => void;
Defined in: lib/provable/types/provable-intf.ts:76
Add assertions to the proof to check if value is a valid member of type T.
This function does not return anything, instead it creates any number of assertions to prove that value is a valid member of the type T.
For instance, calling check function on the type Bool asserts that the value of the element is either 1 or 0.
Parameters
value
the element of type T to put assertions on.
private
{
c: Field;
g_r: Group;
h_m_pk_r: Group;
} = ...
private.c
Field = Field
private.g_r
Group = Group
private.h_m_pk_r
Group = Group
public
{
nullifier: Group;
s: Scalar;
} = ...
public.nullifier
Group = Group
public.s
Scalar = Scalar
publicKey
Group = Group
Returns
void
Inherited from
Struct({
publicKey: Group,
public: {
nullifier: Group,
s: Scalar,
},
private: {
c: Field,
g_r: Group,
h_m_pk_r: Group,
},
}).check
empty()
static empty: () => {
private: {
c: Field;
g_r: Group;
h_m_pk_r: Group;
};
public: {
nullifier: Group;
s: Scalar;
};
publicKey: Group;
};
Defined in: lib/provable/types/struct.ts:143
Returns
{
private: {
c: Field;
g_r: Group;
h_m_pk_r: Group;
};
public: {
nullifier: Group;
s: Scalar;
};
publicKey: Group;
}
private
private: {
c: Field;
g_r: Group;
h_m_pk_r: Group;
};
private.c
c: Field = Field;
private.g_r
g_r: Group = Group;
private.h_m_pk_r
h_m_pk_r: Group = Group;
public
public: {
nullifier: Group;
s: Scalar;
};
public.nullifier
nullifier: Group = Group;
public.s
s: Scalar = Scalar;
publicKey
publicKey: Group = Group;
Inherited from
Struct({
publicKey: Group,
public: {
nullifier: Group,
s: Scalar,
},
private: {
c: Field,
g_r: Group,
h_m_pk_r: Group,
},
}).empty
fromFields()
static fromFields: (fields: Field[]) => {
private: {
c: Field;
g_r: Group;
h_m_pk_r: Group;
};
public: {
nullifier: Group;
s: Scalar;
};
publicKey: Group;
};
Defined in: lib/provable/types/provable-intf.ts:115
Parameters
fields
Field[]
Returns
{
private: {
c: Field;
g_r: Group;
h_m_pk_r: Group;
};
public: {
nullifier: Group;
s: Scalar;
};
publicKey: Group;
}
private
private: {
c: Field;
g_r: Group;
h_m_pk_r: Group;
};
private.c
c: Field = Field;
private.g_r
g_r: Group = Group;
private.h_m_pk_r
h_m_pk_r: Group = Group;
public
public: {
nullifier: Group;
s: Scalar;
};
public.nullifier
nullifier: Group = Group;
public.s
s: Scalar = Scalar;
publicKey
publicKey: Group = Group;
Inherited from
Struct({
publicKey: Group,
public: {
nullifier: Group,
s: Scalar,
},
private: {
c: Field,
g_r: Group,
h_m_pk_r: Group,
},
}).fromFields
fromValue
static fromValue: (x:
| {
private: {
c: Field;
g_r: Group;
h_m_pk_r: Group;
};
public: {
nullifier: Group;
s: Scalar;
};
publicKey: Group;
}
| {
private: {
c: bigint;
g_r: {
x: bigint;
y: bigint;
};
h_m_pk_r: {
x: bigint;
y: bigint;
};
};
public: {
nullifier: {
x: bigint;
y: bigint;
};
s: bigint;
};
publicKey: {
x: bigint;
y: bigint;
};
}) => {
private: {
c: Field;
g_r: Group;
h_m_pk_r: Group;
};
public: {
nullifier: Group;
s: Scalar;
};
publicKey: Group;
} & (value: {
private: {
c: string | number | bigint | Field;
g_r: | Group
| {
x: number | bigint | Field;
y: number | bigint | Field;
};
h_m_pk_r: | Group
| {
x: number | bigint | Field;
y: number | bigint | Field;
};
};
public: {
nullifier: | Group
| {
x: number | bigint | Field;
y: number | bigint | Field;
};
s: bigint | Scalar;
};
publicKey: | Group
| {
x: number | bigint | Field;
y: number | bigint | Field;
};
}) => {
private: {
c: Field;
g_r: Group;
h_m_pk_r: Group;
};
public: {
nullifier: Group;
s: Scalar;
};
publicKey: Group;
};
Defined in: lib/provable/types/provable-intf.ts:86
Convert provable type from a normal JS type.
Inherited from
Struct({
publicKey: Group,
public: {
nullifier: Group,
s: Scalar,
},
private: {
c: Field,
g_r: Group,
h_m_pk_r: Group,
},
}).fromValue
toAuxiliary()
static toAuxiliary: (value?: {
private: {
c: Field;
g_r: Group;
h_m_pk_r: Group;
};
public: {
nullifier: Group;
s: Scalar;
};
publicKey: Group;
}) => any[];
Defined in: lib/provable/types/provable-intf.ts:47
A function that takes value (optional), an element of type T, as argument and
returns an array of any type that make up the "auxiliary" (non-provable) data of value.
Parameters
value?
the element of type T to generate the auxiliary data array from, optional.
If not provided, a default value for auxiliary data is returned.
private
{
c: Field;
g_r: Group;
h_m_pk_r: Group;
} = ...
private.c
Field = Field
private.g_r
Group = Group
private.h_m_pk_r
Group = Group
public
{
nullifier: Group;
s: Scalar;
} = ...
public.nullifier
Group = Group
public.s
Scalar = Scalar
publicKey
Group = Group
Returns
any[]
An array of any type describing how this T element is made up of "auxiliary" (non-provable) data.
Inherited from
Struct({
publicKey: Group,
public: {
nullifier: Group,
s: Scalar,
},
private: {
c: Field,
g_r: Group,
h_m_pk_r: Group,
},
}).toAuxiliary
toCanonical()?
static optional toCanonical: (x: {
private: {
c: Field;
g_r: Group;
h_m_pk_r: Group;
};
public: {
nullifier: Group;
s: Scalar;
};
publicKey: Group;
}) => {
private: {
c: Field;
g_r: Group;
h_m_pk_r: Group;
};
public: {
nullifier: Group;
s: Scalar;
};
publicKey: Group;
};
Defined in: lib/provable/types/provable-intf.ts:104
Optional method which transforms a provable type into its canonical representation.
This is needed for types that have multiple representations of the same underlying value, and might even not have perfect completeness for some of those representations.
An example is the ForeignField class, which allows non-native field elements to exist in unreduced form.
The unreduced form is not perfectly complete, for example, addition of two unreduced field elements can cause a prover error.
Specific protocols need to be able to protect themselves against incomplete operations at all costs.
For example, when using actions and reducer, the reducer must be able to produce a proof regardless of the input action.
toCanonical() converts any input into a safe form and enables us to handle cases like this generically.
Note: For most types, this method is the identity function.
The identity function will also be used when the toCanonical() is not present on a type.
Parameters
x
private
{
c: Field;
g_r: Group;
h_m_pk_r: Group;
} = ...
private.c
Field = Field
private.g_r
Group = Group
private.h_m_pk_r
Group = Group
public
{
nullifier: Group;
s: Scalar;
} = ...
public.nullifier
Group = Group
public.s
Scalar = Scalar
publicKey
Group = Group
Returns
{
private: {
c: Field;
g_r: Group;
h_m_pk_r: Group;
};
public: {
nullifier: Group;
s: Scalar;
};
publicKey: Group;
}
private
private: {
c: Field;
g_r: Group;
h_m_pk_r: Group;
};
private.c
c: Field = Field;
private.g_r
g_r: Group = Group;
private.h_m_pk_r
h_m_pk_r: Group = Group;
public
public: {
nullifier: Group;
s: Scalar;
};
public.nullifier
nullifier: Group = Group;
public.s
s: Scalar = Scalar;
publicKey
publicKey: Group = Group;
Inherited from
Struct({
publicKey: Group,
public: {
nullifier: Group,
s: Scalar,
},
private: {
c: Field,
g_r: Group,
h_m_pk_r: Group,
},
}).toCanonical
toFields()
static toFields: (value: {
private: {
c: Field;
g_r: Group;
h_m_pk_r: Group;
};
public: {
nullifier: Group;
s: Scalar;
};
publicKey: Group;
}) => Field[];
Defined in: lib/provable/types/provable-intf.ts:36
A function that takes value, an element of type T, as argument and returns
an array of Field elements that make up the provable data of value.
Parameters
value
the element of type T to generate the Field array from.
private
{
c: Field;
g_r: Group;
h_m_pk_r: Group;
} = ...
private.c
Field = Field
private.g_r
Group = Group
private.h_m_pk_r
Group = Group
public
{
nullifier: Group;
s: Scalar;
} = ...
public.nullifier
Group = Group
public.s
Scalar = Scalar
publicKey
Group = Group
Returns
Field[]
A Field array describing how this T element is made up of Field elements.
Inherited from
Struct({
publicKey: Group,
public: {
nullifier: Group,
s: Scalar,
},
private: {
c: Field,
g_r: Group,
h_m_pk_r: Group,
},
}).toFields
toInput()
static toInput: (x: {
private: {
c: Field;
g_r: Group;
h_m_pk_r: Group;
};
public: {
nullifier: Group;
s: Scalar;
};
publicKey: Group;
}) => {
fields: Field[];
packed: [Field, number][];
};
Defined in: lib/provable/types/struct.ts:137
Parameters
x
private
{
c: Field;
g_r: Group;
h_m_pk_r: Group;
} = ...
private.c
Field = Field
private.g_r
Group = Group
private.h_m_pk_r
Group = Group
public
{
nullifier: Group;
s: Scalar;
} = ...
public.nullifier
Group = Group
public.s
Scalar = Scalar
publicKey
Group = Group
Returns
{
fields: Field[];
packed: [Field, number][];
}
fields?
optional fields: Field[];
packed?
optional packed: [Field, number][];
Inherited from
Struct({
publicKey: Group,
public: {
nullifier: Group,
s: Scalar,
},
private: {
c: Field,
g_r: Group,
h_m_pk_r: Group,
},
}).toInput
toJSON()
static toJSON: (x: {
private: {
c: Field;
g_r: Group;
h_m_pk_r: Group;
};
public: {
nullifier: Group;
s: Scalar;
};
publicKey: Group;
}) => {
private: {
c: string;
g_r: {
x: string;
y: string;
};
h_m_pk_r: {
x: string;
y: string;
};
};
public: {
nullifier: {
x: string;
y: string;
};
s: string;
};
publicKey: {
x: string;
y: string;
};
};
Defined in: lib/provable/types/struct.ts:141
Parameters
x
private
{
c: Field;
g_r: Group;
h_m_pk_r: Group;
} = ...
private.c
Field = Field
private.g_r
Group = Group
private.h_m_pk_r
Group = Group
public
{
nullifier: Group;
s: Scalar;
} = ...
public.nullifier
Group = Group
public.s
Scalar = Scalar
publicKey
Group = Group
Returns
{
private: {
c: string;
g_r: {
x: string;
y: string;
};
h_m_pk_r: {
x: string;
y: string;
};
};
public: {
nullifier: {
x: string;
y: string;
};
s: string;
};
publicKey: {
x: string;
y: string;
};
}
private
private: {
c: string;
g_r: {
x: string;
y: string;
};
h_m_pk_r: {
x: string;
y: string;
};
};
private.c
c: string = Field;
private.g_r
g_r: {
x: string;
y: string;
} = Group;
private.g_r.x
x: string;
private.g_r.y
y: string;
private.h_m_pk_r
h_m_pk_r: {
x: string;
y: string;
} = Group;
private.h_m_pk_r.x
x: string;
private.h_m_pk_r.y
y: string;
public
public: {
nullifier: {
x: string;
y: string;
};
s: string;
};
public.nullifier
nullifier: {
x: string;
y: string;
} = Group;
public.nullifier.x
x: string;
public.nullifier.y
y: string;
public.s
s: string = Scalar;
publicKey
publicKey: {
x: string;
y: string;
} = Group;
publicKey.x
x: string;
publicKey.y
y: string;
Inherited from
Struct({
publicKey: Group,
public: {
nullifier: Group,
s: Scalar,
},
private: {
c: Field,
g_r: Group,
h_m_pk_r: Group,
},
}).toJSON
toValue()
static toValue: (x: {
private: {
c: Field;
g_r: Group;
h_m_pk_r: Group;
};
public: {
nullifier: Group;
s: Scalar;
};
publicKey: Group;
}) => {
private: {
c: bigint;
g_r: {
x: bigint;
y: bigint;
};
h_m_pk_r: {
x: bigint;
y: bigint;
};
};
public: {
nullifier: {
x: bigint;
y: bigint;
};
s: bigint;
};
publicKey: {
x: bigint;
y: bigint;
};
};
Defined in: lib/provable/types/provable-intf.ts:81
Convert provable type to a normal JS type.
Parameters
x
private
{
c: Field;
g_r: Group;
h_m_pk_r: Group;
} = ...
private.c
Field = Field
private.g_r
Group = Group
private.h_m_pk_r
Group = Group
public
{
nullifier: Group;
s: Scalar;
} = ...
public.nullifier
Group = Group
public.s
Scalar = Scalar
publicKey
Group = Group
Returns
{
private: {
c: bigint;
g_r: {
x: bigint;
y: bigint;
};
h_m_pk_r: {
x: bigint;
y: bigint;
};
};
public: {
nullifier: {
x: bigint;
y: bigint;
};
s: bigint;
};
publicKey: {
x: bigint;
y: bigint;
};
}
private
private: {
c: bigint;
g_r: {
x: bigint;
y: bigint;
};
h_m_pk_r: {
x: bigint;
y: bigint;
};
};
private.c
c: bigint = Field;
private.g_r
g_r: {
x: bigint;
y: bigint;
} = Group;
private.g_r.x
x: bigint;
private.g_r.y
y: bigint;
private.h_m_pk_r
h_m_pk_r: {
x: bigint;
y: bigint;
} = Group;
private.h_m_pk_r.x
x: bigint;
private.h_m_pk_r.y
y: bigint;
public
public: {
nullifier: {
x: bigint;
y: bigint;
};
s: bigint;
};
public.nullifier
nullifier: {
x: bigint;
y: bigint;
} = Group;
public.nullifier.x
x: bigint;
public.nullifier.y
y: bigint;
public.s
s: bigint = Scalar;
publicKey
publicKey: {
x: bigint;
y: bigint;
} = Group;
publicKey.x
x: bigint;
publicKey.y
y: bigint;
Inherited from
Struct({
publicKey: Group,
public: {
nullifier: Group,
s: Scalar,
},
private: {
c: Field,
g_r: Group,
h_m_pk_r: Group,
},
}).toValue
Methods
assertUnused()
assertUnused(witness: MerkleMapWitness, root: Field): void
Defined in: lib/provable/crypto/nullifier.ts:128
Checks if the Nullifier has been used before.
Parameters
witness
root
Returns
void
Example
// asserts that the nullifier has not been used before, throws an error otherwise
nullifier.assertUnused();
getPublicKey()
getPublicKey(): PublicKey
Defined in: lib/provable/crypto/nullifier.ts:157
Returns the PublicKey that is associated with this Nullifier.
Returns
Example
let pk = nullifier.getPublicKey();
isUnused()
isUnused(witness: MerkleMapWitness, root: Field): Bool
Defined in: lib/provable/crypto/nullifier.ts:108
Returns the state of the Nullifier.
Parameters
witness
root
Returns
Example
// returns a Bool based on whether or not the nullifier has been used before
let isUnused = nullifier.isUnused();
key()
key(): Field
Defined in: lib/provable/crypto/nullifier.ts:95
The key of the nullifier, which belongs to a unique message and a public key. Used as an index in Merkle trees.
Returns
Example
// returns the key of the nullifier which can be used as index in a Merkle tree/map
let key = nullifier.key();
setUsed()
setUsed(witness: MerkleMapWitness): Field
Defined in: lib/provable/crypto/nullifier.ts:143
Sets the Nullifier, returns the new Merkle root.
Parameters
witness
Returns
Example
// calculates the new root of the Merkle tree in which the nullifier is set to used
let newRoot = nullifier.setUsed(witness);
verify()
verify(message: Field[]): void
Defined in: lib/provable/crypto/nullifier.ts:47
Verifies that the Nullifier belongs to a specific message. Throws an error if the Nullifier is incorrect.
Parameters
message
Field[]
Returns
void
Example
let nullifierMessage = [voteId, ...otherData];
// throws an error if the nullifier is invalid or doesn't belong to this specific message
nullifier.verify(nullifierMessage);
createTestNullifier()
static createTestNullifier(message: Field[], sk: PrivateKey): Nullifier
Defined in: lib/provable/crypto/nullifier.ts:170
Note: This is not the recommended way to create a Nullifier in production. Please use mina-signer to create Nullifiers. Also, this function cannot be run within provable code to avoid unintended creations of Nullifiers - a Nullifier should never be created inside proveable code (e.g. a smart contract) directly, but rather created inside the users wallet (or other secure enclaves, so the private key never leaves that enclave).
PLUME: An ECDSA Nullifier Scheme for Unique Pseudonymity within Zero Knowledge Proofs https://eprint.iacr.org/2022/1255.pdf chapter 3 page 14
Parameters
message
Field[]
sk
Returns
Nullifier
fromJSON()
static fromJSON(json: Nullifier): Nullifier
Defined in: lib/provable/crypto/nullifier.ts:32
Parameters
json
Nullifier
Returns
Overrides
Struct({
publicKey: Group,
public: {
nullifier: Group,
s: Scalar,
},
private: {
c: Field,
g_r: Group,
h_m_pk_r: Group,
},
}).fromJSON
sizeInFields()
static sizeInFields(): number
Defined in: lib/provable/types/provable-intf.ts:66
Return the size of the T type in terms of Field type, as Field is the primitive type.
Returns
number
A number representing the size of the T type in terms of Field type.
Inherited from
Struct({
publicKey: Group,
public: {
nullifier: Group,
s: Scalar,
},
private: {
c: Field,
g_r: Group,
h_m_pk_r: Group,
},
}).sizeInFields