Skip to content

poq and pol updates: zoneTreeDepth param, public PoL inputs, rename is_winning #78

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 2 commits into
base: master
Choose a base branch
from
Open

poq and pol updates: zoneTreeDepth param, public PoL inputs, rename is_winning #78

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
01e02e4
delete DS_Store and gitignore
megonen Jun 11, 2025
f1cb696
Update poq.circom
megonen Jun 11, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
11 changes: 6 additions & 5 deletions circom_circuits/Blend/generate_inputs_for_poq.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -269,13 +269,14 @@ def PoseidonSponge(data, capacity, output_len):
output_number += 1
note_id = poseidon2_hash([F(103012852986292465873069134523609422197952925946768565674230228608985708879),tx_hash,output_number,value,pk])
ticket = poseidon2_hash([F(328840406439552832830196247813274442341678919395186087927998764150429312516),F(epoch_nonce),F(slot_number),note_id,sk])

aged_nodes = [F(randrange(0,p,1)) for i in range(32)]
aged_selectors = randrange(0,2**32,1)

zoneTreeDepth = 32
aged_nodes = [F(randrange(0,p,1)) for i in range(zoneTreeDepth)]
aged_selectors = randrange(0,2**zoneTreeDepth,1)
aged_selectors = format(aged_selectors,'032b')
aged_root = note_id
for i in range(32):
if int(aged_selectors[31-i]) == 0:
for i in range(zoneTreeDepth):
if int(aged_selectors[zoneTreeDepth-1-i]) == 0:
aged_root = poseidon2_hash([aged_root,aged_nodes[i]])
else:
aged_root = poseidon2_hash([aged_nodes[i],aged_root])
Expand Down
18 changes: 8 additions & 10 deletions circom_circuits/Blend/poq.circom
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,11 +8,12 @@ include "../circomlib/circuits/bitify.circom";
include "../Mantle/pol.circom"; // defines proof_of_leadership

/**
* ProofOfQuota(nLevelsPK, nLevelsPol)
* ProofOfQuota(nLevelsPK, nLevelsPol, bitsQuota, zoneTreeDepth)
*
* - nLevelsPK : depth of the core-node public-key registry Merkle tree
* - nLevelsPol : depth of the slot-secret tree used in PoL (25)
* - bitsQuota : bit-width for the index comparator
* - zoneTreeDepth : depth of the zone’s aged notes Merkle tree (32)
*/
template ProofOfQuota(nLevelsPK, nLevelsPol, bitsQuota) {
// Public Inputs
Expand All @@ -23,6 +24,7 @@ template ProofOfQuota(nLevelsPK, nLevelsPol, bitsQuota) {
signal input aged_root; // PoL: aged notes root
signal input K; // Blend: one-time signature public key

// Although K is listed as a public input in the circuit, it’s conceptually generated by the prover and thus considered an output of the proof process.
signal dummy;
dummy <== K * K;

Expand All @@ -38,15 +40,11 @@ template ProofOfQuota(nLevelsPK, nLevelsPol, bitsQuota) {
signal input core_selectors[nLevelsPK]; // path selectors (bits)

// PoL branch inputs (all the PoL private data)
signal input slot;
signal input epoch_nonce;
signal input t0;
signal input t1;
signal input slot_secret;
signal input slot_secret_path[nLevelsPol];

signal input aged_nodes[32];
signal input aged_selectors[32];
signal input aged_nodes[zoneTreeDepth];
signal input aged_selectors[zoneTreeDepth];
signal input transaction_hash;
signal input output_number;

Expand Down Expand Up @@ -88,7 +86,7 @@ template ProofOfQuota(nLevelsPK, nLevelsPol, bitsQuota) {
for (var i = 0; i < nLevelsPol; i++) {
would_win.slot_secret_path[i] <== slot_secret_path[i];
}
for (var i = 0; i < 32; i++) {
for (var i = 0; i < zoneTreeDepth; i++) {
would_win.aged_nodes[i] <== aged_nodes[i];
would_win.aged_selectors[i] <== aged_selectors[i];
}
Expand Down Expand Up @@ -129,5 +127,5 @@ template ProofOfQuota(nLevelsPK, nLevelsPol, bitsQuota) {
}

// Instantiate with chosen depths: 20 for core PK tree, 25 for PoL slot tree
component main { public [ session, Qc, Ql, pk_root, aged_root, K ] }
= ProofOfQuota(20, 25, 20);
component main { public [ session, Qc, Ql, pk_root, aged_root, slot, epoch_nonce, t0, t1, K ] }
= ProofOfQuota(20, 25, 20, 32);
4 changes: 2 additions & 2 deletions circom_circuits/Mantle/pol.circom
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -57,7 +57,7 @@ template derive_entropy(){
out <== hash.out;
}

template is_winning_leadership(secret_depth){
template would_win_leadership(secret_depth){
Copy link
Contributor

@kashepavadan kashepavadan Jun 11, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

add zoneTreeDepth on lines 69, 70, 78, 79 and elsewhere in this file. could be a constant somewhere

Copy link
Contributor

@kashepavadan kashepavadan Jun 11, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

btw I think it's good to mention this in the specs. common ledger specs maybe?

signal input slot;
signal input epoch_nonce;
signal input t0;
Expand Down Expand Up @@ -222,7 +222,7 @@ template proof_of_leadership(secret_depth){
signal input value;

// Verify the note is winning the lottery
component lottery_checker = is_winning_leadership(secret_depth);
component lottery_checker = would_win_leadership(secret_depth);
lottery_checker.slot <== slot;
lottery_checker.epoch_nonce <== epoch_nonce;
lottery_checker.t0 <== t0;
Expand Down