checkpoint circle proof genereation

src/utils/proving.ts

@@ -3,23 +3,23 @@
 // https://github.com/cursive-team/babyjubjub-ecdsa
 // need to compile circom circuits in build and import to prove here
 
-import { JubjubSignature } from 'types/GameMechanics';
-
-import circuit from 'circuits/circle_js/circle_constraints.json';
-import circ from 'circomlibjs';
-import snark from 'snarkjs';
-
-import { buildBabyjub, buildPoseidon } from 'circomlibjs';
+import { MajikSpell } from 'types/GameMechanics';
+import { groth16 } from 'snarkjs';
+import { Scalar } from 'ffjavascript';
 import { randomUUID } from 'expo-crypto';
 import { mapValues } from 'lodash';
 
-console.log('zk libs', circ, snark);
-console.log('ZK Circuit', circuit);
+import { convertSignatureToEdwards, getBabyJub } from './zkpid';
 
-let poseidon;
-let babyjub;
+// import circuit from 'circuits/circle_js/circle.wasm';
+// console.log('ZK Circle Circuit', circuit);
+
+const CIRCLE_PROOF_CIRCUIT_FILE_PATH = 'circuits/circle_js/circle.wasm'; // Update with your WASM file path
+const CIRCLE_PROOF_ZKEY_FILE_PATH = 'circuits/sumoning_circle_18_0001.zkey'; // Update with your ZKEY file path
 
 // Convert a hex string to a field element (BigInt) for use in a babyjubjub circuit as a raw element
+// similar to babyjub.F.e but takes any arbitrary hex/BigInt and turns it to a valid curve point instead of receiving a known valid point and directly converting it to Edwards
+// different to hashToPointOnBabyJubjub bc no cryptographic guarantee for Efficient ECDSA Signature
 const hexStringToFieldElement = (hexStr: string) => {
     // ensure valid 0x hexstr before converting
     const hexBigInt = BigInt(hexStr.startsWith('0x') ? hexStr : `0x${hexStr}`);
@@ -36,10 +36,20 @@ const hexStringToFieldElement = (hexStr: string) => {
     return fieldElement.toString();
 };
 
-export const proveCircleSummoning = async (pid: string, sig: JubjubSignature) => {
-    // Initialize Poseidon
-    if (!poseidon) poseidon = await buildPoseidon();
-    if (!babyjub) babyjub = await buildBabyjub();
+export const proveCircleSummoning = async (pid: string, sig: MajikSpell) => {
+    const inputs = getCircleSummoningProofInputs(pid, sig);
+    const { proof, publicSignals } = await groth16.fullProve(
+        inputs,
+        CIRCLE_PROOF_CIRCUIT_FILE_PATH,
+        CIRCLE_PROOF_ZKEY_FILE_PATH,
+    );
+
+    return { proof, publicSignals };
+};
+
+const getCircleSummoningProofInputs = async (pid: string, sig: MajikSpell) => {
+    // const poseidon = await getPoseidon();
+    const babyjub = await getBabyJub();
 
     // @DEV pretty sure VerifyTap assumes every sig is different (aka chips incrementing nonce) for valid nullifiers
     const sigNullifierRandomness = randomUUID();
@@ -70,36 +80,3 @@ export const proveCircleSummoning = async (pid: string, sig: JubjubSignature) =>
 
     return circuitInputs;
 };
-
-/**
- *
- * @param sig
- * @returns Twisted Edwards points for public keys of signer
- */
-export const convertSignatureToEdwards = (sig: JubjubSignature) => {
-    if (!poseidon) return {}; // cant generate so return null
-    if (!babyjub) return {}; // cant generate so return null
-
-    // Extract r, s, v from the signature
-    const r = sig.raw.r;
-    const s = sig.raw.s;
-
-    // Convert r, s, and msg to field elements
-    const r_bn = BigInt(r);
-    const s_bn = BigInt(s);
-    const msg_bn = BigInt(sig.ether);
-
-    const tapTx = poseidon([msg_bn]);
-    const tapTy = poseidon([msg_bn]);
-    const tapUx = poseidon([r_bn]);
-    const tapUy = poseidon([r_bn]);
-
-    const F = babyjub.F;
-    return {
-        tapS: F.toObject(F.e(s_bn)),
-        tapTx: F.toObject(tapTx),
-        tapTy: F.toObject(tapTy),
-        tapUx: F.toObject(tapUx),
-        tapUy: F.toObject(tapUy),
-    };
-};