rate-limiting-nullifier / rlnjs Goto Github PK

Guys, I followed the README code and wrote this

import { RLN, Registry, Cache, genExternalNullifier } from 'rlnjs';
import * as path from 'path';
import * as fs from 'fs';

// This assumes you have built the circom circuits and placed them into the folder ./zkeyFiles
const zkeyFilesPath = './zkeyFiles';
const vkeyPath = path.join(zkeyFilesPath, 'verification_key.json');
const vKey = JSON.parse(fs.readFileSync(vkeyPath, 'utf-8'));
const wasmFilePath = path.join(zkeyFilesPath, 'rln.wasm');
const finalZkeyPath = path.join(zkeyFilesPath, 'rln_final.zkey');

// Instantiate RLN
const rlnInstance = new RLN(wasmFilePath, finalZkeyPath, vKey);

// Example of accessing the generated identity commitment
const identity = rlnInstance.identity;
const identityCommitment = rlnInstance.commitment;

console.log('Identity: ', identity);
console.log('Identity commitment: ', identityCommitment);

// generate RLN registry that contains slashed registry
const registry = new Registry(); // using the default tree depth
registry.addMember(identityCommitment);

const cache = new Cache(rlnInstance.rlnIdentifier);

// Example of generating a proof
const epoch = genExternalNullifier('test-epoch');
const signal = 'This is a test signal';

const merkleProof = registry.generateMerkleProof(identityCommitment);

const proof = await rlnInstance.generateProof(signal, merkleProof, epoch);

console.log('DONE!');

but when i try to generate a proof i get this error

ERROR:  1 
file{path}/node_modules/circom_runtime/js/witness_calculator.js:433
                    throw new Error(err);
                          ^

Error: Error: Signal not found. 
    at file:{path}/node_modules/circom_runtime/js/witness_calculator.js:433:27
    at Array.forEach (<anonymous>)
    at WitnessCalculatorCircom2._doCalculateWitness (file:{path}/node_modules/circom_runtime/js/witness_calculator.js:418:14)
    at WitnessCalculatorCircom2.calculateWTNSBin (file:{path}/node_modules/circom_runtime/js/witness_calculator.js:463:20)
    at wtnsCalculate (file:{path}/node_modules/snarkjs/src/wtns_calculate.js:45:28)
    at async Module.groth16FullProve (file:{path}/poc/node_modules/snarkjs/src/groth16_fullprove.js:31:5)

do you have any ideas?

What's wrong?

Right now we're using a temporary resource, as mentioned in

How to fix it?

Use the resources that can be downloaded on the trusted setup page https://ceremony.pse.dev/projects/RLN%20Trusted%20Setup%20Ceremony.

Cache merkleproof, create version of rln-circuits where an external merkleproof can be verified in the circuit so an external merkle proof can be included.

This would allow someone to generate an RLN if the merkle tree hasn't changed.

Create a new RLN (to be renamed to Protocol Class) Abstract Base Class with the same interfaces/API, that can be instantiated to RLNV1, RLNV2Same, RLNV2Diff version of the class, depending on which circuits it's given

What's wrong?

The RLN class exposed in RLNjs's index.ts is quite large, encompassing a lot of default functionalities. For certain use cases, users may only need the circuit-wrapper, without the added bulk of the other features and extra size.

How to fix it?

1. Make circuit-wrapper more user-friendly.
2. Expose the circuit-wrapper for users who only require basic functionalities, allowing them to generate and verify proofs using the TypeScript interface.
3. Consider publishing a separate RLNjs-lite version that specifically addresses this streamlined use-case.

Hello,

I am learning ZK and exploring the RLN (Rate-Limiting Nullifier) protocol and came across a potential concern regarding the rate limiting mechanism.

It seems that if a user sends same messages (with the same messageId and hash value) exceeding the rate limit within a specified epoch, each message would generate the same point (x,y) on the user's polynomial. As a result, despite exceeding the rate limit, the protocol would not be able to recover the user's polynomial from a single point, thus the user would not be slashed.

I would like to confirm if this behavior is indeed as described and if there are any mechanisms within the protocol to prevent this kind of abuse.

Thank you.

• Vkey shouldn't be required
• Semaphore ID - Maybe this SHOULD be required? and we can give a method using RLN to generate one?
• RLN AppID should also be required

In ./src/index.ts Registry should be imported from ./Registry and exported as Registry

What’s wrong?

We have examples for browser and nodejs. They actually have common code snippets and should be able to be combined into one example, which makes it easier to maintain the code.

How to fix it?

We can combine two examples into one, and people can just run different commands in the same example project. For instance, npm run browser for browser and npm run node for node

Readme needs to be reviewed for accuracy and clarity.

@mhchia you found an issue where it wasn't clear that the circuits need to be compiled with a tree depth of 20, that should be made clear with instructions

encoder/decoder for jsRLN <->RLNjs

What’s wrong?

Default resources (.zkey and .wasm) generated by snarkjs are encoded in base64 and put inside typescript files. It's a workaround. They should be individual files originally since it's easier to maintain and it allows developers to decide whether or not to load a file. base64 approach has been used because I find it harder to make RLNjs work with standalone files while supporting both browser and nodejs.

How to fix it?

At the moment I can only think of using environment variables to determine whether it's in the browser or nodejs, and access resources in different ways. Maybe there is a better approach though.

On remote host it throws this error.

registry1().slashMember(poseidon1([status1.secret]))

@mhchia @curryrasul registry.slashMember() should accept the secret as an input right? Not the idCommitment?

This doesn't matter as far as the "security" of the protocol, because the registry is just keeping track of who is registered and who has been slashed, but as a matter of enforcing how the concept works and making sure the correct idcommitments are being slashed, the secret should be the input right?

Then maybe we can add another method called slashMemberByCommitment() to make it more explicit?

Support basic semaphorejs

While keeping the same interface/API, make a new RLN class that encompasses RLN, Registry, and Cache into 1 class object that abstracts away much of the underlying interface details from the developer and makes usage more simple.

RLN Class
- Protocol Class (Old RLN class)
- Registry Class
- Cache Class

What’s wrong?

The bundle for browser is not minimized. It may increase the loading time on browser

How to fix it?

Minimize the bundle for browser by changing the rollup configs, probably with @rollup/plugin-terser

What's wrong?

As the title, Cache.import is expected to return a Cache object, but it's just a Object now.

How to fix it?

• Still parse cache: string with JSON.parse
• Instantiate a new Cache
• Copy all content in cache to Cache.cache

What's wrong?

CI is failing #90 (comment). The weird part is it only fails with NodeJS V18, but it runs correctly on my laptop.

How to fix it?

Since CI works with v16 and tests work well with V18 on my laptop, I think we can revisit it later

hash(rlnIdentifier) instead of zero for the zero leaf on merkle tree initialization

Browser may need different API than nodejs since artifacts are referenced through URL instead of relative paths?

• Registering
• Slashing
• Withdrawal

What’s wrong?

RLNContract.getLogs fetches all history logs from the provider every time it’s called. It’ll take much time for each log when the number of logs and the block height grows.

How to fix it?

We can get logs step by step and save them locally, to avoid getting all historical logs every time we call getLogs. For example, we can start from the block where the contract is deployed, query logs from a certain number of blocks each time, memorize the latest block height we’ve queried, and repeat.

We also need to make sure the logs are still valid even after a reorg. A naive way is that we only query blocks up to latest_block_height - num_blocks_delayed. num_blocks_delayed is large enough so that the blocks with height smaller than latest_block_height - num_blocks_delayed can barely reorg.

RLNjs Version 2.1 will support RLN-Circuits version 2.0 (more info below)

Wasm/zkey isn't getting fetched until a proof is generated; this is bad developer experience since they won't know something is wrong until they actually go to generate a proof, instead of on RLN instantiation.

We must make types/interfaces for the RLN, Registry, and Cache classes.