fix: rebase and fixes

IlyasRidhuan · IlyasRidhuan · commit 8f29a5df72fc · 2022-08-03T12:37:36.000+01:00
diff --git a/nightfall-client/src/utils/compute-witness.mjs b/nightfall-client/src/utils/compute-witness.mjs
@@ -66,10 +66,10 @@ const computePrivateInputsNullifiers = privateData => {
   ].flat(Infinity);
 };
 
-const computePrivateInputsCommitments = privateData => {
+const computePrivateInputsCommitments = (privateData, padTo) => {
   const { newCommitmentPreimage, recipientPublicKeys } = generalise(privateData);
-  const paddedNewCommitmentPreimage = padArray(newCommitmentPreimage, NULL_COMMITMENT, 2);
-  const paddedRecipientPublicKeys = padArray(recipientPublicKeys, [0, 0], 2);
+  const paddedNewCommitmentPreimage = padArray(newCommitmentPreimage, NULL_COMMITMENT, padTo);
+  const paddedRecipientPublicKeys = padArray(recipientPublicKeys, [0, 0], padTo);
   return [
     paddedNewCommitmentPreimage.map(commitment => commitment.value.limbs(8, 31)),
     paddedNewCommitmentPreimage.map(commitment => commitment.salt.field(BN128_GROUP_ORDER)),
@@ -96,19 +96,22 @@ export const computeWitness = (txObject, roots, privateData) => {
   const publicInputs = computePublicInputs(txObject, roots);
   switch (Number(txObject.transactionType)) {
     case 0:
+      // Deposit
       return [...publicInputs, ...computePrivateInputsDeposit(privateData)];
     case 1:
+      // Transfer
       return [
         ...publicInputs,
         ...computePrivateInputsNullifiers(privateData),
-        ...computePrivateInputsCommitments(privateData),
+        ...computePrivateInputsCommitments(privateData, 2),
         ...computePrivateInputsEncryption(privateData),
       ];
     default:
+      // Withdraw
       return [
         ...publicInputs,
         ...computePrivateInputsNullifiers(privateData),
-        ...computePrivateInputsCommitments(privateData),
+        ...computePrivateInputsCommitments(privateData, 1),
       ];
   }
 };
diff --git a/nightfall-deployer/circuits/common/generic_circuit/Verifiers/verify_commitments.zok b/nightfall-deployer/circuits/common/generic_circuit/Verifiers/verify_commitments.zok
@@ -21,7 +21,7 @@ def main<MinCommitments, MaxCommitments>(\
             We can check if commitment is supposed to be null or non-null by the following
             1) Note that degenerate case for each circuit type (deposit, transfer, withdraw) also matches the possible uses involving erc721
             2) Thus, we first perform checks based on this degenerate case (characterised by MinCommitments).
-            3) We use (i + 1) as the loop is zero-indexed by MinCommitments is a count of minimum allowable commitments.
+            3) We use (i + 1) as the loop is zero-indexed while MinCommitments is a count of minimum allowable commitments.
             4) Therefore we check (with a poseidon hash) any input when the incremented loop index matches this conditional.
             5) Finally, we check the "optional extra commitments" that are only allowable to erc20/1155 (characterised by value > 0)
         */
diff --git a/nightfall-deployer/circuits/common/generic_circuit/Verifiers/verify_nullifiers.zok b/nightfall-deployer/circuits/common/generic_circuit/Verifiers/verify_nullifiers.zok
@@ -42,7 +42,7 @@ def main<MinNullifiers, MaxNullifiers>(\
             We can check if nullifier is supposed to be null or non-null by the following
             1) Note that degenerate case for each circuit type (deposit, transfer, withdraw) also matches the possible uses involving erc721
             2) Thus, we first perform checks based on this degenerate case (characterised by MinNullifiers).
-            3) We use (i + 1) as the loop is zero-indexed by MinNullifiers is a count of minimum allowable nullifiers.
+            3) We use (i + 1) as the loop is zero-indexed while MinNullifiers is a count of minimum allowable nullifiers.
             4) Therefore we check (with a poseidon hash/path check) any input when the incremented loop index matches this conditional.
             5) Finally, we check the "optional extra nullifiers" that are only allowable to erc20/1155 (characterised by value > 0)
         */
@@ -53,15 +53,17 @@ def main<MinNullifiers, MaxNullifiers>(\
             ...zkpPublicKeys,\
             oldCommitmentSalts[i]\
         ])
-        field nullifier = if(oldCommitmentValues[i] != 0 || (i+1) != MinNullifiers) then poseidon([nullifierKeys, calculatedOldCommitmentHash]) else 0 fi
+        field nullifier = if(oldCommitmentValues[i] != 0 || (i+1) == MinNullifiers) then poseidon([nullifierKeys, calculatedOldCommitmentHash]) else 0 fi
 
         //Check that the calculated nullifier matches with the one contained in the transaction
         assert(nullifier == nullifierHashes[i])
 
         //Check that the nullifier is contained in the tree
-        bool pathValidity = if(oldCommitmentValues[i] != 0 || (i+1) != MinNullifiers) then pathCheck([roots[i], ...paths[i]], orders[i], calculatedOldCommitmentHash) else true fi
+        bool pathValidity = if(oldCommitmentValues[i] != 0 || (i+1) == MinNullifiers) then pathCheck([roots[i], ...paths[i]], orders[i], calculatedOldCommitmentHash) else true fi
         assert(pathValidity)
 
+        //Set the changeZkpPublicKeys if i = 0. Otherwise just set the same value
+        firstInputZkpPublicKeys = i == 0 ? zkpPublicKeys : firstInputZkpPublicKeys
     endfor
     
     return firstInputZkpPublicKeys
