mirror of
https://github.com/darkrenaissance/darkfi.git
synced 2026-01-08 06:14:08 -05:00
49 lines
1.3 KiB
Plaintext
49 lines
1.3 KiB
Plaintext
k = 13;
|
|
field = "pallas";
|
|
|
|
constant "Mint" {
|
|
EcFixedPointShort VALUE_COMMIT_VALUE,
|
|
EcFixedPoint VALUE_COMMIT_RANDOM,
|
|
EcFixedPointBase NULLIFIER_K,
|
|
}
|
|
|
|
witness "Mint" {
|
|
Base pub_x,
|
|
Base pub_y,
|
|
Base value,
|
|
Base token,
|
|
Base serial,
|
|
Scalar value_blind,
|
|
Scalar token_blind,
|
|
}
|
|
|
|
circuit "Mint" {
|
|
# Poseidon hash of the coin
|
|
C = poseidon_hash(pub_x, pub_y, value, token, serial);
|
|
constrain_instance(C);
|
|
|
|
# Pedersen commitment for coin's value
|
|
vcv = ec_mul_short(value, VALUE_COMMIT_VALUE);
|
|
vcr = ec_mul(value_blind, VALUE_COMMIT_RANDOM);
|
|
value_commit = ec_add(vcv, vcr);
|
|
# Since the value commit is a curve point, we fetch its coordinates
|
|
# and constrain them:
|
|
value_commit_x = ec_get_x(value_commit);
|
|
value_commit_y = ec_get_y(value_commit);
|
|
constrain_instance(value_commit_x);
|
|
constrain_instance(value_commit_y);
|
|
|
|
# Pedersen commitment for coin's token ID
|
|
tcv = ec_mul_base(token, NULLIFIER_K);
|
|
tcr = ec_mul(token_blind, VALUE_COMMIT_RANDOM);
|
|
token_commit = ec_add(tcv, tcr);
|
|
# Since token_commit is also a curve point, we'll do the same
|
|
# coordinate dance:
|
|
token_commit_x = ec_get_x(token_commit);
|
|
token_commit_y = ec_get_y(token_commit);
|
|
constrain_instance(token_commit_x);
|
|
constrain_instance(token_commit_y);
|
|
|
|
# At this point we've enforced all of our public inputs.
|
|
}
|