fix: depth check, nullifier inequality check, removed unused lines

packages/circuits/circuits/merkleTree.circom

@@ -23,14 +23,12 @@ template LeanIMTInclusionProof(maxDepth) {
     signal input leafIndex;          // The index of the leaf in the tree
     signal input siblings[maxDepth]; // The sibling values along the path to the root
     signal input actualDepth;        // Current tree depth (unused as |siblings| <= actualDepth)
-    _ <== actualDepth;               // Silence unused signal warning
 
     signal output out;               // The computed root value
 
     /////////////////// INTERNAL SIGNALS ///////////////////
 
     signal nodes[maxDepth + 1];      // Array to store computed node values at each level
-    // signal intermediateRoots[maxDepth + 1]; // Array to store intermediate root values
     signal indices[maxDepth];        // Array to store path indices for each level
 
     ////////////////// COMPONENT SIGNALS //////////////////
@@ -42,6 +40,12 @@ template LeanIMTInclusionProof(maxDepth) {
 
     /////////////////////// LOGIC ///////////////////////
 
+    // Check provided depth is valid according to the max depth 
+    component depthCheck = LessEqThan(6);
+    depthCheck.in[0] <== actualDepth;
+    depthCheck.in[1] <== maxDepth;
+    depthCheck.out === 1;
+
     // Convert leaf index to binary path
     component indexToPath = Num2Bits(maxDepth);
     indexToPath.in <== leafIndex;
@@ -58,7 +62,7 @@ template LeanIMTInclusionProof(maxDepth) {
         hashInCorrectOrder[i].c <== childrenToSort;
         hashInCorrectOrder[i].s <== indices[i];
 
-        // hash the nodes
+        // Hash the nodes
         poseidons[i] = Poseidon(2);
         poseidons[i].inputs <== hashInCorrectOrder[i].out;
 
@@ -72,4 +76,4 @@ template LeanIMTInclusionProof(maxDepth) {
 
     // Output final computed root
     out <== nodes[maxDepth];
-}
+}

packages/circuits/circuits/withdraw.circom

@@ -91,18 +91,24 @@ template Withdraw(maxTreeDepth) {
   withdrawnValueRangeCheck.in <== withdrawnValue;
   _ <== withdrawnValueRangeCheck.out;
 
-  // 6. Compute new commitment
+  // 6. Check existing and new nullifier don't match
+  component nullifierEqualityCheck = IsEqual();
+  nullifierEqualityCheck.in[0] <== existingNullifier; 
+  nullifierEqualityCheck.in[1] <== newNullifier; 
+  nullifierEqualityCheck.out === 0;
+
+  // 7. Compute new commitment
   component newCommitmentHasher = CommitmentHasher();
   newCommitmentHasher.value <== remainingValue;
   newCommitmentHasher.label <== label;
   newCommitmentHasher.nullifier <== newNullifier;
   newCommitmentHasher.secret <== newSecret;
 
-  // 7. Output new commitment hash
+  // 8. Output new commitment hash
   newCommitmentHash <== newCommitmentHasher.commitment;
   _ <== newCommitmentHasher.precommitmentHash;
   _ <== newCommitmentHasher.nullifierHash;
 
-  // 8. Square context for integrity
+  // 9. Square context for integrity
   signal contextSquared <== context * context;
 }