chore: Release

---------

Co-authored-by: rymnc <43716372+rymnc@users.noreply.github.com>

.github/workflows/ci.yml

@@ -28,18 +28,18 @@ on:
 name: Tests
 
 jobs:
-
-  multiplier:
+  test:
     strategy:
       matrix:
         platform: [ubuntu-latest, macos-latest]
+        crate: [multiplier, semaphore, rln, utils]
     runs-on: ${{ matrix.platform }}
     timeout-minutes: 60
   
-    name: multiplier - ${{ matrix.platform }}
+    name: test - ${{ matrix.crate }} - ${{ matrix.platform }}
     steps:
       - name: Checkout sources
-        uses: actions/checkout@v2
+        uses: actions/checkout@v3
       - name: Install stable toolchain
         uses: actions-rs/toolchain@v1
         with:
@@ -52,33 +52,8 @@ jobs:
       - name: cargo-make test
         run: |
             cargo make test --release
-        working-directory: multiplier
+        working-directory: ${{ matrix.crate }}
   
-  semaphore:
-    strategy:
-      matrix:
-        platform: [ubuntu-latest, macos-latest]
-    runs-on: ${{ matrix.platform }}
-    timeout-minutes: 60
-  
-    name: semaphore - ${{ matrix.platform }}
-    steps:
-      - name: Checkout sources
-        uses: actions/checkout@v2
-      - name: Install stable toolchain
-        uses: actions-rs/toolchain@v1
-        with:
-          profile: minimal
-          toolchain: stable
-          override: true
-      - uses: Swatinem/rust-cache@v2
-      - name: Install Dependencies
-        run: make installdeps
-      - name: cargo-make test
-        run: |
-            cargo make test --release
-        working-directory: semaphore
-
   rln-wasm:
     strategy:
       matrix:
@@ -86,9 +61,9 @@ jobs:
     runs-on: ${{ matrix.platform }}
     timeout-minutes: 60
   
-    name: rln-wasm - ${{ matrix.platform }}
+    name: test - rln-wasm - ${{ matrix.platform }}
     steps:
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v3
       - name: Install stable toolchain
         uses: actions-rs/toolchain@v1
         with:
@@ -105,68 +80,19 @@ jobs:
       - run: cargo make test --release
         working-directory: rln-wasm
 
-  rln:
-    strategy:
-      matrix:
-        platform: [ubuntu-latest, macos-latest]
-    runs-on: ${{ matrix.platform }}
-    timeout-minutes: 60
-  
-    name: rln - ${{ matrix.platform }}
-    steps:
-      - name: Checkout sources
-        uses: actions/checkout@v2
-      - name: Install stable toolchain
-        uses: actions-rs/toolchain@v1
-        with:
-          profile: minimal
-          toolchain: stable
-          override: true
-      - uses: Swatinem/rust-cache@v2
-      - name: Install Dependencies
-        run: make installdeps
-      - name: cargo-make test
-        run: |
-            cargo make test --release
-        working-directory: rln
-
-  utils:
-    strategy:
-      matrix:
-        platform: [ubuntu-latest, macos-latest]
-    runs-on: ${{ matrix.platform }}
-    timeout-minutes: 60
-  
-    name: utils - ${{ matrix.platform }}
-    steps:
-      - name: Checkout sources
-        uses: actions/checkout@v2
-      - name: Install stable toolchain
-        uses: actions-rs/toolchain@v1
-        with:
-          profile: minimal
-          toolchain: stable
-          override: true
-      - uses: Swatinem/rust-cache@v2
-      - name: Install Dependencies
-        run: make installdeps
-      - name: cargo-make test
-        run: |
-            cargo make test --release
-        working-directory: utils
-
   lint:
     strategy:
       matrix:
         # we run lint tests only on ubuntu
         platform: [ubuntu-latest]
+        crate: [multiplier, semaphore, rln, utils]
     runs-on: ${{ matrix.platform }}
     timeout-minutes: 60
 
-    name: lint - ${{ matrix.platform }}  
+    name: lint - ${{ matrix.crate }} - ${{ matrix.platform }}  
     steps:
       - name: Checkout sources
-        uses: actions/checkout@v2
+        uses: actions/checkout@v3
       - name: Install stable toolchain
         uses: actions-rs/toolchain@v1
         with:
@@ -179,27 +105,33 @@ jobs:
         run: make installdeps
       - name: cargo fmt
         if: success() || failure()
-        run: cargo fmt --all -- --check
-      - name: multiplier - cargo clippy
+        run: cargo fmt -- --check
+        working-directory: ${{ matrix.crate }}
+      - name: cargo clippy
         if: success() || failure()
         run: |
             cargo clippy --release -- -D warnings
-        working-directory: multiplier
-      - name: semaphore - cargo clippy
-        if: success() || failure()
-        run: |
-            cargo clippy --release -- -D warnings
-        working-directory: semaphore
-      - name: rln - cargo clippy
-        if: success() || failure()
-        run: |
-            cargo clippy --release -- -D warnings
-        working-directory: rln
-      - name: utils - cargo clippy
-        if: success() || failure()
-        run: |
-            cargo clippy --release -- -D warnings
-        working-directory: utils
+        working-directory: ${{ matrix.crate }}
         # We skip clippy on rln-wasm, since wasm target is managed by cargo make
         # Currently not treating warnings as error, too noisy
-        # -- -D warnings
+        # -- -D warnings
+  benchmark:
+    # run only in pull requests
+    if: github.event_name == 'pull_request'
+    strategy:
+      matrix:
+        # we run benchmark tests only on ubuntu
+        platform: [ubuntu-latest]
+        crate: [rln, utils]
+    runs-on: ${{ matrix.platform }}
+    timeout-minutes: 60
+
+    name: benchmark - ${{ matrix.platform }} - ${{ matrix.crate }}
+    steps:
+      - name: Checkout sources
+        uses: actions/checkout@v3
+      - uses: Swatinem/rust-cache@v2
+      - uses: boa-dev/criterion-compare-action@v3
+        with:
+          branchName: ${{ github.base_ref }}
+          cwd: ${{ matrix.crate }}

.github/workflows/nightly-release.yml

@@ -16,7 +16,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout sources
-        uses: actions/checkout@v2
+        uses: actions/checkout@v3
       - name: Install stable toolchain
         uses: actions-rs/toolchain@v1
         with:
@@ -51,7 +51,7 @@ jobs:
           - aarch64-apple-darwin
     steps:
       - name: Checkout sources
-        uses: actions/checkout@v2
+        uses: actions/checkout@v3
       - name: Install stable toolchain
         uses: actions-rs/toolchain@v1
         with:
@@ -81,7 +81,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout sources
-        uses: actions/checkout@v2
+        uses: actions/checkout@v3
       - name: Install stable toolchain
         uses: actions-rs/toolchain@v1
         with:
@@ -115,7 +115,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout code
-        uses: actions/checkout@v2
+        uses: actions/checkout@v3
         with:
           ref: master
       - name: Download artifacts

.github/workflows/sync-labels.yml

@@ -9,7 +9,7 @@ jobs:
   build:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v3
       - uses: micnncim/action-label-syncer@v1
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

.gitmodules

@@ -1,7 +1,3 @@
-[submodule "rln/vendor/rln"]
-	path = rln/vendor/rln
-	ignore = dirty
-	url = https://github.com/Rate-Limiting-Nullifier/rln_circuits.git
 [submodule "semaphore/vendor/semaphore"]
 	path = semaphore/vendor/semaphore
 	ignore = dirty

Cargo.lock

@@ -48,6 +48,12 @@ dependencies = [
  "memchr",
 ]
 
+[[package]]
+name = "anes"
+version = "0.1.6"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "4b46cbb362ab8752921c97e041f5e366ee6297bd428a31275b9fcf1e380f7299"
+
 [[package]]
 name = "anstream"
 version = "0.3.2"
@@ -119,6 +125,34 @@ dependencies = [
  "ark-std 0.4.0",
 ]
 
+[[package]]
+name = "ark-circom"
+version = "0.1.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "295bb8e275f3e211b36a822469ba88deb028ecb3d7fe8684102598a9158a7350"
+dependencies = [
+ "ark-bn254 0.4.0",
+ "ark-crypto-primitives 0.4.0",
+ "ark-ec 0.4.1",
+ "ark-ff 0.4.1",
+ "ark-groth16 0.4.0",
+ "ark-poly 0.4.1",
+ "ark-relations 0.4.0",
+ "ark-serialize 0.4.1",
+ "ark-std 0.4.0",
+ "byteorder",
+ "cfg-if",
+ "color-eyre 0.6.2",
+ "criterion 0.3.6",
+ "fnv",
+ "hex",
+ "num",
+ "num-bigint",
+ "num-traits",
+ "thiserror",
+ "wasmer",
+]
+
 [[package]]
 name = "ark-circom"
 version = "0.1.0"
@@ -135,8 +169,8 @@ dependencies = [
  "byteorder",
  "cfg-if",
  "color-eyre 0.6.2",
- "criterion",
- "ethers-core",
+ "criterion 0.3.6",
+ "ethers-core 2.0.4",
  "fnv",
  "hex",
  "num",
@@ -162,35 +196,8 @@ dependencies = [
  "byteorder",
  "cfg-if",
  "color-eyre 0.5.11",
- "criterion",
- "ethers-core",
- "fnv",
- "hex",
- "num",
- "num-bigint",
- "num-traits",
- "thiserror",
- "wasmer",
-]
-
-[[package]]
-name = "ark-circom"
-version = "0.1.0"
-source = "git+https://github.com/gakonst/ark-circom#f97ac2b2458fd14489bc70375bb45688f5ef26a8"
-dependencies = [
- "ark-bn254 0.4.0",
- "ark-crypto-primitives 0.4.0",
- "ark-ec 0.4.1",
- "ark-ff 0.4.1",
- "ark-groth16 0.4.0",
- "ark-poly 0.4.1",
- "ark-relations 0.4.0",
- "ark-serialize 0.4.1",
- "ark-std 0.4.0",
- "byteorder",
- "cfg-if",
- "color-eyre 0.6.2",
- "criterion",
+ "criterion 0.3.6",
+ "ethers-core 2.0.4",
  "fnv",
  "hex",
  "num",
@@ -714,6 +721,33 @@ dependencies = [
  "num-traits",
 ]
 
+[[package]]
+name = "ciborium"
+version = "0.2.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "effd91f6c78e5a4ace8a5d3c0b6bfaec9e2baaef55f3efc00e45fb2e477ee926"
+dependencies = [
+ "ciborium-io",
+ "ciborium-ll",
+ "serde",
+]
+
+[[package]]
+name = "ciborium-io"
+version = "0.2.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "cdf919175532b369853f5d5e20b26b43112613fd6fe7aee757e35f7a44642656"
+
+[[package]]
+name = "ciborium-ll"
+version = "0.2.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "defaa24ecc093c77630e6c15e17c51f5e187bf35ee514f4e2d67baaa96dae22b"
+dependencies = [
+ "ciborium-io",
+ "half",
+]
+
 [[package]]
 name = "clap"
 version = "2.34.0"
@@ -721,10 +755,22 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "a0610544180c38b88101fecf2dd634b174a62eef6946f84dfc6a7127512b381c"
 dependencies = [
  "bitflags",
- "textwrap",
+ "textwrap 0.11.0",
  "unicode-width",
 ]
 
+[[package]]
+name = "clap"
+version = "3.2.25"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "4ea181bf566f71cb9a5d17a59e1871af638180a18fb0035c92ae62b705207123"
+dependencies = [
+ "bitflags",
+ "clap_lex 0.2.4",
+ "indexmap",
+ "textwrap 0.16.0",
+]
+
 [[package]]
 name = "clap"
 version = "4.2.7"
@@ -745,7 +791,7 @@ dependencies = [
  "anstream",
  "anstyle",
  "bitflags",
- "clap_lex",
+ "clap_lex 0.4.1",
  "once_cell",
  "strsim",
 ]
@@ -762,6 +808,15 @@ dependencies = [
  "syn 2.0.16",
 ]
 
+[[package]]
+name = "clap_lex"
+version = "0.2.4"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "2850f2f5a82cbf437dd5af4d49848fbdfc27c157c3d010345776f952765261c5"
+dependencies = [
+ "os_str_bytes",
+]
+
 [[package]]
 name = "clap_lex"
 version = "0.4.1"
@@ -1032,7 +1087,7 @@ dependencies = [
  "atty",
  "cast",
  "clap 2.34.0",
- "criterion-plot",
+ "criterion-plot 0.4.5",
  "csv",
  "itertools",
  "lazy_static",
@@ -1049,6 +1104,32 @@ dependencies = [
  "walkdir",
 ]
 
+[[package]]
+name = "criterion"
+version = "0.4.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "e7c76e09c1aae2bc52b3d2f29e13c6572553b30c4aa1b8a49fd70de6412654cb"
+dependencies = [
+ "anes",
+ "atty",
+ "cast",
+ "ciborium",
+ "clap 3.2.25",
+ "criterion-plot 0.5.0",
+ "itertools",
+ "lazy_static",
+ "num-traits",
+ "oorandom",
+ "plotters",
+ "rayon",
+ "regex",
+ "serde",
+ "serde_derive",
+ "serde_json",
+ "tinytemplate",
+ "walkdir",
+]
+
 [[package]]
 name = "criterion-plot"
 version = "0.4.5"
@@ -1059,6 +1140,16 @@ dependencies = [
  "itertools",
 ]
 
+[[package]]
+name = "criterion-plot"
+version = "0.5.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "6b50826342786a51a89e2da3a28f1c32b06e387201bc2d19791f622c673706b1"
+dependencies = [
+ "cast",
+ "itertools",
+]
+
 [[package]]
 name = "crossbeam-channel"
 version = "0.5.8"
@@ -1432,7 +1523,34 @@ dependencies = [
  "rlp",
  "serde",
  "serde_json",
- "strum",
+ "strum 0.24.1",
+ "tempfile",
+ "thiserror",
+ "tiny-keccak",
+ "unicode-xid",
+]
+
+[[package]]
+name = "ethers-core"
+version = "2.0.8"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "60ca2514feb98918a0a31de7e1983c29f2267ebf61b2dc5d4294f91e5b866623"
+dependencies = [
+ "arrayvec",
+ "bytes",
+ "chrono",
+ "elliptic-curve",
+ "ethabi",
+ "generic-array",
+ "hex",
+ "k256",
+ "num_enum",
+ "open-fastrlp",
+ "rand",
+ "rlp",
+ "serde",
+ "serde_json",
+ "strum 0.25.0",
  "tempfile",
  "thiserror",
  "tiny-keccak",
@@ -1963,7 +2081,7 @@ checksum = "7843ec2de400bcbc6a6328c958dc38e5359da6e93e72e37bc5246bf1ae776389"
 
 [[package]]
 name = "multiplier"
-version = "0.1.0"
+version = "0.3.0"
 dependencies = [
  "ark-bn254 0.3.0",
  "ark-circom 0.1.0 (git+https://github.com/gakonst/ark-circom?rev=35ce5a9)",
@@ -2146,6 +2264,12 @@ dependencies = [
  "syn 1.0.109",
 ]
 
+[[package]]
+name = "os_str_bytes"
+version = "6.5.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "ceedf44fb00f2d1984b0bc98102627ce622e083e49a5bacdb3e514fa4238e267"
+
 [[package]]
 name = "owo-colors"
 version = "1.3.0"
@@ -2290,8 +2414,9 @@ dependencies = [
 
 [[package]]
 name = "pmtree"
-version = "1.0.0"
-source = "git+https://github.com/Rate-Limiting-Nullifier/pmtree?rev=bf27d4273b34a7f4ec3c77cdf67fb17a5602504a#bf27d4273b34a7f4ec3c77cdf67fb17a5602504a"
+version = "2.0.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "e054322ee96d2ccd86cd47b87797166682e45f5d67571c48eaa864668d26f510"
 dependencies = [
  "rayon",
 ]
@@ -2318,7 +2443,7 @@ dependencies = [
 
 [[package]]
 name = "private-settlement"
-version = "0.1.0"
+version = "0.3.0"
 
 [[package]]
 name = "proc-macro-crate"
@@ -2570,10 +2695,10 @@ dependencies = [
 
 [[package]]
 name = "rln"
-version = "0.1.0"
+version = "0.4.1"
 dependencies = [
  "ark-bn254 0.4.0",
- "ark-circom 0.1.0 (git+https://github.com/gakonst/ark-circom)",
+ "ark-circom 0.1.0 (registry+https://github.com/rust-lang/crates.io-index)",
  "ark-ec 0.4.1",
  "ark-ff 0.4.1",
  "ark-groth16 0.4.0",
@@ -2582,6 +2707,7 @@ dependencies = [
  "ark-std 0.4.0",
  "cfg-if",
  "color-eyre 0.6.2",
+ "criterion 0.4.0",
  "include_dir",
  "num-bigint",
  "num-traits",
@@ -2593,18 +2719,20 @@ dependencies = [
  "sled",
  "thiserror",
  "tiny-keccak",
- "utils",
  "wasmer",
+ "zerokit_utils",
 ]
 
 [[package]]
 name = "rln-cli"
-version = "0.1.0"
+version = "0.3.0"
 dependencies = [
  "clap 4.2.7",
  "clap_derive",
  "color-eyre 0.6.2",
  "rln",
+ "serde",
+ "serde_json",
 ]
 
 [[package]]
@@ -2809,7 +2937,7 @@ dependencies = [
  "ark-std 0.3.0",
  "color-eyre 0.6.2",
  "enumset",
- "ethers-core",
+ "ethers-core 2.0.4",
  "hex",
  "hex-literal",
  "num-bigint",
@@ -2826,7 +2954,7 @@ dependencies = [
 
 [[package]]
 name = "semaphore-wrapper"
-version = "0.1.0"
+version = "0.3.0"
 dependencies = [
  "ark-bn254 0.3.0",
  "ark-circom 0.1.0 (git+https://github.com/gakonst/ark-circom?rev=35ce5a9)",
@@ -2835,7 +2963,7 @@ dependencies = [
  "ark-relations 0.3.0",
  "ark-std 0.3.0",
  "color-eyre 0.6.2",
- "ethers-core",
+ "ethers-core 2.0.8",
  "once_cell",
  "rand",
  "rand_chacha",
@@ -3042,7 +3170,16 @@ version = "0.24.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "063e6045c0e62079840579a7e47a355ae92f60eb74daaf156fb1e84ba164e63f"
 dependencies = [
- "strum_macros",
+ "strum_macros 0.24.3",
+]
+
+[[package]]
+name = "strum"
+version = "0.25.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "290d54ea6f91c969195bdbcd7442c8c2a2ba87da8bf60a7ee86a235d4bc1e125"
+dependencies = [
+ "strum_macros 0.25.1",
 ]
 
 [[package]]
@@ -3058,6 +3195,19 @@ dependencies = [
  "syn 1.0.109",
 ]
 
+[[package]]
+name = "strum_macros"
+version = "0.25.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "6069ca09d878a33f883cc06aaa9718ede171841d3832450354410b718b097232"
+dependencies = [
+ "heck",
+ "proc-macro2",
+ "quote",
+ "rustversion",
+ "syn 2.0.16",
+]
+
 [[package]]
 name = "subtle"
 version = "2.4.1"
@@ -3121,19 +3271,25 @@ dependencies = [
 ]
 
 [[package]]
-name = "thiserror"
-version = "1.0.38"
+name = "textwrap"
+version = "0.16.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "6a9cd18aa97d5c45c6603caea1da6628790b37f7a34b6ca89522331c5180fed0"
+checksum = "222a222a5bfe1bba4a77b45ec488a741b3cb8872e5e499451fd7d0129c9c7c3d"
+
+[[package]]
+name = "thiserror"
+version = "1.0.39"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "a5ab016db510546d856297882807df8da66a16fb8c4101cb8b30054b0d5b2d9c"
 dependencies = [
  "thiserror-impl",
 ]
 
 [[package]]
 name = "thiserror-impl"
-version = "1.0.38"
+version = "1.0.39"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "1fb327af4685e4d03fa8cbcf1716380da910eeb2bb8be417e7f9fd3fb164f36f"
+checksum = "5420d42e90af0c38c3290abcca25b9b3bdf379fc9f55c528f53a269d9c9a267e"
 dependencies = [
  "proc-macro2",
  "quote",
@@ -3351,22 +3507,6 @@ version = "0.2.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "711b9620af191e0cdc7468a8d14e709c3dcdb115b36f838e601583af800a370a"
 
-[[package]]
-name = "utils"
-version = "0.1.0"
-dependencies = [
- "ark-bn254 0.4.0",
- "ark-ff 0.4.1",
- "color-eyre 0.6.2",
- "hex-literal",
- "num-bigint",
- "num-traits",
- "pmtree",
- "serde",
- "sled",
- "tiny-keccak",
-]
-
 [[package]]
 name = "uuid"
 version = "1.3.2"
@@ -4117,3 +4257,20 @@ dependencies = [
  "quote",
  "syn 2.0.16",
 ]
+
+[[package]]
+name = "zerokit_utils"
+version = "0.4.1"
+dependencies = [
+ "ark-bn254 0.4.0",
+ "ark-ff 0.4.1",
+ "color-eyre 0.6.2",
+ "criterion 0.4.0",
+ "hex-literal",
+ "num-bigint",
+ "num-traits",
+ "pmtree",
+ "serde",
+ "sled",
+ "tiny-keccak",
+]

Cargo.toml

@@ -8,6 +8,7 @@ members = [
   "rln-wasm",
   "utils",
 ]
+resolver = "2"
 
 # Compilation profile for any non-workspace member.
 # Dependencies are optimized, even in a dev build. This improves dev performance
@@ -20,4 +21,4 @@ opt-level = 3
 opt-level = "s"
 
 [profile.release.package."semaphore"]
-codegen-units = 1
+codegen-units = 1

Makefile

@@ -8,12 +8,13 @@ all: .pre-build build
 .pre-build: .fetch-submodules
 	@cargo install cargo-make
 ifdef CI
-	@cargo install cross --git https://github.com/cross-rs/cross --branch main
+	@cargo install cross --git https://github.com/cross-rs/cross.git --rev 1511a28
 endif
 
 installdeps: .pre-build
 ifeq ($(shell uname),Darwin)
-	@brew update
+# commented due to https://github.com/orgs/Homebrew/discussions/4612	
+# @brew update 
 	@brew install cmake ninja
 else ifeq ($(shell uname),Linux)
 	@sudo apt-get update

multiplier/Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "multiplier"
-version = "0.1.0"
+version = "0.3.0"
 edition = "2018"
 license = "MIT OR Apache-2.0"
 

private-settlement/Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "private-settlement"
-version = "0.1.0"
+version = "0.3.0"
 edition = "2021"
 license = "MIT OR Apache-2.0"
 

rln-cli/Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "rln-cli"
-version = "0.1.0"
+version = "0.3.0"
 edition = "2021"
 
 [dependencies]
@@ -8,3 +8,6 @@ rln = { path = "../rln" }
 clap = { version = "4.2.7", features = ["cargo", "derive", "env"]}
 clap_derive = { version = "=4.2.0" }
 color-eyre = "=0.6.2"
+# serialization
+serde_json = "1.0.48"
+serde = { version = "1.0.130", features = ["derive"] }

rln-cli/src/commands.rs

@@ -33,4 +33,33 @@ pub(crate) enum Commands {
         #[arg(short, long)]
         file: PathBuf,
     },
+    SetNextLeaf {
+        #[arg(short, long)]
+        file: PathBuf,
+    },
+    DeleteLeaf {
+        index: usize,
+    },
+    GetRoot,
+    GetProof {
+        index: usize,
+    },
+    Prove {
+        #[arg(short, long)]
+        input: PathBuf,
+    },
+    Verify {
+        #[arg(short, long)]
+        file: PathBuf,
+    },
+    GenerateProof {
+        #[arg(short, long)]
+        input: PathBuf,
+    },
+    VerifyWithRoots {
+        #[arg(short, long)]
+        input: PathBuf,
+        #[arg(short, long)]
+        roots: PathBuf,
+    },
 }

rln-cli/src/config.rs

@@ -0,0 +1,29 @@
+use color_eyre::Result;
+use serde::{Deserialize, Serialize};
+use std::{fs::File, io::Read, path::PathBuf};
+
+pub const RLN_STATE_PATH: &str = "RLN_STATE_PATH";
+
+#[derive(Default, Serialize, Deserialize)]
+pub(crate) struct Config {
+    pub inner: Option<InnerConfig>,
+}
+
+#[derive(Default, Serialize, Deserialize)]
+pub(crate) struct InnerConfig {
+    pub file: PathBuf,
+    pub tree_height: usize,
+}
+
+impl Config {
+    pub(crate) fn load_config() -> Result<Config> {
+        let path = PathBuf::from(std::env::var(RLN_STATE_PATH)?);
+
+        let mut file = File::open(path)?;
+
+        let mut contents = String::new();
+        file.read_to_string(&mut contents)?;
+        let state: Config = serde_json::from_str(&contents)?;
+        Ok(state)
+    }
+}

rln-cli/src/main.rs

@@ -1,3 +1,4 @@
+use std::io::Cursor;
 use std::{fs::File, io::Read, path::Path};
 
 use clap::Parser;
@@ -7,6 +8,7 @@ use rln::public::RLN;
 use state::State;
 
 mod commands;
+mod config;
 mod state;
 
 #[derive(Parser)]
@@ -19,7 +21,7 @@ struct Cli {
 fn main() -> Result<()> {
     let cli = Cli::parse();
 
-    let mut state = State::default();
+    let mut state = State::load_state()?;
 
     match &cli.command {
         Some(Commands::New {
@@ -48,13 +50,15 @@ fn main() -> Result<()> {
                 resources[0].clone(),
                 resources[1].clone(),
                 resources[2].clone(),
+                // TODO: use appropriate tree_config
+                Cursor::new(""),
             )?);
             Ok(())
         }
         Some(Commands::SetTree { tree_height }) => {
             state
                 .rln
-                .ok_or(Report::msg("no RLN initialized"))?
+                .ok_or(Report::msg("no RLN instance initialized"))?
                 .set_tree(*tree_height)?;
             Ok(())
         }
@@ -62,7 +66,7 @@ fn main() -> Result<()> {
             let input_data = File::open(&file)?;
             state
                 .rln
-                .ok_or(Report::msg("no RLN initialized"))?
+                .ok_or(Report::msg("no RLN instance initialized"))?
                 .set_leaf(*index, input_data)?;
             Ok(())
         }
@@ -70,7 +74,7 @@ fn main() -> Result<()> {
             let input_data = File::open(&file)?;
             state
                 .rln
-                .ok_or(Report::msg("no RLN initialized"))?
+                .ok_or(Report::msg("no RLN instance initialized"))?
                 .set_leaves_from(*index, input_data)?;
             Ok(())
         }
@@ -78,10 +82,76 @@ fn main() -> Result<()> {
             let input_data = File::open(&file)?;
             state
                 .rln
-                .ok_or(Report::msg("no RLN initialized"))?
+                .ok_or(Report::msg("no RLN instance initialized"))?
                 .init_tree_with_leaves(input_data)?;
             Ok(())
         }
+        Some(Commands::SetNextLeaf { file }) => {
+            let input_data = File::open(&file)?;
+            state
+                .rln
+                .ok_or(Report::msg("no RLN instance initialized"))?
+                .set_next_leaf(input_data)?;
+            Ok(())
+        }
+        Some(Commands::DeleteLeaf { index }) => {
+            state
+                .rln
+                .ok_or(Report::msg("no RLN instance initialized"))?
+                .delete_leaf(*index)?;
+            Ok(())
+        }
+        Some(Commands::GetRoot) => {
+            let writer = std::io::stdout();
+            state
+                .rln
+                .ok_or(Report::msg("no RLN instance initialized"))?
+                .get_root(writer)?;
+            Ok(())
+        }
+        Some(Commands::GetProof { index }) => {
+            let writer = std::io::stdout();
+            state
+                .rln
+                .ok_or(Report::msg("no RLN instance initialized"))?
+                .get_proof(*index, writer)?;
+            Ok(())
+        }
+        Some(Commands::Prove { input }) => {
+            let input_data = File::open(&input)?;
+            let writer = std::io::stdout();
+            state
+                .rln
+                .ok_or(Report::msg("no RLN instance initialized"))?
+                .prove(input_data, writer)?;
+            Ok(())
+        }
+        Some(Commands::Verify { file }) => {
+            let input_data = File::open(&file)?;
+            state
+                .rln
+                .ok_or(Report::msg("no RLN instance initialized"))?
+                .verify(input_data)?;
+            Ok(())
+        }
+        Some(Commands::GenerateProof { input }) => {
+            let input_data = File::open(&input)?;
+            let writer = std::io::stdout();
+            state
+                .rln
+                .ok_or(Report::msg("no RLN instance initialized"))?
+                .generate_rln_proof(input_data, writer)?;
+            Ok(())
+        }
+        Some(Commands::VerifyWithRoots { input, roots }) => {
+            let input_data = File::open(&input)?;
+            let roots_data = File::open(&roots)?;
+            state
+                .rln
+                .ok_or(Report::msg("no RLN instance initialized"))?
+                .verify_with_roots(input_data, roots_data)?;
+            Ok(())
+        }
         None => Ok(()),
     }
 }

rln-cli/src/state.rs

@@ -1,6 +1,23 @@
+use color_eyre::Result;
 use rln::public::RLN;
+use std::fs::File;
+
+use crate::config::{Config, InnerConfig};
 
 #[derive(Default)]
 pub(crate) struct State<'a> {
     pub rln: Option<RLN<'a>>,
 }
+
+impl<'a> State<'a> {
+    pub(crate) fn load_state() -> Result<State<'a>> {
+        let config = Config::load_config()?;
+        let rln = if let Some(InnerConfig { file, tree_height }) = config.inner {
+            let resources = File::open(&file)?;
+            Some(RLN::new(tree_height, resources)?)
+        } else {
+            None
+        };
+        Ok(State { rln })
+    }
+}

rln-wasm/src/lib.rs

@@ -236,6 +236,23 @@ pub fn wasm_delete_leaf(ctx: *mut RLNWrapper, index: usize) -> Result<(), String
     call_with_error_msg!(ctx, delete_leaf, "could not delete leaf".to_string(), index)
 }
 
+#[allow(clippy::not_unsafe_ptr_arg_deref)]
+#[wasm_bindgen(js_name = setMetadata)]
+pub fn wasm_set_metadata(ctx: *mut RLNWrapper, input: Uint8Array) -> Result<(), String> {
+    call_with_error_msg!(
+        ctx,
+        set_metadata,
+        "could not set metadata".to_string(),
+        &*input.to_vec()
+    )
+}
+
+#[allow(clippy::not_unsafe_ptr_arg_deref)]
+#[wasm_bindgen(js_name = getMetadata)]
+pub fn wasm_get_metadata(ctx: *mut RLNWrapper) -> Result<Uint8Array, String> {
+    call_with_output_and_error_msg!(ctx, get_metadata, "could not get metadata".to_string())
+}
+
 #[allow(clippy::not_unsafe_ptr_arg_deref)]
 #[wasm_bindgen(js_name = initTreeWithLeaves)]
 pub fn wasm_init_tree_with_leaves(ctx: *mut RLNWrapper, input: Uint8Array) -> Result<(), String> {

rln-wasm/tests/rln-wasm.rs

@@ -3,11 +3,11 @@
 #[cfg(test)]
 mod tests {
     use js_sys::{BigInt as JsBigInt, Object, Uint8Array};
-    use rln::circuit::TEST_TREE_HEIGHT;
-    use rln::utils::normalize_usize;
+    use rln::circuit::{Fr, TEST_TREE_HEIGHT};
+    use rln::hashers::{hash_to_field, poseidon_hash};
+    use rln::utils::{bytes_le_to_fr, fr_to_bytes_le, normalize_usize};
     use rln_wasm::*;
-    use wasm_bindgen::prelude::*;
-    use wasm_bindgen::JsValue;
+    use wasm_bindgen::{prelude::*, JsValue};
     use wasm_bindgen_test::wasm_bindgen_test;
 
     #[wasm_bindgen(module = "src/utils.js")]
@@ -34,26 +34,40 @@ mod tests {
 
         // Creating membership key
         let mem_keys = wasm_key_gen(rln_instance).unwrap();
-        let idkey = mem_keys.subarray(0, 32);
-        let idcommitment = mem_keys.subarray(32, 64);
-
-        // Insert PK
-        wasm_set_next_leaf(rln_instance, idcommitment).unwrap();
+        let id_key = mem_keys.subarray(0, 32);
+        let id_commitment = mem_keys.subarray(32, 64);
 
         // Prepare the message
-        let signal = "Hello World".as_bytes();
-
-        // Setting up the epoch (With 0s for the test)
-        let epoch = Uint8Array::new_with_length(32);
-        epoch.fill(0, 0, 32);
+        let signal = b"Hello World";
 
         let identity_index: usize = 0;
+        // Setting up the epoch and rln_identifier
+        let epoch = hash_to_field(b"test-epoch");
+        let rln_identifier = hash_to_field(b"test-rln-identifier");
+
+        let external_nullifier = poseidon_hash(&[epoch, rln_identifier]);
+        let external_nullifier = fr_to_bytes_le(&external_nullifier);
+
+        let user_message_limit = Fr::from(100);
+        let message_id = fr_to_bytes_le(&Fr::from(0));
+
+        let (id_commitment_fr, _) = bytes_le_to_fr(&id_commitment.to_vec()[..]);
+        let rate_commitment = poseidon_hash(&[id_commitment_fr, user_message_limit]);
+
+        // Insert PK
+        wasm_set_next_leaf(
+            rln_instance,
+            Uint8Array::from(fr_to_bytes_le(&rate_commitment).as_slice()),
+        )
+        .unwrap();
 
         // Serializing the message
         let mut serialized_vec: Vec<u8> = Vec::new();
-        serialized_vec.append(&mut idkey.to_vec());
+        serialized_vec.append(&mut id_key.to_vec());
         serialized_vec.append(&mut normalize_usize(identity_index));
-        serialized_vec.append(&mut epoch.to_vec());
+        serialized_vec.append(&mut fr_to_bytes_le(&user_message_limit).to_vec());
+        serialized_vec.append(&mut message_id.to_vec());
+        serialized_vec.append(&mut external_nullifier.to_vec());
         serialized_vec.append(&mut normalize_usize(signal.len()));
         serialized_vec.append(&mut signal.to_vec());
         let serialized_message = Uint8Array::from(&serialized_vec[..]);
@@ -109,4 +123,26 @@ mod tests {
         let is_proof_valid = wasm_verify_with_roots(rln_instance, proof_with_signal, roots);
         assert!(is_proof_valid.unwrap(), "verifying proof with roots failed");
     }
+
+    #[wasm_bindgen_test]
+    fn test_metadata() {
+        let tree_height = TEST_TREE_HEIGHT;
+        let zkey_path = format!("../rln/resources/tree_height_{TEST_TREE_HEIGHT}/rln_final.zkey");
+        let vk_path =
+            format!("../rln/resources/tree_height_{TEST_TREE_HEIGHT}/verification_key.json");
+        let zkey = read_file(&zkey_path).unwrap();
+        let vk = read_file(&vk_path).unwrap();
+
+        // Creating an instance of RLN
+        let rln_instance = wasm_new(tree_height, zkey, vk).unwrap();
+
+        let test_metadata = Uint8Array::new(&JsValue::from_str("test"));
+        // Inserting random metadata
+        wasm_set_metadata(rln_instance, test_metadata.clone()).unwrap();
+
+        // Getting metadata
+        let metadata = wasm_get_metadata(rln_instance).unwrap();
+
+        assert_eq!(metadata.to_vec(), test_metadata.to_vec());
+    }
 }

rln/Cargo.toml

@@ -1,11 +1,16 @@
 [package]
 name = "rln"
-version = "0.1.0"
+version = "0.4.1"
 edition = "2021"
 license = "MIT OR Apache-2.0"
+description = "APIs to manage, compute and verify zkSNARK proofs and RLN primitives"
+documentation = "https://github.com/vacp2p/zerokit"
+homepage = "https://vac.dev"
+repository = "https://github.com/vacp2p/zerokit"
 
 [lib]
 crate-type = ["rlib", "staticlib"]
+bench = false
 
 # This flag disable cargo doctests, i.e. testing example code-snippets in documentation
 doctest = false
@@ -20,33 +25,34 @@ ark-bn254 = { version = "=0.4.0" }
 ark-groth16 = { version = "=0.4.0", features = ["parallel"], default-features = false }
 ark-relations = { version = "=0.4.0", default-features = false, features = [ "std" ] }
 ark-serialize = { version = "=0.4.1", default-features = false }
-ark-circom = { git = "https://github.com/gakonst/ark-circom", default-features = false, features = ["circom-2"] }
+ark-circom = { version = "=0.1.0", default-features = false, features = ["circom-2"] }
 
 # WASM
-wasmer = { version = "2.3.0", default-features = false }
+wasmer = { version = "=2.3.0", default-features = false }
 
 # error handling
 color-eyre = "=0.6.2"
-thiserror = "=1.0.38"
+thiserror = "=1.0.39"
 
 # utilities
 cfg-if = "=1.0"
 num-bigint = { version = "=0.4.3", default-features = false, features = ["rand"] }
-num-traits = "0.2.11"
-once_cell = "1.14.0"
+num-traits = "=0.2.15"
+once_cell = "=1.17.1"
 rand = "=0.8.5"
 rand_chacha = "=0.3.1"
 tiny-keccak = { version = "=2.0.2", features = ["keccak"] }
-utils = { path = "../utils/", default-features = false }
+utils = { package = "zerokit_utils", version = "=0.4.1", path = "../utils/", default-features = false }
 
 # serialization
-serde_json = "1.0.48"
-serde = { version = "1.0.130", features = ["derive"] }
+serde_json = "=1.0.96"
+serde = { version = "=1.0.163", features = ["derive"] }
 
 include_dir = "=0.7.3"
 
 [dev-dependencies]
 sled = "=0.34.7"
+criterion = { version = "=0.4.0", features = ["html_reports"] }
 
 [features]
 default = ["parallel", "wasmer/sys-default", "pmtree-ft"]
@@ -56,3 +62,7 @@ fullmerkletree = ["default"]
 
 # Note: pmtree feature is still experimental
 pmtree-ft = ["utils/pmtree-ft"]
+
+[[bench]]
+name = "pmtree_benchmark"
+harness = false

rln/Makefile.toml

@@ -5,3 +5,7 @@ args = ["build", "--release"]
 [tasks.test]
 command = "cargo"
 args = ["test", "--release"]
+
+[tasks.bench]
+command = "cargo"
+args = ["bench"]

rln/README.md

@@ -56,7 +56,7 @@ However, if `N` is too big, this might require a bigger Powers of Tau ceremony t
 In such case we refer to the official [Circom documentation](https://docs.circom.io/getting-started/proving-circuits/#powers-of-tau) for instructions on how to run an appropriate Powers of Tau ceremony and Phase 2 in order to compile the desired circuit.
 
 
-Currently, the `rln` module comes with three [pre-compiled](https://github.com/vacp2p/zerokit/tree/master/rln/resources) RLN circuits having Merkle tree of height `15`, `19` and `20`, respectively.
+Currently, the `rln` module comes with 2 [pre-compiled](https://github.com/vacp2p/zerokit/tree/master/rln/resources) RLN circuits having Merkle tree of height `20` and `32`, respectively.
 
 ## Getting started
 
@@ -102,18 +102,20 @@ let mut buffer = Cursor::new(Vec::<u8>::new());
 rln.key_gen(&mut buffer).unwrap();
 
 // We deserialize the keygen output to obtain
-// the identiy_secret and id_commitment
+// the identity_secret and id_commitment
 let (identity_secret_hash, id_commitment) = deserialize_identity_pair(buffer.into_inner());
 ```
 
-### Add ID commitment to the RLN Merkle tree
+### Add Rate commitment to the RLN Merkle tree
 
 ```rust
 // We define the tree index where id_commitment will be added
 let id_index = 10;
+let user_message_limit = 10;
 
 // We serialize id_commitment and pass it to set_leaf
-let mut buffer = Cursor::new(serialize_field_element(id_commitment));
+let rate_commitment = poseidon_hash(&[id_commitment, user_message_limit]);
+let mut buffer = Cursor::new(serialize_field_element(rate_commitment));
 rln.set_leaf(id_index, &mut buffer).unwrap();
 ```
 
@@ -141,11 +143,11 @@ let signal = b"RLN is awesome";
 
 We prepare the input to the proof generation routine. 
 
-Input buffer is serialized as `[ identity_key | id_index | epoch | signal_len | signal ]`.
+Input buffer is serialized as `[ identity_key | id_index | epoch | rln_identifier | user_message_limit | message_id | signal_len | signal ]`.
 
 ```rust
 // We prepare input to the proof generation routine
-let proof_input = prepare_prove_input(identity_secret_hash, id_index, epoch, signal);
+let proof_input = prepare_prove_input(identity_secret_hash, id_index, epoch, rln_identifier, user_message_limit, message_id, signal);
 ```
 
 We are now ready to generate a RLN ZK proof along with the _public outputs_ of the ZK circuit evaluation.

rln/benches/pmtree_benchmark.rs

@@ -0,0 +1,44 @@
+use criterion::{criterion_group, criterion_main, Criterion};
+use utils::ZerokitMerkleTree;
+
+use rln::{circuit::Fr, pm_tree_adapter::PmTree};
+
+pub fn pmtree_benchmark(c: &mut Criterion) {
+    let mut tree = PmTree::default(2).unwrap();
+
+    let leaves: Vec<Fr> = (0..4).map(|s| Fr::from(s)).collect();
+
+    c.bench_function("Pmtree::set", |b| {
+        b.iter(|| {
+            tree.set(0, leaves[0]).unwrap();
+        })
+    });
+
+    c.bench_function("Pmtree:delete", |b| {
+        b.iter(|| {
+            tree.delete(0).unwrap();
+        })
+    });
+
+    c.bench_function("Pmtree::override_range", |b| {
+        b.iter(|| {
+            tree.override_range(0, leaves.clone(), [0, 1, 2, 3])
+                .unwrap();
+        })
+    });
+
+    c.bench_function("Pmtree::compute_root", |b| {
+        b.iter(|| {
+            tree.compute_root().unwrap();
+        })
+    });
+
+    c.bench_function("Pmtree::get", |b| {
+        b.iter(|| {
+            tree.get(0).unwrap();
+        })
+    });
+}
+
+criterion_group!(benches, pmtree_benchmark);
+criterion_main!(benches);

rln/resources/tree_height_15/verification_key.json

@@ -1,119 +0,0 @@
-{
- "protocol": "groth16",
- "curve": "bn128",
- "nPublic": 6,
- "vk_alpha_1": [
-  "20124996762962216725442980738609010303800849578410091356605067053491763969391",
-  "9118593021526896828671519912099489027245924097793322973632351264852174143923",
-  "1"
- ],
- "vk_beta_2": [
-  [
-   "4693952934005375501364248788849686435240706020501681709396105298107971354382",
-   "14346958885444710485362620645446987998958218205939139994511461437152241966681"
-  ],
-  [
-   "16851772916911573982706166384196538392731905827088356034885868448550849804972",
-   "823612331030938060799959717749043047845343400798220427319188951998582076532"
-  ],
-  [
-   "1",
-   "0"
-  ]
- ],
- "vk_gamma_2": [
-  [
-   "10857046999023057135944570762232829481370756359578518086990519993285655852781",
-   "11559732032986387107991004021392285783925812861821192530917403151452391805634"
-  ],
-  [
-   "8495653923123431417604973247489272438418190587263600148770280649306958101930",
-   "4082367875863433681332203403145435568316851327593401208105741076214120093531"
-  ],
-  [
-   "1",
-   "0"
-  ]
- ],
- "vk_delta_2": [
-  [
-   "1361919643088555407518565462732544232965454074504004321739078395285189557133",
-   "20823246840633598579879223919854294301857184404415306521912631074982696570306"
-  ],
-  [
-   "7088590198103342249937795923142619828109070290720888704402714617857746884833",
-   "8191367139632195506244169264298620546181137131063303219908889318280111188437"
-  ],
-  [
-   "1",
-   "0"
-  ]
- ],
- "vk_alphabeta_12": [
-  [
-   [
-    "12608968655665301215455851857466367636344427685631271961542642719683786103711",
-    "9849575605876329747382930567422916152871921500826003490242628251047652318086"
-   ],
-   [
-    "6322029441245076030714726551623552073612922718416871603535535085523083939021",
-    "8700115492541474338049149013125102281865518624059015445617546140629435818912"
-   ],
-   [
-    "10674973475340072635573101639867487770811074181475255667220644196793546640210",
-    "2926286967251299230490668407790788696102889214647256022788211245826267484824"
-   ]
-  ],
-  [
-   [
-    "9660441540778523475944706619139394922744328902833875392144658911530830074820",
-    "19548113127774514328631808547691096362144426239827206966690021428110281506546"
-   ],
-   [
-    "1870837942477655969123169532603615788122896469891695773961478956740992497097",
-    "12536105729661705698805725105036536744930776470051238187456307227425796690780"
-   ],
-   [
-    "21811903352654147452884857281720047789720483752548991551595462057142824037334",
-    "19021616763967199151052893283384285352200445499680068407023236283004353578353"
-   ]
-  ]
- ],
- "IC": [
-  [
-   "17643142412395322664866141827318671249236739056291610144830020671604112279111",
-   "13273439661778801509295280274403992505521239023074387826870538372514206268318",
-   "1"
-  ],
-  [
-   "12325966053136615826793633393742326952102053533176311103856731330114882211366",
-   "6439956820140153832120005353467272867287237423425778281905068783317736451260",
-   "1"
-  ],
-  [
-   "20405310272367450124741832665322768131899487413829191383721623069139009993137",
-   "21336772016824870564600007750206596010566056069977718959140462128560786193566",
-   "1"
-  ],
-  [
-   "4007669092231576644992949839487535590075070172447826102934640178940614212519",
-   "7597503385395289202372182678960254605827199004598882158153019657732525465207",
-   "1"
-  ],
-  [
-   "4545695279389338758267531646940033299700127241196839077811942492841603458462",
-   "6635771967009274882904456432128877995932122611166121203658485990305433499873",
-   "1"
-  ],
-  [
-   "7876954805169515500747828488548350352651069599547377092970620945851311591012",
-   "7571431725691513008054581132582771105743462534789373657638701712901679323321",
-   "1"
-  ],
-  [
-   "5563973122249220346301217166900152021860462617567141574881706390202619333219",
-   "5147729144109676590873823097632042430451708874867871369293332620382492068692",
-   "1"
-  ]
- ]
-}

rln/resources/tree_height_19/verification_key.json

@@ -1,119 +0,0 @@
-{
- "protocol": "groth16",
- "curve": "bn128",
- "nPublic": 6,
- "vk_alpha_1": [
-  "20124996762962216725442980738609010303800849578410091356605067053491763969391",
-  "9118593021526896828671519912099489027245924097793322973632351264852174143923",
-  "1"
- ],
- "vk_beta_2": [
-  [
-   "4693952934005375501364248788849686435240706020501681709396105298107971354382",
-   "14346958885444710485362620645446987998958218205939139994511461437152241966681"
-  ],
-  [
-   "16851772916911573982706166384196538392731905827088356034885868448550849804972",
-   "823612331030938060799959717749043047845343400798220427319188951998582076532"
-  ],
-  [
-   "1",
-   "0"
-  ]
- ],
- "vk_gamma_2": [
-  [
-   "10857046999023057135944570762232829481370756359578518086990519993285655852781",
-   "11559732032986387107991004021392285783925812861821192530917403151452391805634"
-  ],
-  [
-   "8495653923123431417604973247489272438418190587263600148770280649306958101930",
-   "4082367875863433681332203403145435568316851327593401208105741076214120093531"
-  ],
-  [
-   "1",
-   "0"
-  ]
- ],
- "vk_delta_2": [
-  [
-   "16125279975606773676640811113051624654121459921695914044301154938920321009721",
-   "14844345250267029614093295465313288254479124604567709177260777529651293576873"
-  ],
-  [
-   "20349277326920398483890518242229158117668855310237215044647746783223259766294",
-   "19338776107510040969200058390413661029003750817172740054990168933780935479540"
-  ],
-  [
-   "1",
-   "0"
-  ]
- ],
- "vk_alphabeta_12": [
-  [
-   [
-    "12608968655665301215455851857466367636344427685631271961542642719683786103711",
-    "9849575605876329747382930567422916152871921500826003490242628251047652318086"
-   ],
-   [
-    "6322029441245076030714726551623552073612922718416871603535535085523083939021",
-    "8700115492541474338049149013125102281865518624059015445617546140629435818912"
-   ],
-   [
-    "10674973475340072635573101639867487770811074181475255667220644196793546640210",
-    "2926286967251299230490668407790788696102889214647256022788211245826267484824"
-   ]
-  ],
-  [
-   [
-    "9660441540778523475944706619139394922744328902833875392144658911530830074820",
-    "19548113127774514328631808547691096362144426239827206966690021428110281506546"
-   ],
-   [
-    "1870837942477655969123169532603615788122896469891695773961478956740992497097",
-    "12536105729661705698805725105036536744930776470051238187456307227425796690780"
-   ],
-   [
-    "21811903352654147452884857281720047789720483752548991551595462057142824037334",
-    "19021616763967199151052893283384285352200445499680068407023236283004353578353"
-   ]
-  ]
- ],
- "IC": [
-  [
-   "5645604624116784480262312750033349186912223090668673154853165165224747369512",
-   "5656337658385597582701340925622307146226708710361427687425735166776477641124",
-   "1"
-  ],
-  [
-   "8216930132302312821663833393171053651364962198587857550991047765311607638330",
-   "19934865864074163318938688021560358348660709566570123384268356491416384822148",
-   "1"
-  ],
-  [
-   "11046959016591768534564223076484566731774575511709349452804727872479525392631",
-   "9401797690410912638766111919371607085248054251975419812613989999345815833269",
-   "1"
-  ],
-  [
-   "13216594148914395028254776738842380005944817065680915990743659996725367876414",
-   "11541283802841111343960351782994043892623551381569479006737253908665900144087",
-   "1"
-  ],
-  [
-   "6957074593219251760608960101283708711892008557897337713430173510328411964571",
-   "21673833055087220750009279957462375662312260098732685145862504142183400549467",
-   "1"
-  ],
-  [
-   "20795071270535109448604057031148356571036039566776607847840379441839742201050",
-   "21654952744643117202636583766828639581880877547772465264383291983528268115687",
-   "1"
-  ],
-  [
-   "19143058772755719660075704757531991493801758701561469885274062297246796623789",
-   "3996020163280925980543600106196205910576345230982361007978823537163123181007",
-   "1"
-  ]
- ]
-}

rln/resources/tree_height_20/verification_key.json

@@ -1,20 +1,20 @@
 {
  "protocol": "groth16",
  "curve": "bn128",
- "nPublic": 6,
+ "nPublic": 5,
  "vk_alpha_1": [
-  "20124996762962216725442980738609010303800849578410091356605067053491763969391",
-  "9118593021526896828671519912099489027245924097793322973632351264852174143923",
+  "20491192805390485299153009773594534940189261866228447918068658471970481763042",
+  "9383485363053290200918347156157836566562967994039712273449902621266178545958",
   "1"
  ],
  "vk_beta_2": [
   [
-   "4693952934005375501364248788849686435240706020501681709396105298107971354382",
-   "14346958885444710485362620645446987998958218205939139994511461437152241966681"
+   "6375614351688725206403948262868962793625744043794305715222011528459656738731",
+   "4252822878758300859123897981450591353533073413197771768651442665752259397132"
   ],
   [
-   "16851772916911573982706166384196538392731905827088356034885868448550849804972",
-   "823612331030938060799959717749043047845343400798220427319188951998582076532"
+   "10505242626370262277552901082094356697409835680220590971873171140371331206856",
+   "21847035105528745403288232691147584728191162732299865338377159692350059136679"
   ],
   [
    "1",
@@ -37,12 +37,12 @@
  ],
  "vk_delta_2": [
   [
-   "8353516066399360694538747105302262515182301251524941126222712285088022964076",
-   "9329524012539638256356482961742014315122377605267454801030953882967973561832"
+   "17077735495685170943380938230836408503627170115414840315502244846025577589191",
+   "14030085636943255545683322474441991939484590437387381169642530788494152024614"
   ],
   [
-   "16805391589556134376869247619848130874761233086443465978238468412168162326401",
-   "10111259694977636294287802909665108497237922060047080343914303287629927847739"
+   "11568745146423307387256571230823432454624378106569286849514884592874522611163",
+   "1838524899938769516485895655063198583192139511330418290063560641219523306282"
   ],
   [
    "1",
@@ -52,67 +52,62 @@
  "vk_alphabeta_12": [
   [
    [
-    "12608968655665301215455851857466367636344427685631271961542642719683786103711",
-    "9849575605876329747382930567422916152871921500826003490242628251047652318086"
+    "2029413683389138792403550203267699914886160938906632433982220835551125967885",
+    "21072700047562757817161031222997517981543347628379360635925549008442030252106"
    ],
    [
-    "6322029441245076030714726551623552073612922718416871603535535085523083939021",
-    "8700115492541474338049149013125102281865518624059015445617546140629435818912"
+    "5940354580057074848093997050200682056184807770593307860589430076672439820312",
+    "12156638873931618554171829126792193045421052652279363021382169897324752428276"
    ],
    [
-    "10674973475340072635573101639867487770811074181475255667220644196793546640210",
-    "2926286967251299230490668407790788696102889214647256022788211245826267484824"
+    "7898200236362823042373859371574133993780991612861777490112507062703164551277",
+    "7074218545237549455313236346927434013100842096812539264420499035217050630853"
    ]
   ],
   [
    [
-    "9660441540778523475944706619139394922744328902833875392144658911530830074820",
-    "19548113127774514328631808547691096362144426239827206966690021428110281506546"
+    "7077479683546002997211712695946002074877511277312570035766170199895071832130",
+    "10093483419865920389913245021038182291233451549023025229112148274109565435465"
    ],
    [
-    "1870837942477655969123169532603615788122896469891695773961478956740992497097",
-    "12536105729661705698805725105036536744930776470051238187456307227425796690780"
+    "4595479056700221319381530156280926371456704509942304414423590385166031118820",
+    "19831328484489333784475432780421641293929726139240675179672856274388269393268"
    ],
    [
-    "21811903352654147452884857281720047789720483752548991551595462057142824037334",
-    "19021616763967199151052893283384285352200445499680068407023236283004353578353"
+    "11934129596455521040620786944827826205713621633706285934057045369193958244500",
+    "8037395052364110730298837004334506829870972346962140206007064471173334027475"
    ]
   ]
  ],
  "IC": [
   [
-   "11992897507809711711025355300535923222599547639134311050809253678876341466909",
-   "17181525095924075896332561978747020491074338784673526378866503154966799128110",
+   "4920513730204767532050733107749276406754520419375654722016092399980613788208",
+   "10950491564509418434657706642388934308456795265036074733953533582377584967294",
    "1"
   ],
   [
-   "17018665030246167677911144513385572506766200776123272044534328594850561667818",
-   "18601114175490465275436712413925513066546725461375425769709566180981674884464",
+   "6815064660695497986531118446154820702646540722664044216580897159556261271171",
+   "17838140936832571103329556013529166877877534025488014783346458943575275015438",
    "1"
   ],
   [
-   "18799470100699658367834559797874857804183288553462108031963980039244731716542",
-   "13064227487174191981628537974951887429496059857753101852163607049188825592007",
+   "16364982450206976302246609763791333525052810246590359380676749324389440643932",
+   "17092624338100676284548565502349491320314889021833923882585524649862570629227",
    "1"
   ],
   [
-   "17432501889058124609368103715904104425610382063762621017593209214189134571156",
-   "13406815149699834788256141097399354592751313348962590382887503595131085938635",
+   "3679639231485547795420532910726924727560917141402837495597760107842698404034",
+   "16213191511474848247596810551723578773353083440353745908057321946068926848382",
    "1"
   ],
   [
-   "10320964835612716439094703312987075811498239445882526576970512041988148264481",
-   "9024164961646353611176283204118089412001502110138072989569118393359029324867",
+   "9215428431027260354679105025212521481930206886203677270216204485256690813172",
+   "934602510541226149881779979217731465262250233587980565969044391353665291792",
    "1"
   ],
   [
-   "718355081067365548229685160476620267257521491773976402837645005858953849298",
-   "14635482993933988261008156660773180150752190597753512086153001683711587601974",
-   "1"
-  ],
-  [
-   "11777720285956632126519898515392071627539405001940313098390150593689568177535",
-   "8483603647274280691250972408211651407952870456587066148445913156086740744515",
+   "8935861545794299876685457331391349387048184820319250771243971382360441890897",
+   "4993459033694759724715904486381952906869986989682015547152342336961693234616",
    "1"
   ]
  ]

rln/resources/tree_height_32/verification_key.json

@@ -0,0 +1,114 @@
+{
+ "protocol": "groth16",
+ "curve": "bn128",
+ "nPublic": 5,
+ "vk_alpha_1": [
+  "20491192805390485299153009773594534940189261866228447918068658471970481763042",
+  "9383485363053290200918347156157836566562967994039712273449902621266178545958",
+  "1"
+ ],
+ "vk_beta_2": [
+  [
+   "6375614351688725206403948262868962793625744043794305715222011528459656738731",
+   "4252822878758300859123897981450591353533073413197771768651442665752259397132"
+  ],
+  [
+   "10505242626370262277552901082094356697409835680220590971873171140371331206856",
+   "21847035105528745403288232691147584728191162732299865338377159692350059136679"
+  ],
+  [
+   "1",
+   "0"
+  ]
+ ],
+ "vk_gamma_2": [
+  [
+   "10857046999023057135944570762232829481370756359578518086990519993285655852781",
+   "11559732032986387107991004021392285783925812861821192530917403151452391805634"
+  ],
+  [
+   "8495653923123431417604973247489272438418190587263600148770280649306958101930",
+   "4082367875863433681332203403145435568316851327593401208105741076214120093531"
+  ],
+  [
+   "1",
+   "0"
+  ]
+ ],
+ "vk_delta_2": [
+  [
+   "3689226096868373144622340732612563195789744807442014147637039988348252818659",
+   "18947459102520510468597269280688700807407684209892273827108603062925288762423"
+  ],
+  [
+   "5816405977664254142436796931495067997250259145480168934320978750042633353708",
+   "14555486789839131710516067578112557185806110684461247253491378577062852578892"
+  ],
+  [
+   "1",
+   "0"
+  ]
+ ],
+ "vk_alphabeta_12": [
+  [
+   [
+    "2029413683389138792403550203267699914886160938906632433982220835551125967885",
+    "21072700047562757817161031222997517981543347628379360635925549008442030252106"
+   ],
+   [
+    "5940354580057074848093997050200682056184807770593307860589430076672439820312",
+    "12156638873931618554171829126792193045421052652279363021382169897324752428276"
+   ],
+   [
+    "7898200236362823042373859371574133993780991612861777490112507062703164551277",
+    "7074218545237549455313236346927434013100842096812539264420499035217050630853"
+   ]
+  ],
+  [
+   [
+    "7077479683546002997211712695946002074877511277312570035766170199895071832130",
+    "10093483419865920389913245021038182291233451549023025229112148274109565435465"
+   ],
+   [
+    "4595479056700221319381530156280926371456704509942304414423590385166031118820",
+    "19831328484489333784475432780421641293929726139240675179672856274388269393268"
+   ],
+   [
+    "11934129596455521040620786944827826205713621633706285934057045369193958244500",
+    "8037395052364110730298837004334506829870972346962140206007064471173334027475"
+   ]
+  ]
+ ],
+ "IC": [
+  [
+   "5412646265162057015134786739992128493053406364679846617542694915593022919217",
+   "9665511386935901867415947590751330959748921059696950821222365265700369811120",
+   "1"
+  ],
+  [
+   "4294362651275803035824711662252687124584574009834787359330648404293309808795",
+   "1861758671717754835450145961645465880215655915164196594175485865489885224285",
+   "1"
+  ],
+  [
+   "1911114017568107170522785254288953144010421698038439931935418407428234018676",
+   "13761363892532562822351086117281964648116890138564516558345965908415019790129",
+   "1"
+  ],
+  [
+   "16312980235585837964428386585067529342038135099260965575497230302984635878053",
+   "20286500347141875536561618770383759234192052027362539966911091298688849002783",
+   "1"
+  ],
+  [
+   "21038649368092225315431823433752123495654049075935052064397443455654061176031",
+   "6976971039866104284556300526186000690370678593992968176463280189048347216392",
+   "1"
+  ],
+  [
+   "971745799362951123575710699973701411260115357326598060711339429906895409324",
+   "12959821343398475313407440786226277845673045139874184400082186049649123071798",
+   "1"
+  ]
+ ]
+}

rln/src/circuit.rs

@@ -30,12 +30,11 @@ const VK_FILENAME: &str = "verification_key.json";
 const WASM_FILENAME: &str = "rln.wasm";
 
 // These parameters are used for tests
-// Note that the circuit and keys in TEST_RESOURCES_FOLDER are compiled for Merkle trees of height 15, 19 and 20
+// Note that the circuit and keys in TEST_RESOURCES_FOLDER are compiled for Merkle trees of height 20 & 32
 // Changing these parameters to other values than these defaults will cause zkSNARK proof verification to fail
-pub const TEST_PARAMETERS_INDEX: usize = 2;
-pub const TEST_TREE_HEIGHT: usize = [15, 19, 20][TEST_PARAMETERS_INDEX];
-pub const TEST_RESOURCES_FOLDER: &str =
-    ["tree_height_15", "tree_height_19", "tree_height_20"][TEST_PARAMETERS_INDEX];
+pub const TEST_PARAMETERS_INDEX: usize = 0;
+pub const TEST_TREE_HEIGHT: usize = [20, 32][TEST_PARAMETERS_INDEX];
+pub const TEST_RESOURCES_FOLDER: &str = ["tree_height_20", "tree_height_32"][TEST_PARAMETERS_INDEX];
 
 #[cfg(not(target_arch = "wasm32"))]
 static RESOURCES_DIR: Dir<'_> = include_dir!("$CARGO_MANIFEST_DIR/resources");

rln/src/ffi.rs

@@ -12,7 +12,15 @@ macro_rules! call {
     ($instance:expr, $method:ident $(, $arg:expr)*) => {
         {
             let new_instance: &mut RLN = $instance.process();
-            new_instance.$method($($arg.process()),*).is_ok()
+            match new_instance.$method($($arg.process()),*) {
+                Ok(()) => {
+                    true
+                }
+                Err(err) => {
+                    eprintln!("execution error: {err}");
+                    false
+                }
+            }
         }
     }
 }
@@ -30,13 +38,17 @@ macro_rules! call_with_output_arg {
         {
             let mut output_data: Vec<u8> = Vec::new();
             let new_instance = $instance.process();
-            if new_instance.$method(&mut output_data).is_ok() {
-                unsafe { *$output_arg = Buffer::from(&output_data[..]) };
-                std::mem::forget(output_data);
-                true
-            } else {
-                std::mem::forget(output_data);
-                false
+            match new_instance.$method(&mut output_data) {
+                Ok(()) => {
+                    unsafe { *$output_arg = Buffer::from(&output_data[..]) };
+                    std::mem::forget(output_data);
+                    true
+                }
+                Err(err) => {
+                    std::mem::forget(output_data);
+                    eprintln!("execution error: {err}");
+                    false
+                }
             }
         }
     };
@@ -44,13 +56,17 @@ macro_rules! call_with_output_arg {
         {
             let mut output_data: Vec<u8> = Vec::new();
             let new_instance = $instance.process();
-            if new_instance.$method($($arg.process()),*, &mut output_data).is_ok() {
-                unsafe { *$output_arg = Buffer::from(&output_data[..]) };
-                std::mem::forget(output_data);
-                true
-            } else {
-                std::mem::forget(output_data);
-                false
+            match new_instance.$method($($arg.process()),*, &mut output_data) {
+                Ok(()) => {
+                    unsafe { *$output_arg = Buffer::from(&output_data[..]) };
+                    std::mem::forget(output_data);
+                    true
+                }
+                Err(err) => {
+                    std::mem::forget(output_data);
+                    eprintln!("execution error: {err}");
+                    false
+                }
             }
         }
     };
@@ -66,13 +82,17 @@ macro_rules! no_ctx_call_with_output_arg {
     ($method:ident, $output_arg:expr, $( $arg:expr ),* ) => {
         {
             let mut output_data: Vec<u8> = Vec::new();
-            if $method($($arg.process()),*, &mut output_data).is_ok() {
-                unsafe { *$output_arg = Buffer::from(&output_data[..]) };
-                std::mem::forget(output_data);
-                true
-            } else {
-                std::mem::forget(output_data);
-                false
+            match $method($($arg.process()),*, &mut output_data) {
+                Ok(()) => {
+                    unsafe { *$output_arg = Buffer::from(&output_data[..]) };
+                    std::mem::forget(output_data);
+                    true
+                }
+                Err(err) => {
+                    std::mem::forget(output_data);
+                    eprintln!("execution error: {err}");
+                    false
+                }
             }
         }
     }
@@ -89,8 +109,11 @@ macro_rules! call_with_bool_arg {
         {
             let new_instance = $instance.process();
             if match new_instance.$method($($arg.process()),*,) {
-                Ok(verified) => verified,
-                Err(_) => return false,
+                Ok(result) => result,
+                Err(err) => {
+                    eprintln!("execution error: {err}");
+                    return false
+                },
             } {
                 unsafe { *$bool_arg = true };
             } else {
@@ -171,11 +194,15 @@ impl<'a> From<&Buffer> for &'a [u8] {
 #[allow(clippy::not_unsafe_ptr_arg_deref)]
 #[no_mangle]
 pub extern "C" fn new(tree_height: usize, input_buffer: *const Buffer, ctx: *mut *mut RLN) -> bool {
-    if let Ok(rln) = RLN::new(tree_height, input_buffer.process()) {
-        unsafe { *ctx = Box::into_raw(Box::new(rln)) };
-        true
-    } else {
-        false
+    match RLN::new(tree_height, input_buffer.process()) {
+        Ok(rln) => {
+            unsafe { *ctx = Box::into_raw(Box::new(rln)) };
+            true
+        }
+        Err(err) => {
+            eprintln!("could not instantiate rln: {err}");
+            false
+        }
     }
 }
 
@@ -186,18 +213,24 @@ pub extern "C" fn new_with_params(
     circom_buffer: *const Buffer,
     zkey_buffer: *const Buffer,
     vk_buffer: *const Buffer,
+    tree_config: *const Buffer,
     ctx: *mut *mut RLN,
 ) -> bool {
-    if let Ok(rln) = RLN::new_with_params(
+    match RLN::new_with_params(
         tree_height,
         circom_buffer.process().to_vec(),
         zkey_buffer.process().to_vec(),
         vk_buffer.process().to_vec(),
+        tree_config.process(),
     ) {
-        unsafe { *ctx = Box::into_raw(Box::new(rln)) };
-        true
-    } else {
-        false
+        Ok(rln) => {
+            unsafe { *ctx = Box::into_raw(Box::new(rln)) };
+            true
+        }
+        Err(err) => {
+            eprintln!("could not instantiate rln: {err}");
+            false
+        }
     }
 }
 
@@ -222,6 +255,12 @@ pub extern "C" fn set_leaf(ctx: *mut RLN, index: usize, input_buffer: *const Buf
     call!(ctx, set_leaf, index, input_buffer)
 }
 
+#[allow(clippy::not_unsafe_ptr_arg_deref)]
+#[no_mangle]
+pub extern "C" fn get_leaf(ctx: *mut RLN, index: usize, output_buffer: *mut Buffer) -> bool {
+    call_with_output_arg!(ctx, get_leaf, output_buffer, index)
+}
+
 #[allow(clippy::not_unsafe_ptr_arg_deref)]
 #[no_mangle]
 pub extern "C" fn set_next_leaf(ctx: *mut RLN, input_buffer: *const Buffer) -> bool {
@@ -379,6 +418,28 @@ pub extern "C" fn recover_id_secret(
     )
 }
 
+////////////////////////////////////////////////////////
+// Persistent metadata APIs
+////////////////////////////////////////////////////////
+
+#[allow(clippy::not_unsafe_ptr_arg_deref)]
+#[no_mangle]
+pub extern "C" fn set_metadata(ctx: *mut RLN, input_buffer: *const Buffer) -> bool {
+    call!(ctx, set_metadata, input_buffer)
+}
+
+#[allow(clippy::not_unsafe_ptr_arg_deref)]
+#[no_mangle]
+pub extern "C" fn get_metadata(ctx: *const RLN, output_buffer: *mut Buffer) -> bool {
+    call_with_output_arg!(ctx, get_metadata, output_buffer)
+}
+
+#[allow(clippy::not_unsafe_ptr_arg_deref)]
+#[no_mangle]
+pub extern "C" fn flush(ctx: *mut RLN) -> bool {
+    call!(ctx, flush)
+}
+
 #[allow(clippy::not_unsafe_ptr_arg_deref)]
 #[no_mangle]
 pub extern "C" fn hash(input_buffer: *const Buffer, output_buffer: *mut Buffer) -> bool {

rln/src/hashers.rs

@@ -1,13 +1,12 @@
-// This crate instantiate the Poseidon hash algorithm
-
+/// This crate instantiates the Poseidon hash algorithm.
 use crate::{circuit::Fr, utils::bytes_le_to_fr};
 use once_cell::sync::Lazy;
 use tiny_keccak::{Hasher, Keccak};
 use utils::poseidon::Poseidon;
 
-// These indexed constants hardcodes the supported round parameters tuples (t, RF, RN, SKIP_MATRICES) for the Bn254 scalar field
-// SKIP_MATRICES is the index of the randomly generated secure MDS matrix. See security note in the zerokit_utils::poseidon::poseidon_constants crate on this.
-// TODO: generate these parameters
+/// These indexed constants hardcode the supported round parameters tuples (t, RF, RN, SKIP_MATRICES) for the Bn254 scalar field.
+/// SKIP_MATRICES is the index of the randomly generated secure MDS matrix.
+/// TODO: generate these parameters
 pub const ROUND_PARAMS: [(usize, usize, usize, usize); 8] = [
     (2, 8, 56, 0),
     (3, 8, 57, 0),
@@ -19,7 +18,7 @@ pub const ROUND_PARAMS: [(usize, usize, usize, usize); 8] = [
     (9, 8, 63, 0),
 ];
 
-// Poseidon Hash wrapper over above implementation. Adapted from semaphore-rs poseidon hash wrapper.
+/// Poseidon Hash wrapper over above implementation.
 static POSEIDON: Lazy<Poseidon<Fr>> = Lazy::new(|| Poseidon::<Fr>::from(&ROUND_PARAMS));
 
 pub fn poseidon_hash(input: &[Fr]) -> Fr {
@@ -28,11 +27,11 @@ pub fn poseidon_hash(input: &[Fr]) -> Fr {
         .expect("hash with fixed input size can't fail")
 }
 
-// The zerokit RLN Merkle tree Hasher
+/// The zerokit RLN Merkle tree Hasher.
 #[derive(Clone, Copy, PartialEq, Eq)]
 pub struct PoseidonHash;
 
-// The default Hasher trait used by Merkle tree implementation in utils
+/// The default Hasher trait used by Merkle tree implementation in utils.
 impl utils::merkle_tree::Hasher for PoseidonHash {
     type Fr = Fr;
 
@@ -45,10 +44,9 @@ impl utils::merkle_tree::Hasher for PoseidonHash {
     }
 }
 
-// Hashes arbitrary signal to the underlying prime field
+/// Hashes arbitrary signal to the underlying prime field.
 pub fn hash_to_field(signal: &[u8]) -> Fr {
     // We hash the input signal using Keccak256
-    // (note that a bigger curve order might require a bigger hash blocksize)
     let mut hash = [0; 32];
     let mut hasher = Keccak::v256();
     hasher.update(signal);

rln/src/pm_tree_adapter.rs

@@ -1,17 +1,23 @@
-use crate::circuit::Fr;
-use crate::hashers::{poseidon_hash, PoseidonHash};
-use crate::utils::{bytes_le_to_fr, fr_to_bytes_le};
-use color_eyre::{Report, Result};
-use serde_json::Value;
-use std::collections::HashSet;
 use std::fmt::Debug;
 use std::path::PathBuf;
 use std::str::FromStr;
-use utils::pmtree::Hasher;
+
+use color_eyre::{Report, Result};
+use serde_json::Value;
+
+use utils::pmtree::{Database, Hasher};
 use utils::*;
 
+use crate::circuit::Fr;
+use crate::hashers::{poseidon_hash, PoseidonHash};
+use crate::utils::{bytes_le_to_fr, fr_to_bytes_le};
+
+const METADATA_KEY: [u8; 8] = *b"metadata";
+
 pub struct PmTree {
     tree: pmtree::MerkleTree<SledDB, PoseidonHash>,
+    // metadata that an application may use to store additional information
+    metadata: Vec<u8>,
 }
 
 pub struct PmTreeProof {
@@ -21,13 +27,9 @@ pub struct PmTreeProof {
 pub type FrOf<H> = <H as Hasher>::Fr;
 
 // The pmtree Hasher trait used by pmtree Merkle tree
-impl pmtree::Hasher for PoseidonHash {
+impl Hasher for PoseidonHash {
     type Fr = Fr;
 
-    fn default_leaf() -> Self::Fr {
-        Fr::from(0)
-    }
-
     fn serialize(value: Self::Fr) -> pmtree::Value {
         fr_to_bytes_le(&value)
     }
@@ -37,12 +39,16 @@ impl pmtree::Hasher for PoseidonHash {
         fr
     }
 
+    fn default_leaf() -> Self::Fr {
+        Fr::from(0)
+    }
+
     fn hash(inputs: &[Self::Fr]) -> Self::Fr {
         poseidon_hash(inputs)
     }
 }
 
-fn get_tmp_path() -> std::path::PathBuf {
+fn get_tmp_path() -> PathBuf {
     std::env::temp_dir().join(format!("pmtree-{}", rand::random::<u64>()))
 }
 
@@ -50,7 +56,7 @@ fn get_tmp() -> bool {
     true
 }
 
-pub struct PmtreeConfig(pm_tree::Config);
+pub struct PmtreeConfig(Config);
 
 impl FromStr for PmtreeConfig {
     type Err = Report;
@@ -58,13 +64,36 @@ impl FromStr for PmtreeConfig {
     fn from_str(s: &str) -> Result<Self> {
         let config: Value = serde_json::from_str(s)?;
 
-        let temporary = config["temporary"].as_bool();
         let path = config["path"].as_str();
         let path = path.map(PathBuf::from);
+        let temporary = config["temporary"].as_bool();
+        let cache_capacity = config["cache_capacity"].as_u64();
+        let flush_every_ms = config["flush_every_ms"].as_u64();
+        let mode = match config["mode"].as_str() {
+            Some("HighThroughput") => Mode::HighThroughput,
+            Some("LowSpace") => Mode::LowSpace,
+            _ => Mode::HighThroughput,
+        };
+        let use_compression = config["use_compression"].as_bool();
 
-        let config = pm_tree::Config::new()
+        if temporary.is_some()
+            && path.is_some()
+            && temporary.unwrap()
+            && path.as_ref().unwrap().exists()
+        {
+            return Err(Report::msg(format!(
+                "Path {:?} already exists, cannot use temporary",
+                path.unwrap()
+            )));
+        }
+
+        let config = Config::new()
             .temporary(temporary.unwrap_or(get_tmp()))
-            .path(path.unwrap_or(get_tmp_path()));
+            .path(path.unwrap_or(get_tmp_path()))
+            .cache_capacity(cache_capacity.unwrap_or(1024 * 1024 * 1024))
+            .flush_every_ms(flush_every_ms)
+            .mode(mode)
+            .use_compression(use_compression.unwrap_or(false));
         Ok(PmtreeConfig(config))
     }
 }
@@ -72,7 +101,15 @@ impl FromStr for PmtreeConfig {
 impl Default for PmtreeConfig {
     fn default() -> Self {
         let tmp_path = get_tmp_path();
-        PmtreeConfig(pm_tree::Config::new().temporary(true).path(tmp_path))
+        PmtreeConfig(
+            Config::new()
+                .temporary(true)
+                .path(tmp_path)
+                .cache_capacity(150_000)
+                .mode(Mode::HighThroughput)
+                .use_compression(false)
+                .flush_every_ms(Some(12_000)),
+        )
     }
 }
 impl Debug for PmtreeConfig {
@@ -104,7 +141,10 @@ impl ZerokitMerkleTree for PmTree {
             Err(_) => pmtree::MerkleTree::new(depth, config.0)?,
         };
 
-        Ok(PmTree { tree })
+        Ok(PmTree {
+            tree,
+            metadata: Vec::new(),
+        })
     }
 
     fn depth(&self) -> usize {
@@ -123,16 +163,16 @@ impl ZerokitMerkleTree for PmTree {
         self.tree.root()
     }
 
+    fn compute_root(&mut self) -> Result<FrOf<Self::Hasher>> {
+        Ok(self.tree.root())
+    }
+
     fn set(&mut self, index: usize, leaf: FrOf<Self::Hasher>) -> Result<()> {
         self.tree
             .set(index, leaf)
             .map_err(|e| Report::msg(e.to_string()))
     }
 
-    fn get(&self, index: usize) -> Result<FrOf<Self::Hasher>> {
-        self.tree.get(index).map_err(|e| Report::msg(e.to_string()))
-    }
-
     fn set_range<I: IntoIterator<Item = FrOf<Self::Hasher>>>(
         &mut self,
         start: usize,
@@ -143,6 +183,10 @@ impl ZerokitMerkleTree for PmTree {
             .map_err(|e| Report::msg(e.to_string()))
     }
 
+    fn get(&self, index: usize) -> Result<FrOf<Self::Hasher>> {
+        self.tree.get(index).map_err(|e| Report::msg(e.to_string()))
+    }
+
     fn override_range<I: IntoIterator<Item = FrOf<Self::Hasher>>, J: IntoIterator<Item = usize>>(
         &mut self,
         start: usize,
@@ -150,33 +194,15 @@ impl ZerokitMerkleTree for PmTree {
         indices: J,
     ) -> Result<()> {
         let leaves = leaves.into_iter().collect::<Vec<_>>();
-        let indices = indices.into_iter().collect::<HashSet<_>>();
-        let end = start + leaves.len();
+        let mut indices = indices.into_iter().collect::<Vec<_>>();
+        indices.sort();
 
-        if leaves.len() + start - indices.len() > self.capacity() {
-            return Err(Report::msg("index out of bounds"));
+        match (leaves.is_empty(), indices.is_empty()) {
+            (true, true) => Err(Report::msg("no leaves or indices to be removed")),
+            (false, true) => self.set_range_with_leaves(start, leaves),
+            (true, false) => self.remove_indices(indices),
+            (false, false) => self.remove_indices_and_set_leaves(start, leaves, indices),
         }
-
-        // extend the range to include indices to be removed
-        let min_index = indices.iter().min().unwrap_or(&start);
-        let max_index = indices.iter().max().unwrap_or(&end);
-
-        let mut new_leaves = Vec::new();
-
-        // insert leaves into new_leaves
-        for i in *min_index..*max_index {
-            if indices.contains(&i) {
-                // insert 0
-                new_leaves.push(Self::Hasher::default_leaf());
-            } else {
-                // insert leaf
-                new_leaves.push(leaves[i - start]);
-            }
-        }
-
-        self.tree
-            .set_range(start, new_leaves)
-            .map_err(|e| Report::msg(e.to_string()))
     }
 
     fn update_next(&mut self, leaf: FrOf<Self::Hasher>) -> Result<()> {
@@ -204,8 +230,87 @@ impl ZerokitMerkleTree for PmTree {
         }
     }
 
-    fn compute_root(&mut self) -> Result<FrOf<Self::Hasher>> {
-        Ok(self.tree.root())
+    fn set_metadata(&mut self, metadata: &[u8]) -> Result<()> {
+        self.tree.db.put(METADATA_KEY, metadata.to_vec())?;
+        self.metadata = metadata.to_vec();
+        Ok(())
+    }
+
+    fn metadata(&self) -> Result<Vec<u8>> {
+        if !self.metadata.is_empty() {
+            return Ok(self.metadata.clone());
+        }
+        // if empty, try searching the db
+        let data = self.tree.db.get(METADATA_KEY)?;
+
+        if data.is_none() {
+            return Err(Report::msg("metadata does not exist"));
+        }
+        Ok(data.unwrap())
+    }
+
+    fn close_db_connection(&mut self) -> Result<()> {
+        self.tree.db.close().map_err(|e| Report::msg(e.to_string()))
+    }
+}
+
+type PmTreeHasher = <PmTree as ZerokitMerkleTree>::Hasher;
+type FrOfPmTreeHasher = FrOf<PmTreeHasher>;
+
+impl PmTree {
+    fn set_range_with_leaves(&mut self, start: usize, leaves: Vec<FrOfPmTreeHasher>) -> Result<()> {
+        self.tree
+            .set_range(start, leaves)
+            .map_err(|e| Report::msg(e.to_string()))
+    }
+
+    fn remove_indices(&mut self, indices: Vec<usize>) -> Result<()> {
+        let start = indices[0];
+        let end = indices.last().unwrap() + 1;
+
+        let mut new_leaves: Vec<_> = (start..end)
+            .map(|i| self.tree.get(i))
+            .collect::<Result<_, _>>()?;
+
+        new_leaves
+            .iter_mut()
+            .take(indices.len())
+            .for_each(|leaf| *leaf = PmTreeHasher::default_leaf());
+
+        self.tree
+            .set_range(start, new_leaves)
+            .map_err(|e| Report::msg(e.to_string()))
+    }
+
+    fn remove_indices_and_set_leaves(
+        &mut self,
+        start: usize,
+        leaves: Vec<FrOfPmTreeHasher>,
+        indices: Vec<usize>,
+    ) -> Result<()> {
+        let min_index = *indices.first().unwrap();
+        let max_index = start + leaves.len();
+
+        // Generated a placeholder with the exact size needed,
+        // Initiated with default values to be overridden throughout the method
+        let mut set_values = vec![PmTreeHasher::default_leaf(); max_index - min_index];
+
+        // If the index is not in indices list, keep the original value
+        for i in min_index..start {
+            if !indices.contains(&i) {
+                let value = self.tree.get(i)?;
+                set_values[i - min_index] = value;
+            }
+        }
+
+        // Insert new leaves after 'start' position
+        for (i, &leaf) in leaves.iter().enumerate() {
+            set_values[start - min_index + i] = leaf;
+        }
+
+        self.tree
+            .set_range(min_index, set_values)
+            .map_err(|e| Report::msg(e.to_string()))
     }
 }
 

rln/src/protocol.rs

@@ -32,11 +32,12 @@ use utils::{ZerokitMerkleProof, ZerokitMerkleTree};
 #[derive(Debug, PartialEq)]
 pub struct RLNWitnessInput {
     identity_secret: Fr,
+    user_message_limit: Fr,
+    message_id: Fr,
     path_elements: Vec<Fr>,
     identity_path_index: Vec<u8>,
     x: Fr,
-    epoch: Fr,
-    rln_identifier: Fr,
+    external_nullifier: Fr,
 }
 
 #[derive(Debug, PartialEq)]
@@ -47,8 +48,7 @@ pub struct RLNProofValues {
     pub root: Fr,
     // Public Inputs:
     pub x: Fr,
-    pub epoch: Fr,
-    pub rln_identifier: Fr,
+    pub external_nullifier: Fr,
 }
 
 pub fn serialize_field_element(element: Fr) -> Vec<u8> {
@@ -90,25 +90,46 @@ pub fn deserialize_identity_tuple(serialized: Vec<u8>) -> (Fr, Fr, Fr, Fr) {
     )
 }
 
+/// Serializes witness
+///
+/// # Errors
+///
+/// Returns an error if `rln_witness.message_id` is not within `rln_witness.user_message_limit`.
 pub fn serialize_witness(rln_witness: &RLNWitnessInput) -> Result<Vec<u8>> {
+    message_id_range_check(&rln_witness.message_id, &rln_witness.user_message_limit)?;
+
     let mut serialized: Vec<u8> = Vec::new();
 
     serialized.append(&mut fr_to_bytes_le(&rln_witness.identity_secret));
+    serialized.append(&mut fr_to_bytes_le(&rln_witness.user_message_limit));
+    serialized.append(&mut fr_to_bytes_le(&rln_witness.message_id));
     serialized.append(&mut vec_fr_to_bytes_le(&rln_witness.path_elements)?);
     serialized.append(&mut vec_u8_to_bytes_le(&rln_witness.identity_path_index)?);
     serialized.append(&mut fr_to_bytes_le(&rln_witness.x));
-    serialized.append(&mut fr_to_bytes_le(&rln_witness.epoch));
-    serialized.append(&mut fr_to_bytes_le(&rln_witness.rln_identifier));
+    serialized.append(&mut fr_to_bytes_le(&rln_witness.external_nullifier));
 
     Ok(serialized)
 }
 
+/// Deserializes witness
+///
+/// # Errors
+///
+/// Returns an error if `message_id` is not within `user_message_limit`.
 pub fn deserialize_witness(serialized: &[u8]) -> Result<(RLNWitnessInput, usize)> {
     let mut all_read: usize = 0;
 
     let (identity_secret, read) = bytes_le_to_fr(&serialized[all_read..]);
     all_read += read;
 
+    let (user_message_limit, read) = bytes_le_to_fr(&serialized[all_read..]);
+    all_read += read;
+
+    let (message_id, read) = bytes_le_to_fr(&serialized[all_read..]);
+    all_read += read;
+
+    message_id_range_check(&message_id, &user_message_limit)?;
+
     let (path_elements, read) = bytes_le_to_vec_fr(&serialized[all_read..])?;
     all_read += read;
 
@@ -118,13 +139,9 @@ pub fn deserialize_witness(serialized: &[u8]) -> Result<(RLNWitnessInput, usize)
     let (x, read) = bytes_le_to_fr(&serialized[all_read..]);
     all_read += read;
 
-    let (epoch, read) = bytes_le_to_fr(&serialized[all_read..]);
+    let (external_nullifier, read) = bytes_le_to_fr(&serialized[all_read..]);
     all_read += read;
 
-    let (rln_identifier, read) = bytes_le_to_fr(&serialized[all_read..]);
-    all_read += read;
-
-    // TODO: check rln_identifier against public::RLN_IDENTIFIER
     if serialized.len() != all_read {
         return Err(Report::msg("serialized length is not equal to all_read"));
     }
@@ -135,8 +152,9 @@ pub fn deserialize_witness(serialized: &[u8]) -> Result<(RLNWitnessInput, usize)
             path_elements,
             identity_path_index,
             x,
-            epoch,
-            rln_identifier,
+            external_nullifier,
+            user_message_limit,
+            message_id,
         },
         all_read,
     ))
@@ -144,7 +162,7 @@ pub fn deserialize_witness(serialized: &[u8]) -> Result<(RLNWitnessInput, usize)
 
 // This function deserializes input for kilic's rln generate_proof public API
 // https://github.com/kilic/rln/blob/7ac74183f8b69b399e3bc96c1ae8ab61c026dc43/src/public.rs#L148
-// input_data is [ identity_secret<32> | id_index<8> | epoch<32> | signal_len<8> | signal<var> ]
+// input_data is [ identity_secret<32> | id_index<8> | user_message_limit<32> | message_id<32> | signal_len<8> | signal<var> ]
 // return value is a rln witness populated according to this information
 pub fn proof_inputs_to_rln_witness(
     tree: &mut PoseidonTree,
@@ -160,7 +178,13 @@ pub fn proof_inputs_to_rln_witness(
     ))?;
     all_read += 8;
 
-    let (epoch, read) = bytes_le_to_fr(&serialized[all_read..]);
+    let (user_message_limit, read) = bytes_le_to_fr(&serialized[all_read..]);
+    all_read += read;
+
+    let (message_id, read) = bytes_le_to_fr(&serialized[all_read..]);
+    all_read += read;
+
+    let (external_nullifier, read) = bytes_le_to_fr(&serialized[all_read..]);
     all_read += read;
 
     let signal_len = usize::try_from(u64::from_le_bytes(
@@ -176,37 +200,47 @@ pub fn proof_inputs_to_rln_witness(
 
     let x = hash_to_field(&signal);
 
-    let rln_identifier = hash_to_field(RLN_IDENTIFIER);
-
     Ok((
         RLNWitnessInput {
             identity_secret,
             path_elements,
             identity_path_index,
+            user_message_limit,
+            message_id,
             x,
-            epoch,
-            rln_identifier,
+            external_nullifier,
         },
         all_read,
     ))
 }
 
+/// Returns `RLNWitnessInput` given a file with JSON serialized values.
+///
+/// # Errors
+///
+/// Returns an error if `message_id` is not within `user_message_limit`.
 pub fn rln_witness_from_json(input_json_str: &str) -> Result<RLNWitnessInput> {
     let input_json: serde_json::Value =
         serde_json::from_str(input_json_str).expect("JSON was not well-formatted");
 
-    let identity_secret = str_to_fr(&input_json["identity_secret"].to_string(), 10)?;
+    let user_message_limit = str_to_fr(&input_json["userMessageLimit"].to_string(), 10)?;
 
-    let path_elements = input_json["path_elements"]
+    let message_id = str_to_fr(&input_json["messageId"].to_string(), 10)?;
+
+    message_id_range_check(&message_id, &user_message_limit)?;
+
+    let identity_secret = str_to_fr(&input_json["identitySecret"].to_string(), 10)?;
+
+    let path_elements = input_json["pathElements"]
         .as_array()
         .ok_or(Report::msg("not an array"))?
         .iter()
         .map(|v| str_to_fr(&v.to_string(), 10))
         .collect::<Result<_>>()?;
 
-    let identity_path_index_array = input_json["identity_path_index"]
+    let identity_path_index_array = input_json["identityPathIndex"]
         .as_array()
-        .ok_or(Report::msg("not an arrray"))?;
+        .ok_or(Report::msg("not an array"))?;
 
     let mut identity_path_index: Vec<u8> = vec![];
 
@@ -216,41 +250,46 @@ pub fn rln_witness_from_json(input_json_str: &str) -> Result<RLNWitnessInput> {
 
     let x = str_to_fr(&input_json["x"].to_string(), 10)?;
 
-    let epoch = str_to_fr(&input_json["epoch"].to_string(), 16)?;
-
-    let rln_identifier = str_to_fr(&input_json["rln_identifier"].to_string(), 10)?;
-
-    // TODO: check rln_identifier against public::RLN_IDENTIFIER
+    let external_nullifier = str_to_fr(&input_json["externalNullifier"].to_string(), 10)?;
 
     Ok(RLNWitnessInput {
         identity_secret,
         path_elements,
         identity_path_index,
         x,
-        epoch,
-        rln_identifier,
+        external_nullifier,
+        user_message_limit,
+        message_id,
     })
 }
 
+/// Creates `RLNWitnessInput` from it's fields.
+///
+/// # Errors
+///
+/// Returns an error if `message_id` is not within `user_message_limit`.
 pub fn rln_witness_from_values(
     identity_secret: Fr,
     merkle_proof: &MerkleProof,
     x: Fr,
-    epoch: Fr,
-    //rln_identifier: Fr,
-) -> RLNWitnessInput {
+    external_nullifier: Fr,
+    user_message_limit: Fr,
+    message_id: Fr,
+) -> Result<RLNWitnessInput> {
+    message_id_range_check(&message_id, &user_message_limit)?;
+
     let path_elements = merkle_proof.get_path_elements();
     let identity_path_index = merkle_proof.get_path_index();
-    let rln_identifier = hash_to_field(RLN_IDENTIFIER);
 
-    RLNWitnessInput {
+    Ok(RLNWitnessInput {
         identity_secret,
         path_elements,
         identity_path_index,
         x,
-        epoch,
-        rln_identifier,
-    }
+        external_nullifier,
+        user_message_limit,
+        message_id,
+    })
 }
 
 pub fn random_rln_witness(tree_height: usize) -> RLNWitnessInput {
@@ -269,21 +308,26 @@ pub fn random_rln_witness(tree_height: usize) -> RLNWitnessInput {
         identity_path_index.push(rng.gen_range(0..2) as u8);
     }
 
+    let user_message_limit = Fr::from(100);
+    let message_id = Fr::from(1);
+
     RLNWitnessInput {
         identity_secret,
         path_elements,
         identity_path_index,
         x,
-        epoch,
-        rln_identifier,
+        external_nullifier: poseidon_hash(&[epoch, rln_identifier]),
+        user_message_limit,
+        message_id,
     }
 }
 
-pub fn proof_values_from_witness(rln_witness: &RLNWitnessInput) -> RLNProofValues {
+pub fn proof_values_from_witness(rln_witness: &RLNWitnessInput) -> Result<RLNProofValues> {
+    message_id_range_check(&rln_witness.message_id, &rln_witness.user_message_limit)?;
+
     // y share
-    let external_nullifier = poseidon_hash(&[rln_witness.epoch, rln_witness.rln_identifier]);
     let a_0 = rln_witness.identity_secret;
-    let a_1 = poseidon_hash(&[a_0, external_nullifier]);
+    let a_1 = poseidon_hash(&[a_0, rln_witness.external_nullifier, rln_witness.message_id]);
     let y = a_0 + rln_witness.x * a_1;
 
     // Nullifier
@@ -292,30 +336,28 @@ pub fn proof_values_from_witness(rln_witness: &RLNWitnessInput) -> RLNProofValue
     // Merkle tree root computations
     let root = compute_tree_root(
         &rln_witness.identity_secret,
+        &rln_witness.user_message_limit,
         &rln_witness.path_elements,
         &rln_witness.identity_path_index,
-        true,
     );
 
-    RLNProofValues {
+    Ok(RLNProofValues {
         y,
         nullifier,
         root,
         x: rln_witness.x,
-        epoch: rln_witness.epoch,
-        rln_identifier: rln_witness.rln_identifier,
-    }
+        external_nullifier: rln_witness.external_nullifier,
+    })
 }
 
 pub fn serialize_proof_values(rln_proof_values: &RLNProofValues) -> Vec<u8> {
     let mut serialized: Vec<u8> = Vec::new();
 
     serialized.append(&mut fr_to_bytes_le(&rln_proof_values.root));
-    serialized.append(&mut fr_to_bytes_le(&rln_proof_values.epoch));
+    serialized.append(&mut fr_to_bytes_le(&rln_proof_values.external_nullifier));
     serialized.append(&mut fr_to_bytes_le(&rln_proof_values.x));
     serialized.append(&mut fr_to_bytes_le(&rln_proof_values.y));
     serialized.append(&mut fr_to_bytes_le(&rln_proof_values.nullifier));
-    serialized.append(&mut fr_to_bytes_le(&rln_proof_values.rln_identifier));
 
     serialized
 }
@@ -328,7 +370,7 @@ pub fn deserialize_proof_values(serialized: &[u8]) -> (RLNProofValues, usize) {
     let (root, read) = bytes_le_to_fr(&serialized[all_read..]);
     all_read += read;
 
-    let (epoch, read) = bytes_le_to_fr(&serialized[all_read..]);
+    let (external_nullifier, read) = bytes_le_to_fr(&serialized[all_read..]);
     all_read += read;
 
     let (x, read) = bytes_le_to_fr(&serialized[all_read..]);
@@ -340,17 +382,13 @@ pub fn deserialize_proof_values(serialized: &[u8]) -> (RLNProofValues, usize) {
     let (nullifier, read) = bytes_le_to_fr(&serialized[all_read..]);
     all_read += read;
 
-    let (rln_identifier, read) = bytes_le_to_fr(&serialized[all_read..]);
-    all_read += read;
-
     (
         RLNProofValues {
             y,
             nullifier,
             root,
             x,
-            epoch,
-            rln_identifier,
+            external_nullifier,
         },
         all_read,
     )
@@ -359,14 +397,14 @@ pub fn deserialize_proof_values(serialized: &[u8]) -> (RLNProofValues, usize) {
 pub fn prepare_prove_input(
     identity_secret: Fr,
     id_index: usize,
-    epoch: Fr,
+    external_nullifier: Fr,
     signal: &[u8],
 ) -> Vec<u8> {
     let mut serialized: Vec<u8> = Vec::new();
 
     serialized.append(&mut fr_to_bytes_le(&identity_secret));
     serialized.append(&mut normalize_usize(id_index));
-    serialized.append(&mut fr_to_bytes_le(&epoch));
+    serialized.append(&mut fr_to_bytes_le(&external_nullifier));
     serialized.append(&mut normalize_usize(signal.len()));
     serialized.append(&mut signal.to_vec());
 
@@ -389,15 +427,13 @@ pub fn prepare_verify_input(proof_data: Vec<u8>, signal: &[u8]) -> Vec<u8> {
 ///////////////////////////////////////////////////////
 
 pub fn compute_tree_root(
-    leaf: &Fr,
+    identity_secret: &Fr,
+    user_message_limit: &Fr,
     path_elements: &[Fr],
     identity_path_index: &[u8],
-    hash_leaf: bool,
 ) -> Fr {
-    let mut root = *leaf;
-    if hash_leaf {
-        root = poseidon_hash(&[root]);
-    }
+    let id_commitment = poseidon_hash(&[*identity_secret]);
+    let mut root = poseidon_hash(&[id_commitment, *user_message_limit]);
 
     for i in 0..identity_path_index.len() {
         if identity_path_index[i] == 0 {
@@ -488,11 +524,7 @@ pub fn extended_seeded_keygen(signal: &[u8]) -> (Fr, Fr, Fr, Fr) {
     )
 }
 
-pub fn compute_id_secret(
-    share1: (Fr, Fr),
-    share2: (Fr, Fr),
-    external_nullifier: Fr,
-) -> Result<Fr, String> {
+pub fn compute_id_secret(share1: (Fr, Fr), share2: (Fr, Fr)) -> Result<Fr, String> {
     // Assuming a0 is the identity secret and a1 = poseidonHash([a0, external_nullifier]),
     // a (x,y) share satisfies the following relation
     // y = a_0 + x * a_1
@@ -506,14 +538,7 @@ pub fn compute_id_secret(
     let a_0 = y1 - x1 * a_1;
 
     // If shares come from the same polynomial, a0 is correctly recovered and a1 = poseidonHash([a0, external_nullifier])
-    let computed_a_1 = poseidon_hash(&[a_0, external_nullifier]);
-
-    if a_1 == computed_a_1 {
-        // We successfully recovered the identity secret
-        Ok(a_0)
-    } else {
-        Err("Cannot recover identity_secret_hash from provided shares".into())
-    }
+    Ok(a_0)
 }
 
 ///////////////////////////////////////////////////////
@@ -594,10 +619,17 @@ pub fn generate_proof_with_witness(
     Ok(proof)
 }
 
+/// Formats inputs for witness calculation
+///
+/// # Errors
+///
+/// Returns an error if `rln_witness.message_id` is not within `rln_witness.user_message_limit`.
 pub fn inputs_for_witness_calculation(
     rln_witness: &RLNWitnessInput,
-) -> Result<[(&str, Vec<BigInt>); 6]> {
-    // We confert the path indexes to field elements
+) -> Result<[(&str, Vec<BigInt>); 7]> {
+    message_id_range_check(&rln_witness.message_id, &rln_witness.user_message_limit)?;
+
+    // We convert the path indexes to field elements
     // TODO: check if necessary
     let mut path_elements = Vec::new();
 
@@ -613,16 +645,20 @@ pub fn inputs_for_witness_calculation(
 
     Ok([
         (
-            "identity_secret",
+            "identitySecret",
             vec![to_bigint(&rln_witness.identity_secret)?],
         ),
-        ("path_elements", path_elements),
-        ("identity_path_index", identity_path_index),
-        ("x", vec![to_bigint(&rln_witness.x)?]),
-        ("epoch", vec![to_bigint(&rln_witness.epoch)?]),
         (
-            "rln_identifier",
-            vec![to_bigint(&rln_witness.rln_identifier)?],
+            "userMessageLimit",
+            vec![to_bigint(&rln_witness.user_message_limit)?],
+        ),
+        ("messageId", vec![to_bigint(&rln_witness.message_id)?]),
+        ("pathElements", path_elements),
+        ("identityPathIndex", identity_path_index),
+        ("x", vec![to_bigint(&rln_witness.x)?]),
+        (
+            "externalNullifier",
+            vec![to_bigint(&rln_witness.external_nullifier)?],
         ),
     ])
 }
@@ -671,7 +707,6 @@ pub fn generate_proof(
     // If in debug mode, we measure and later print time take to compute proof
     #[cfg(debug_assertions)]
     let now = Instant::now();
-
     let proof = Groth16::<_, CircomReduction>::create_proof_with_reduction_and_matrices(
         &proving_key.0,
         r,
@@ -705,8 +740,7 @@ pub fn verify_proof(
         proof_values.root,
         proof_values.nullifier,
         proof_values.x,
-        proof_values.epoch,
-        proof_values.rln_identifier,
+        proof_values.external_nullifier,
     ];
 
     // Check that the proof is valid
@@ -729,7 +763,13 @@ pub fn verify_proof(
 ///
 /// Returns a JSON object containing the inputs necessary to calculate
 /// the witness with CIRCOM on javascript
+///
+/// # Errors
+///
+/// Returns an error if `rln_witness.message_id` is not within `rln_witness.user_message_limit`.
 pub fn get_json_inputs(rln_witness: &RLNWitnessInput) -> Result<serde_json::Value> {
+    message_id_range_check(&rln_witness.message_id, &rln_witness.user_message_limit)?;
+
     let mut path_elements = Vec::new();
 
     for v in rln_witness.path_elements.iter() {
@@ -743,13 +783,23 @@ pub fn get_json_inputs(rln_witness: &RLNWitnessInput) -> Result<serde_json::Valu
         .for_each(|v| identity_path_index.push(BigInt::from(*v).to_str_radix(10)));
 
     let inputs = serde_json::json!({
-        "identity_secret": to_bigint(&rln_witness.identity_secret)?.to_str_radix(10),
-        "path_elements": path_elements,
-        "identity_path_index": identity_path_index,
+        "identitySecret": to_bigint(&rln_witness.identity_secret)?.to_str_radix(10),
+        "userMessageLimit": to_bigint(&rln_witness.user_message_limit)?.to_str_radix(10),
+        "messageId": to_bigint(&rln_witness.message_id)?.to_str_radix(10),
+        "pathElements": path_elements,
+        "identityPathIndex": identity_path_index,
         "x": to_bigint(&rln_witness.x)?.to_str_radix(10),
-        "epoch":  format!("0x{:064x}", to_bigint(&rln_witness.epoch)?),
-        "rln_identifier": to_bigint(&rln_witness.rln_identifier)?.to_str_radix(10),
+        "externalNullifier":  to_bigint(&rln_witness.external_nullifier)?.to_str_radix(10),
     });
 
     Ok(inputs)
 }
+
+pub fn message_id_range_check(message_id: &Fr, user_message_limit: &Fr) -> Result<()> {
+    if message_id > user_message_limit {
+        return Err(color_eyre::Report::msg(
+            "message_id is not within user_message_limit",
+        ));
+    }
+    Ok(())
+}

rln/src/public.rs

@@ -12,10 +12,8 @@ use ark_serialize::{CanonicalDeserialize, CanonicalSerialize, Read, Write};
 use cfg_if::cfg_if;
 use color_eyre::{Report, Result};
 use num_bigint::BigInt;
-use serde_json::{json, Value};
 use std::io::Cursor;
-use std::str::FromStr;
-use utils::{Hasher, ZerokitMerkleProof, ZerokitMerkleTree};
+use utils::{ZerokitMerkleProof, ZerokitMerkleTree};
 
 cfg_if! {
     if #[cfg(not(target_arch = "wasm32"))] {
@@ -23,6 +21,9 @@ cfg_if! {
         use std::sync::Mutex;
         use crate::circuit::{circom_from_folder, vk_from_folder, circom_from_raw, zkey_from_folder, TEST_RESOURCES_FOLDER, TEST_TREE_HEIGHT};
         use ark_circom::WitnessCalculator;
+        use serde_json::{json, Value};
+        use utils::{Hasher};
+        use std::str::FromStr;
     } else {
         use std::marker::*;
     }
@@ -79,18 +80,17 @@ impl RLN<'_> {
         let resources_folder = rln_config["resources_folder"]
             .as_str()
             .unwrap_or(TEST_RESOURCES_FOLDER);
-        let tree_config_opt = rln_config["tree_config"].as_str();
+        let tree_config = rln_config["tree_config"].to_string();
 
         let witness_calculator = circom_from_folder(resources_folder)?;
 
         let proving_key = zkey_from_folder(resources_folder)?;
         let verification_key = vk_from_folder(resources_folder)?;
 
-        let tree_config: <PoseidonTree as ZerokitMerkleTree>::Config = match tree_config_opt {
-            Some(tree_config_str) => {
-                <PoseidonTree as ZerokitMerkleTree>::Config::from_str(tree_config_str)?
-            }
-            None => <PoseidonTree as ZerokitMerkleTree>::Config::default(),
+        let tree_config: <PoseidonTree as ZerokitMerkleTree>::Config = if tree_config.is_empty() {
+            <PoseidonTree as ZerokitMerkleTree>::Config::default()
+        } else {
+            <PoseidonTree as ZerokitMerkleTree>::Config::from_str(&tree_config)?
         };
 
         // We compute a default empty tree
@@ -117,6 +117,7 @@ impl RLN<'_> {
     /// - `circom_vec`: a byte vector containing the ZK circuit (`rln.wasm`) as binary file
     /// - `zkey_vec`: a byte vector containing to the proving key (`rln_final.zkey`) as binary file
     /// - `vk_vec`: a byte vector containing to the verification key (`verification_key.json`) as binary file
+    /// - `tree_config`: a reader for a string containing a json with the merkle tree configuration
     ///
     /// Example:
     /// ```
@@ -134,6 +135,8 @@ impl RLN<'_> {
     ///     let mut buffer = vec![0; metadata.len() as usize];
     ///     file.read_exact(&mut buffer).expect("buffer overflow");
     ///     resources.push(buffer);
+    ///     let tree_config = "{}".to_string();
+    ///     let tree_config_buffer = &Buffer::from(tree_config.as_bytes());
     /// }
     ///
     /// let mut rln = RLN::new_with_params(
@@ -141,11 +144,51 @@ impl RLN<'_> {
     ///     resources[0].clone(),
     ///     resources[1].clone(),
     ///     resources[2].clone(),
+    ///     tree_config_buffer,
     /// );
     /// ```
+    #[cfg(not(target_arch = "wasm32"))]
+    pub fn new_with_params<R: Read>(
+        tree_height: usize,
+        circom_vec: Vec<u8>,
+        zkey_vec: Vec<u8>,
+        vk_vec: Vec<u8>,
+        mut tree_config_input: R,
+    ) -> Result<RLN<'static>> {
+        #[cfg(not(target_arch = "wasm32"))]
+        let witness_calculator = circom_from_raw(circom_vec)?;
+
+        let proving_key = zkey_from_raw(&zkey_vec)?;
+        let verification_key = vk_from_raw(&vk_vec, &zkey_vec)?;
+
+        let mut tree_config_vec: Vec<u8> = Vec::new();
+        tree_config_input.read_to_end(&mut tree_config_vec)?;
+        let tree_config_str = String::from_utf8(tree_config_vec)?;
+        let tree_config: <PoseidonTree as ZerokitMerkleTree>::Config = if tree_config_str.is_empty()
+        {
+            <PoseidonTree as ZerokitMerkleTree>::Config::default()
+        } else {
+            <PoseidonTree as ZerokitMerkleTree>::Config::from_str(&tree_config_str)?
+        };
+
+        // We compute a default empty tree
+        let tree = PoseidonTree::new(
+            tree_height,
+            <PoseidonTree as ZerokitMerkleTree>::Hasher::default_leaf(),
+            tree_config,
+        )?;
+
+        Ok(RLN {
+            witness_calculator,
+            proving_key,
+            verification_key,
+            tree,
+        })
+    }
+
+    #[cfg(target_arch = "wasm32")]
     pub fn new_with_params(
         tree_height: usize,
-        #[cfg(not(target_arch = "wasm32"))] circom_vec: Vec<u8>,
         zkey_vec: Vec<u8>,
         vk_vec: Vec<u8>,
     ) -> Result<RLN<'static>> {
@@ -159,12 +202,9 @@ impl RLN<'_> {
         let tree = PoseidonTree::default(tree_height)?;
 
         Ok(RLN {
-            #[cfg(not(target_arch = "wasm32"))]
-            witness_calculator,
             proving_key,
             verification_key,
             tree,
-            #[cfg(target_arch = "wasm32")]
             _marker: PhantomData,
         })
     }
@@ -198,11 +238,14 @@ impl RLN<'_> {
     /// // We generate a random identity secret hash and commitment pair
     /// let (identity_secret_hash, id_commitment) = keygen();
     ///
-    /// // We define the tree index where id_commitment will be added
+    /// // We define the tree index where rate_commitment will be added
     /// let id_index = 10;
+    /// let user_message_limit = 1;
     ///
-    /// // We serialize id_commitment and pass it to set_leaf
-    /// let mut buffer = Cursor::new(serialize_field_element(id_commitment));
+    /// let rate_commitment = poseidon_hash(&[id_commitment, user_message_limit]);
+    ///
+    /// // We serialize rate_commitment and pass it to set_leaf
+    /// let mut buffer = Cursor::new(serialize_field_element(rate_commitment));
     /// rln.set_leaf(id_index, &mut buffer).unwrap();
     /// ```
     pub fn set_leaf<R: Read>(&mut self, index: usize, mut input_data: R) -> Result<()> {
@@ -217,6 +260,31 @@ impl RLN<'_> {
         Ok(())
     }
 
+    /// Gets a leaf value at position index in the internal Merkle tree.
+    /// The leaf value is written to output_data.
+    /// Input values are:
+    /// - `index`: the index of the leaf
+    ///
+    /// Example:
+    /// ```
+    /// use crate::protocol::*;
+    /// use std::io::Cursor;
+    ///
+    /// let id_index = 10;
+    /// let mut buffer = Cursor::new(Vec::<u8>::new());
+    /// rln.get_leaf(id_index, &mut buffer).unwrap();
+    /// let rate_commitment = deserialize_field_element(&buffer.into_inner()).unwrap();
+    pub fn get_leaf<W: Write>(&self, index: usize, mut output_data: W) -> Result<()> {
+        // We get the leaf at input index
+        let leaf = self.tree.get(index)?;
+
+        // We serialize the leaf and write it to output
+        let leaf_byte = fr_to_bytes_le(&leaf);
+        output_data.write_all(&leaf_byte)?;
+
+        Ok(())
+    }
+
     /// Sets multiple leaves starting from position index in the internal Merkle tree.
     ///
     /// If n leaves are passed as input, these will be set at positions `index`, `index+1`, ..., `index+n-1` respectively.
@@ -240,7 +308,8 @@ impl RLN<'_> {
     /// let mut rng = thread_rng();
     /// for _ in 0..no_of_leaves {
     ///     let (_, id_commitment) = keygen();
-    ///     leaves.push(id_commitment);
+    ///     let rate_commitment = poseidon_hash(&[id_commitment, 1.into()]);
+    ///     leaves.push(rate_commitment);
     /// }
     ///
     /// // We add leaves in a batch into the tree
@@ -301,7 +370,8 @@ impl RLN<'_> {
     /// let mut rng = thread_rng();
     /// for _ in 0..no_of_leaves {
     ///     let (_, id_commitment) = keygen();
-    ///     leaves.push(id_commitment);
+    ///     let rate_commitment = poseidon_hash(&[id_commitment, 1.into()]);
+    ///     leaves.push(rate_commitment);
     /// }
     ///
     /// let mut indices: Vec<u8> = Vec::new();
@@ -337,7 +407,7 @@ impl RLN<'_> {
         // We set the leaves
         self.tree
             .override_range(index, leaves, indices)
-            .map_err(|_| Report::msg("Could not perform the batch operation"))?;
+            .map_err(|e| Report::msg(format!("Could not perform the batch operation: {e}")))?;
         Ok(())
     }
 
@@ -367,7 +437,8 @@ impl RLN<'_> {
     /// let mut rng = thread_rng();
     /// for _ in 0..no_of_leaves {
     ///     let (_, id_commitment) = keygen();
-    ///     leaves.push(id_commitment);
+    ///     let rate_commitment = poseidon_hash(&[id_commitment, 1.into()]);
+    ///     leaves.push(rate_commitment);
     /// }
     ///
     /// // We add leaves in a batch into the tree
@@ -377,9 +448,10 @@ impl RLN<'_> {
     /// // We set 256 leaves starting from index 10: next_index value is now max(0, 256+10) = 266
     ///
     /// // We set a leaf on next available index
-    /// // id_commitment will be set at index 266
+    /// // rate_commitment will be set at index 266
     /// let (_, id_commitment) = keygen();
-    /// let mut buffer = Cursor::new(fr_to_bytes_le(&id_commitment));
+    /// let rate_commitment = poseidon_hash(&[id_commitment, 1.into()]);
+    /// let mut buffer = Cursor::new(fr_to_bytes_le(&rate_commitment));
     /// rln.set_next_leaf(&mut buffer).unwrap();
     /// ```
     pub fn set_next_leaf<R: Read>(&mut self, mut input_data: R) -> Result<()> {
@@ -412,6 +484,43 @@ impl RLN<'_> {
         Ok(())
     }
 
+    /// Sets some metadata that a consuming application may want to store in the RLN object.
+    /// This metadata is not used by the RLN module.
+    ///
+    /// Input values are:
+    /// - `metadata`: a byte vector containing the metadata
+    ///
+    /// Example
+    ///
+    /// ```
+    /// let metadata = b"some metadata";
+    /// rln.set_metadata(metadata).unwrap();
+    /// ```
+    pub fn set_metadata(&mut self, metadata: &[u8]) -> Result<()> {
+        self.tree.set_metadata(metadata)?;
+        Ok(())
+    }
+
+    /// Returns the metadata stored in the RLN object.
+    ///
+    /// Output values are:
+    /// - `output_data`: a writer receiving the serialization of the metadata
+    ///
+    /// Example
+    ///
+    /// ```
+    /// use std::io::Cursor;
+    ///
+    /// let mut buffer = Cursor::new(Vec::<u8>::new());
+    /// rln.get_metadata(&mut buffer).unwrap();
+    /// let metadata = buffer.into_inner();
+    /// ```
+    pub fn get_metadata<W: Write>(&self, mut output_data: W) -> Result<()> {
+        let metadata = self.tree.metadata()?;
+        output_data.write_all(&metadata)?;
+        Ok(())
+    }
+
     /// Returns the Merkle tree root
     ///
     /// Output values are:
@@ -551,7 +660,7 @@ impl RLN<'_> {
     pub fn verify<R: Read>(&self, mut input_data: R) -> Result<bool> {
         // Input data is serialized for Curve as:
         // serialized_proof (compressed, 4*32 bytes) || serialized_proof_values (6*32 bytes), i.e.
-        // [ proof<128> | root<32> | epoch<32> | share_x<32> | share_y<32> | nullifier<32> | rln_identifier<32> ]
+        // [ proof<128> | root<32> | external_nullifier<32> | share_x<32> | share_y<32> | nullifier<32> ]
         let mut input_byte: Vec<u8> = Vec::new();
         input_data.read_to_end(&mut input_byte)?;
         let proof = ArkProof::deserialize_compressed(&mut Cursor::new(&input_byte[..128]))?;
@@ -579,9 +688,10 @@ impl RLN<'_> {
     /// // Generate identity pair
     /// let (identity_secret_hash, id_commitment) = keygen();
     ///
-    /// // We set as leaf id_commitment after storing its index
+    /// // We set as leaf rate_commitment after storing its index
     /// let identity_index = 10;
-    /// let mut buffer = Cursor::new(fr_to_bytes_le(&id_commitment));
+    /// let rate_commitment = poseidon_hash(&[id_commitment, 1.into()]);
+    /// let mut buffer = Cursor::new(fr_to_bytes_le(&rate_commitment));
     /// rln.set_leaf(identity_index, &mut buffer).unwrap();
     ///
     /// // We generate a random signal
@@ -617,7 +727,7 @@ impl RLN<'_> {
         let mut witness_byte: Vec<u8> = Vec::new();
         input_data.read_to_end(&mut witness_byte)?;
         let (rln_witness, _) = proof_inputs_to_rln_witness(&mut self.tree, &witness_byte)?;
-        let proof_values = proof_values_from_witness(&rln_witness);
+        let proof_values = proof_values_from_witness(&rln_witness)?;
 
         let proof = generate_proof(self.witness_calculator, &self.proving_key, &rln_witness)?;
 
@@ -642,7 +752,7 @@ impl RLN<'_> {
         mut output_data: W,
     ) -> Result<()> {
         let (rln_witness, _) = deserialize_witness(&rln_witness_vec[..])?;
-        let proof_values = proof_values_from_witness(&rln_witness);
+        let proof_values = proof_values_from_witness(&rln_witness)?;
 
         let proof = generate_proof_with_witness(calculated_witness, &self.proving_key).unwrap();
 
@@ -698,13 +808,10 @@ impl RLN<'_> {
         let signal: Vec<u8> = serialized[all_read..all_read + signal_len].to_vec();
 
         let verified = verify_proof(&self.verification_key, &proof, &proof_values)?;
+        let x = hash_to_field(&signal);
 
         // Consistency checks to counter proof tampering
-        let x = hash_to_field(&signal);
-        Ok(verified
-            && (self.tree.root() == proof_values.root)
-            && (x == proof_values.x)
-            && (proof_values.rln_identifier == hash_to_field(RLN_IDENTIFIER)))
+        Ok(verified && (self.tree.root() == proof_values.root) && (x == proof_values.x))
     }
 
     /// Verifies a zkSNARK RLN proof against the provided proof values and a set of allowed Merkle tree roots.
@@ -779,9 +886,7 @@ impl RLN<'_> {
 
         // First consistency checks to counter proof tampering
         let x = hash_to_field(&signal);
-        let partial_result = verified
-            && (x == proof_values.x)
-            && (proof_values.rln_identifier == hash_to_field(RLN_IDENTIFIER));
+        let partial_result = verified && (x == proof_values.x);
 
         // We skip root validation if proof is already invalid
         if !partial_result {
@@ -1010,15 +1115,13 @@ impl RLN<'_> {
         input_proof_data_1.read_to_end(&mut serialized)?;
         // We skip deserialization of the zk-proof at the beginning
         let (proof_values_1, _) = deserialize_proof_values(&serialized[128..]);
-        let external_nullifier_1 =
-            utils_poseidon_hash(&[proof_values_1.epoch, proof_values_1.rln_identifier]);
+        let external_nullifier_1 = proof_values_1.external_nullifier;
 
         let mut serialized: Vec<u8> = Vec::new();
         input_proof_data_2.read_to_end(&mut serialized)?;
         // We skip deserialization of the zk-proof at the beginning
         let (proof_values_2, _) = deserialize_proof_values(&serialized[128..]);
-        let external_nullifier_2 =
-            utils_poseidon_hash(&[proof_values_2.epoch, proof_values_2.rln_identifier]);
+        let external_nullifier_2 = proof_values_2.external_nullifier;
 
         // We continue only if the proof values are for the same epoch
         // The idea is that proof values that go as input to this function are verified first (with zk-proof verify), hence ensuring validity of epoch and other fields.
@@ -1030,12 +1133,13 @@ impl RLN<'_> {
             let share2 = (proof_values_2.x, proof_values_2.y);
 
             // We recover the secret
-            let recovered_identity_secret_hash =
-                compute_id_secret(share1, share2, external_nullifier_1);
+            let recovered_identity_secret_hash = compute_id_secret(share1, share2);
 
             // If an identity secret hash is recovered, we write it to output_data, otherwise nothing will be written.
             if let Ok(identity_secret_hash) = recovered_identity_secret_hash {
                 output_data.write_all(&fr_to_bytes_le(&identity_secret_hash))?;
+            } else {
+                return Err(Report::msg("could not extract secret"));
             }
         }
 
@@ -1067,6 +1171,14 @@ impl RLN<'_> {
         let (rln_witness, _) = deserialize_witness(serialized_witness)?;
         get_json_inputs(&rln_witness)
     }
+
+    /// Closes the connection to the Merkle tree database.
+    /// This function should be called before the RLN object is dropped.
+    /// If not called, the connection will be closed when the RLN object is dropped.
+    /// This improves robustness of the tree.
+    pub fn flush(&mut self) -> Result<()> {
+        self.tree.close_db_connection()
+    }
 }
 
 #[cfg(not(target_arch = "wasm32"))]
@@ -1316,6 +1428,8 @@ mod test {
         let (root_single_additions, _) = bytes_le_to_fr(&buffer.into_inner());
 
         assert_eq!(root_batch_with_init, root_single_additions);
+
+        rln.flush().unwrap();
     }
 
     #[test]
@@ -1358,7 +1472,7 @@ mod test {
         let indices_buffer = Cursor::new(vec_u8_to_bytes_le(&indices).unwrap());
         let leaves_buffer = Cursor::new(vec_fr_to_bytes_le(&last_leaf).unwrap());
 
-        rln.atomic_operation(no_of_leaves, leaves_buffer, indices_buffer)
+        rln.atomic_operation(last_leaf_index, leaves_buffer, indices_buffer)
             .unwrap();
 
         // We get the root of the tree obtained after a no-op
@@ -1369,6 +1483,105 @@ mod test {
         assert_eq!(root_after_insertion, root_after_noop);
     }
 
+    #[test]
+    fn test_atomic_operation_zero_indexed() {
+        // Test duplicated from https://github.com/waku-org/go-zerokit-rln/pull/12/files
+        let tree_height = TEST_TREE_HEIGHT;
+        let no_of_leaves = 256;
+
+        // We generate a vector of random leaves
+        let mut leaves: Vec<Fr> = Vec::new();
+        let mut rng = thread_rng();
+        for _ in 0..no_of_leaves {
+            leaves.push(Fr::rand(&mut rng));
+        }
+
+        // We create a new tree
+        let input_buffer =
+            Cursor::new(json!({ "resources_folder": TEST_RESOURCES_FOLDER }).to_string());
+        let mut rln = RLN::new(tree_height, input_buffer).unwrap();
+
+        // We add leaves in a batch into the tree
+        let mut buffer = Cursor::new(vec_fr_to_bytes_le(&leaves).unwrap());
+        rln.init_tree_with_leaves(&mut buffer).unwrap();
+
+        // We check if number of leaves set is consistent
+        assert_eq!(rln.tree.leaves_set(), no_of_leaves);
+
+        // We get the root of the tree obtained adding leaves in batch
+        let mut buffer = Cursor::new(Vec::<u8>::new());
+        rln.get_root(&mut buffer).unwrap();
+        let (root_after_insertion, _) = bytes_le_to_fr(&buffer.into_inner());
+
+        let zero_index = 0;
+        let indices = vec![zero_index as u8];
+        let zero_leaf: Vec<Fr> = vec![];
+        let indices_buffer = Cursor::new(vec_u8_to_bytes_le(&indices).unwrap());
+        let leaves_buffer = Cursor::new(vec_fr_to_bytes_le(&zero_leaf).unwrap());
+        rln.atomic_operation(0, leaves_buffer, indices_buffer)
+            .unwrap();
+
+        // We get the root of the tree obtained after a deletion
+        let mut buffer = Cursor::new(Vec::<u8>::new());
+        rln.get_root(&mut buffer).unwrap();
+        let (root_after_deletion, _) = bytes_le_to_fr(&buffer.into_inner());
+
+        assert_ne!(root_after_insertion, root_after_deletion);
+    }
+
+    #[test]
+    fn test_atomic_operation_consistency() {
+        // Test duplicated from https://github.com/waku-org/go-zerokit-rln/pull/12/files
+        let tree_height = TEST_TREE_HEIGHT;
+        let no_of_leaves = 256;
+
+        // We generate a vector of random leaves
+        let mut leaves: Vec<Fr> = Vec::new();
+        let mut rng = thread_rng();
+        for _ in 0..no_of_leaves {
+            leaves.push(Fr::rand(&mut rng));
+        }
+
+        // We create a new tree
+        let input_buffer =
+            Cursor::new(json!({ "resources_folder": TEST_RESOURCES_FOLDER }).to_string());
+        let mut rln = RLN::new(tree_height, input_buffer).unwrap();
+
+        // We add leaves in a batch into the tree
+        let mut buffer = Cursor::new(vec_fr_to_bytes_le(&leaves).unwrap());
+        rln.init_tree_with_leaves(&mut buffer).unwrap();
+
+        // We check if number of leaves set is consistent
+        assert_eq!(rln.tree.leaves_set(), no_of_leaves);
+
+        // We get the root of the tree obtained adding leaves in batch
+        let mut buffer = Cursor::new(Vec::<u8>::new());
+        rln.get_root(&mut buffer).unwrap();
+        let (root_after_insertion, _) = bytes_le_to_fr(&buffer.into_inner());
+
+        let set_index = rng.gen_range(0..no_of_leaves) as usize;
+        let indices = vec![set_index as u8];
+        let zero_leaf: Vec<Fr> = vec![];
+        let indices_buffer = Cursor::new(vec_u8_to_bytes_le(&indices).unwrap());
+        let leaves_buffer = Cursor::new(vec_fr_to_bytes_le(&zero_leaf).unwrap());
+        rln.atomic_operation(0, leaves_buffer, indices_buffer)
+            .unwrap();
+
+        // We get the root of the tree obtained after a deletion
+        let mut buffer = Cursor::new(Vec::<u8>::new());
+        rln.get_root(&mut buffer).unwrap();
+        let (root_after_deletion, _) = bytes_le_to_fr(&buffer.into_inner());
+
+        assert_ne!(root_after_insertion, root_after_deletion);
+
+        // We get the leaf
+        let mut output_buffer = Cursor::new(Vec::<u8>::new());
+        rln.get_leaf(set_index, &mut output_buffer).unwrap();
+        let (received_leaf, _) = bytes_le_to_fr(output_buffer.into_inner().as_ref());
+
+        assert_eq!(received_leaf, Fr::from(0));
+    }
+
     #[allow(unused_must_use)]
     #[test]
     // This test checks if `set_leaves_from` throws an error when the index is out of bounds
@@ -1410,6 +1623,123 @@ mod test {
         assert_eq!(root_empty, root_after_bad_set);
     }
 
+    fn fq_from_str(s: String) -> ark_bn254::Fq {
+        ark_bn254::Fq::from_str(&s).unwrap()
+    }
+
+    fn g1_from_str(g1: &[String]) -> ark_bn254::G1Affine {
+        let x = fq_from_str(g1[0].clone());
+        let y = fq_from_str(g1[1].clone());
+        let z = fq_from_str(g1[2].clone());
+        ark_bn254::G1Affine::from(ark_bn254::G1Projective::new(x, y, z))
+    }
+
+    fn g2_from_str(g2: &[Vec<String>]) -> ark_bn254::G2Affine {
+        let c0 = fq_from_str(g2[0][0].clone());
+        let c1 = fq_from_str(g2[0][1].clone());
+        let x = ark_bn254::Fq2::new(c0, c1);
+
+        let c0 = fq_from_str(g2[1][0].clone());
+        let c1 = fq_from_str(g2[1][1].clone());
+        let y = ark_bn254::Fq2::new(c0, c1);
+
+        let c0 = fq_from_str(g2[2][0].clone());
+        let c1 = fq_from_str(g2[2][1].clone());
+        let z = ark_bn254::Fq2::new(c0, c1);
+
+        ark_bn254::G2Affine::from(ark_bn254::G2Projective::new(x, y, z))
+    }
+
+    fn value_to_string_vec(value: &Value) -> Vec<String> {
+        value
+            .as_array()
+            .unwrap()
+            .into_iter()
+            .map(|val| val.as_str().unwrap().to_string())
+            .collect()
+    }
+
+    #[test]
+    fn test_groth16_proof_hardcoded() {
+        let tree_height = TEST_TREE_HEIGHT;
+
+        let input_buffer =
+            Cursor::new(json!({ "resources_folder": TEST_RESOURCES_FOLDER }).to_string());
+        let rln = RLN::new(tree_height, input_buffer).unwrap();
+
+        let valid_snarkjs_proof = json!({
+         "pi_a": [
+          "606446415626469993821291758185575230335423926365686267140465300918089871829",
+          "14881534001609371078663128199084130129622943308489025453376548677995646280161",
+          "1"
+         ],
+         "pi_b": [
+          [
+           "18053812507994813734583839134426913715767914942522332114506614735770984570178",
+           "11219916332635123001710279198522635266707985651975761715977705052386984005181"
+          ],
+          [
+           "17371289494006920912949790045699521359436706797224428511776122168520286372970",
+           "14038575727257298083893642903204723310279435927688342924358714639926373603890"
+          ],
+          [
+           "1",
+           "0"
+          ]
+         ],
+         "pi_c": [
+          "17701377127561410274754535747274973758826089226897242202671882899370780845888",
+          "12608543716397255084418384146504333522628400182843246910626782513289789807030",
+          "1"
+         ],
+         "protocol": "groth16",
+         "curve": "bn128"
+        });
+        let valid_ark_proof = ArkProof {
+            a: g1_from_str(&value_to_string_vec(&valid_snarkjs_proof["pi_a"])),
+            b: g2_from_str(
+                &valid_snarkjs_proof["pi_b"]
+                    .as_array()
+                    .unwrap()
+                    .iter()
+                    .map(|item| value_to_string_vec(item))
+                    .collect::<Vec<Vec<String>>>(),
+            ),
+            c: g1_from_str(&value_to_string_vec(&valid_snarkjs_proof["pi_c"])),
+        };
+
+        let valid_proof_values = RLNProofValues {
+            x: str_to_fr(
+                "20645213238265527935869146898028115621427162613172918400241870500502509785943",
+                10,
+            )
+            .unwrap(),
+            external_nullifier: str_to_fr(
+                "21074405743803627666274838159589343934394162804826017440941339048886754734203",
+                10,
+            )
+            .unwrap(),
+            y: str_to_fr(
+                "16401008481486069296141645075505218976370369489687327284155463920202585288271",
+                10,
+            )
+            .unwrap(),
+            root: str_to_fr(
+                "8502402278351299594663821509741133196466235670407051417832304486953898514733",
+                10,
+            )
+            .unwrap(),
+            nullifier: str_to_fr(
+                "9102791780887227194595604713537772536258726662792598131262022534710887343694",
+                10,
+            )
+            .unwrap(),
+        };
+
+        let verified = verify_proof(&rln.verification_key, &valid_ark_proof, &valid_proof_values);
+        assert!(verified.unwrap());
+    }
+
     #[test]
     // This test is similar to the one in lib, but uses only public API
     fn test_groth16_proof() {
@@ -1421,7 +1751,7 @@ mod test {
 
         // Note: we only test Groth16 proof generation, so we ignore setting the tree in the RLN object
         let rln_witness = random_rln_witness(tree_height);
-        let proof_values = proof_values_from_witness(&rln_witness);
+        let proof_values = proof_values_from_witness(&rln_witness).unwrap();
 
         // We compute a Groth16 proof
         let mut input_buffer = Cursor::new(serialize_witness(&rln_witness).unwrap());
@@ -1432,6 +1762,7 @@ mod test {
         // Before checking public verify API, we check that the (deserialized) proof generated by prove is actually valid
         let proof = ArkProof::deserialize_compressed(&mut Cursor::new(&serialized_proof)).unwrap();
         let verified = verify_proof(&rln.verification_key, &proof, &proof_values);
+        // dbg!(verified.unwrap());
         assert!(verified.unwrap());
 
         // We prepare the input to prove API, consisting of serialized_proof (compressed, 4*32 bytes) || serialized_proof_values (6*32 bytes)
@@ -1456,7 +1787,9 @@ mod test {
         let mut leaves: Vec<Fr> = Vec::new();
         let mut rng = thread_rng();
         for _ in 0..no_of_leaves {
-            leaves.push(Fr::rand(&mut rng));
+            let id_commitment = Fr::rand(&mut rng);
+            let rate_commitment = utils_poseidon_hash(&[id_commitment, Fr::from(100)]);
+            leaves.push(rate_commitment);
         }
 
         // We create a new RLN instance
@@ -1471,9 +1804,11 @@ mod test {
         // Generate identity pair
         let (identity_secret_hash, id_commitment) = keygen();
 
-        // We set as leaf id_commitment after storing its index
+        // We set as leaf rate_commitment after storing its index
         let identity_index = rln.tree.leaves_set();
-        let mut buffer = Cursor::new(fr_to_bytes_le(&id_commitment));
+        let user_message_limit = Fr::from(65535);
+        let rate_commitment = utils_poseidon_hash(&[id_commitment, user_message_limit]);
+        let mut buffer = Cursor::new(fr_to_bytes_le(&rate_commitment));
         rln.set_next_leaf(&mut buffer).unwrap();
 
         // We generate a random signal
@@ -1482,13 +1817,19 @@ mod test {
 
         // We generate a random epoch
         let epoch = hash_to_field(b"test-epoch");
+        // We generate a random rln_identifier
+        let rln_identifier = hash_to_field(b"test-rln-identifier");
 
         // We prepare input for generate_rln_proof API
-        // input_data is [ identity_secret<32> | id_index<8> | epoch<32> | signal_len<8> | signal<var> ]
         let mut serialized: Vec<u8> = Vec::new();
         serialized.append(&mut fr_to_bytes_le(&identity_secret_hash));
         serialized.append(&mut normalize_usize(identity_index));
-        serialized.append(&mut fr_to_bytes_le(&epoch));
+        serialized.append(&mut fr_to_bytes_le(&user_message_limit));
+        serialized.append(&mut fr_to_bytes_le(&Fr::from(1)));
+        serialized.append(&mut fr_to_bytes_le(&utils_poseidon_hash(&[
+            epoch,
+            rln_identifier,
+        ])));
         serialized.append(&mut normalize_usize(signal.len()));
         serialized.append(&mut signal.to_vec());
 
@@ -1536,9 +1877,11 @@ mod test {
         // Generate identity pair
         let (identity_secret_hash, id_commitment) = keygen();
 
-        // We set as leaf id_commitment after storing its index
+        // We set as leaf rate_commitment after storing its index
         let identity_index = rln.tree.leaves_set();
-        let mut buffer = Cursor::new(fr_to_bytes_le(&id_commitment));
+        let user_message_limit = Fr::from(100);
+        let rate_commitment = utils_poseidon_hash(&[id_commitment, user_message_limit]);
+        let mut buffer = Cursor::new(fr_to_bytes_le(&rate_commitment));
         rln.set_next_leaf(&mut buffer).unwrap();
 
         // We generate a random signal
@@ -1547,13 +1890,20 @@ mod test {
 
         // We generate a random epoch
         let epoch = hash_to_field(b"test-epoch");
+        // We generate a random rln_identifier
+        let rln_identifier = hash_to_field(b"test-rln-identifier");
 
         // We prepare input for generate_rln_proof API
         // input_data is [ identity_secret<32> | id_index<8> | epoch<32> | signal_len<8> | signal<var> ]
         let mut serialized: Vec<u8> = Vec::new();
         serialized.append(&mut fr_to_bytes_le(&identity_secret_hash));
         serialized.append(&mut normalize_usize(identity_index));
-        serialized.append(&mut fr_to_bytes_le(&epoch));
+        serialized.append(&mut fr_to_bytes_le(&user_message_limit));
+        serialized.append(&mut fr_to_bytes_le(&Fr::from(1)));
+        serialized.append(&mut fr_to_bytes_le(&utils_poseidon_hash(&[
+            epoch,
+            rln_identifier,
+        ])));
         serialized.append(&mut normalize_usize(signal.len()));
         serialized.append(&mut signal.to_vec());
 
@@ -1635,22 +1985,29 @@ mod test {
 
         // We set as leaf id_commitment after storing its index
         let identity_index = rln.tree.leaves_set();
-        let mut buffer = Cursor::new(fr_to_bytes_le(&id_commitment));
+        let user_message_limit = Fr::from(100);
+        let rate_commitment = utils_poseidon_hash(&[id_commitment, user_message_limit]);
+        let mut buffer = Cursor::new(fr_to_bytes_le(&rate_commitment));
         rln.set_next_leaf(&mut buffer).unwrap();
 
         // We generate a random signal
-        let mut rng = rand::thread_rng();
+        let mut rng = thread_rng();
         let signal: [u8; 32] = rng.gen();
 
         // We generate a random epoch
         let epoch = hash_to_field(b"test-epoch");
+        // We generate a random rln_identifier
+        let rln_identifier = hash_to_field(b"test-rln-identifier");
+        let external_nullifier = utils_poseidon_hash(&[epoch, rln_identifier]);
 
         // We prepare input for generate_rln_proof API
-        // input_data is [ identity_secret<32> | id_index<8> | epoch<32> | signal_len<8> | signal<var> ]
+        // input_data is [ identity_secret<32> | id_index<8> | epoch<32> | rln_identifier<32> | user_message_limit<32> | message_id<32> | signal_len<8> | signal<var> ]
         let mut serialized: Vec<u8> = Vec::new();
         serialized.append(&mut fr_to_bytes_le(&identity_secret_hash));
         serialized.append(&mut normalize_usize(identity_index));
-        serialized.append(&mut fr_to_bytes_le(&epoch));
+        serialized.append(&mut fr_to_bytes_le(&user_message_limit));
+        serialized.append(&mut fr_to_bytes_le(&Fr::from(1)));
+        serialized.append(&mut fr_to_bytes_le(&external_nullifier));
         serialized.append(&mut normalize_usize(signal.len()));
         serialized.append(&mut signal.to_vec());
 
@@ -1687,7 +2044,7 @@ mod test {
             .verify_with_roots(&mut input_buffer.clone(), &mut roots_buffer)
             .unwrap();
 
-        assert!(verified == false);
+        assert_eq!(verified, false);
 
         // We get the root of the tree obtained adding one leaf per time
         let mut buffer = Cursor::new(Vec::<u8>::new());
@@ -1715,10 +2072,13 @@ mod test {
 
         // Generate identity pair
         let (identity_secret_hash, id_commitment) = keygen();
+        let user_message_limit = Fr::from(100);
+        let message_id = Fr::from(0);
+        let rate_commitment = utils_poseidon_hash(&[id_commitment, user_message_limit]);
 
         // We set as leaf id_commitment after storing its index
         let identity_index = rln.tree.leaves_set();
-        let mut buffer = Cursor::new(fr_to_bytes_le(&id_commitment));
+        let mut buffer = Cursor::new(fr_to_bytes_le(&rate_commitment));
         rln.set_next_leaf(&mut buffer).unwrap();
 
         // We generate two random signals
@@ -1729,15 +2089,19 @@ mod test {
 
         // We generate a random epoch
         let epoch = hash_to_field(b"test-epoch");
+        // We generate a random rln_identifier
+        let rln_identifier = hash_to_field(b"test-rln-identifier");
+        let external_nullifier = utils_poseidon_hash(&[epoch, rln_identifier]);
 
         // We generate two proofs using same epoch but different signals.
 
         // We prepare input for generate_rln_proof API
-        // input_data is [ identity_secret<32> | id_index<8> | epoch<32> | signal_len<8> | signal<var> ]
         let mut serialized1: Vec<u8> = Vec::new();
         serialized1.append(&mut fr_to_bytes_le(&identity_secret_hash));
         serialized1.append(&mut normalize_usize(identity_index));
-        serialized1.append(&mut fr_to_bytes_le(&epoch));
+        serialized1.append(&mut fr_to_bytes_le(&user_message_limit));
+        serialized1.append(&mut fr_to_bytes_le(&message_id));
+        serialized1.append(&mut fr_to_bytes_le(&external_nullifier));
 
         // The first part is the same for both proof input, so we clone
         let mut serialized2 = serialized1.clone();
@@ -1787,21 +2151,23 @@ mod test {
 
         // We generate a new identity pair
         let (identity_secret_hash_new, id_commitment_new) = keygen();
+        let rate_commitment_new = utils_poseidon_hash(&[id_commitment_new, user_message_limit]);
 
         // We add it to the tree
         let identity_index_new = rln.tree.leaves_set();
-        let mut buffer = Cursor::new(fr_to_bytes_le(&id_commitment_new));
+        let mut buffer = Cursor::new(fr_to_bytes_le(&rate_commitment_new));
         rln.set_next_leaf(&mut buffer).unwrap();
 
         // We generate a random signals
         let signal3: [u8; 32] = rng.gen();
 
         // We prepare proof input. Note that epoch is the same as before
-        // input_data is [ identity_secret<32> | id_index<8> | epoch<32> | signal_len<8> | signal<var> ]
         let mut serialized3: Vec<u8> = Vec::new();
         serialized3.append(&mut fr_to_bytes_le(&identity_secret_hash_new));
         serialized3.append(&mut normalize_usize(identity_index_new));
-        serialized3.append(&mut fr_to_bytes_le(&epoch));
+        serialized3.append(&mut fr_to_bytes_le(&user_message_limit));
+        serialized3.append(&mut fr_to_bytes_le(&message_id));
+        serialized3.append(&mut fr_to_bytes_le(&external_nullifier));
         serialized3.append(&mut normalize_usize(signal3.len()));
         serialized3.append(&mut signal3.to_vec());
 
@@ -1825,8 +2191,57 @@ mod test {
         .unwrap();
 
         let serialized_identity_secret_hash = output_buffer.into_inner();
+        let (recovered_identity_secret_hash_new, _) =
+            bytes_le_to_fr(&serialized_identity_secret_hash);
 
-        // We ensure that an empty value was written to output_buffer, i.e. no secret is recovered
-        assert!(serialized_identity_secret_hash.is_empty());
+        // ensure that the recovered secret does not match with either of the
+        // used secrets in proof generation
+        assert_ne!(recovered_identity_secret_hash_new, identity_secret_hash_new);
+    }
+
+    #[test]
+    fn test_get_leaf() {
+        // We generate a random tree
+        let tree_height = 10;
+        let mut rng = thread_rng();
+        let input_buffer =
+            Cursor::new(json!({ "resources_folder": TEST_RESOURCES_FOLDER }).to_string());
+        let mut rln = RLN::new(tree_height, input_buffer).unwrap();
+
+        // We generate a random leaf
+        let leaf = Fr::rand(&mut rng);
+
+        // We generate a random index
+        let index = rng.gen_range(0..rln.tree.capacity());
+
+        // We add the leaf to the tree
+        let mut buffer = Cursor::new(fr_to_bytes_le(&leaf));
+        rln.set_leaf(index, &mut buffer).unwrap();
+
+        // We get the leaf
+        let mut output_buffer = Cursor::new(Vec::<u8>::new());
+        rln.get_leaf(index, &mut output_buffer).unwrap();
+
+        // We ensure that the leaf is the same as the one we added
+        let (received_leaf, _) = bytes_le_to_fr(output_buffer.into_inner().as_ref());
+        assert_eq!(received_leaf, leaf);
+    }
+
+    #[test]
+    fn test_metadata() {
+        let tree_height = TEST_TREE_HEIGHT;
+
+        let input_buffer =
+            Cursor::new(json!({ "resources_folder": TEST_RESOURCES_FOLDER }).to_string());
+        let mut rln = RLN::new(tree_height, input_buffer).unwrap();
+
+        let arbitrary_metadata: &[u8] = b"block_number:200000";
+        rln.set_metadata(arbitrary_metadata).unwrap();
+
+        let mut buffer = Cursor::new(Vec::<u8>::new());
+        rln.get_metadata(&mut buffer).unwrap();
+        let received_metadata = buffer.into_inner();
+
+        assert_eq!(arbitrary_metadata, received_metadata);
     }
 }

rln/tests/ffi.rs

@@ -37,7 +37,7 @@ mod test {
 
         // We first add leaves one by one specifying the index
         for (i, leaf) in leaves.iter().enumerate() {
-            // We prepare id_commitment and we set the leaf at provided index
+            // We prepare the rate_commitment and we set the leaf at provided index
             let leaf_ser = fr_to_bytes_le(&leaf);
             let input_buffer = &Buffer::from(leaf_ser.as_ref());
             let success = set_leaf(rln_pointer, i, input_buffer);
@@ -265,7 +265,7 @@ mod test {
 
         let success = atomic_operation(
             rln_pointer,
-            no_of_leaves as usize,
+            last_leaf_index as usize,
             leaves_buffer,
             indices_buffer,
         );
@@ -338,6 +338,7 @@ mod test {
     fn test_merkle_proof_ffi() {
         let tree_height = TEST_TREE_HEIGHT;
         let leaf_index = 3;
+        let user_message_limit = 1;
 
         // We create a RLN instance
         let mut rln_pointer = MaybeUninit::<*mut RLN>::uninit();
@@ -349,10 +350,12 @@ mod test {
 
         // generate identity
         let identity_secret_hash = hash_to_field(b"test-merkle-proof");
-        let id_commitment = utils_poseidon_hash(&vec![identity_secret_hash]);
+        let id_commitment = utils_poseidon_hash(&[identity_secret_hash]);
+        let user_message_limit = Fr::from(100);
+        let rate_commitment = utils_poseidon_hash(&[id_commitment, user_message_limit]);
 
         // We prepare id_commitment and we set the leaf at provided index
-        let leaf_ser = fr_to_bytes_le(&id_commitment);
+        let leaf_ser = fr_to_bytes_le(&rate_commitment);
         let input_buffer = &Buffer::from(leaf_ser.as_ref());
         let success = set_leaf(rln_pointer, leaf_index, input_buffer);
         assert!(success, "set leaf call failed");
@@ -365,6 +368,21 @@ mod test {
         let result_data = <&[u8]>::from(&output_buffer).to_vec();
         let (root, _) = bytes_le_to_fr(&result_data);
 
+        use ark_ff::BigInt;
+
+        if TEST_TREE_HEIGHT == 20 || TEST_TREE_HEIGHT == 32 {
+            assert_eq!(
+                root,
+                BigInt([
+                    4939322235247991215,
+                    5110804094006647505,
+                    4427606543677101242,
+                    910933464535675827
+                ])
+                .into()
+            );
+        }
+
         // We obtain the Merkle tree root
         let mut output_buffer = MaybeUninit::<Buffer>::uninit();
         let success = get_proof(rln_pointer, leaf_index, output_buffer.as_mut_ptr());
@@ -457,8 +475,7 @@ mod test {
         let mut expected_identity_path_index: Vec<u8> =
             vec![1, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0];
 
-        // We add the remaining elements for the case TEST_TREE_HEIGHT = 19
-        if TEST_TREE_HEIGHT == 19 || TEST_TREE_HEIGHT == 20 {
+        if TEST_TREE_HEIGHT == 20 {
             expected_path_elements.append(&mut vec![
                 str_to_fr(
                     "0x22f98aa9ce704152ac17354914ad73ed1167ae6596af510aa5b3649325e06c92",
@@ -497,8 +514,12 @@ mod test {
         assert_eq!(identity_path_index, expected_identity_path_index);
 
         // We double check that the proof computed from public API is correct
-        let root_from_proof =
-            compute_tree_root(&id_commitment, &path_elements, &identity_path_index, false);
+        let root_from_proof = compute_tree_root(
+            &identity_secret_hash,
+            &user_message_limit,
+            &path_elements,
+            &identity_path_index,
+        );
 
         assert_eq!(root, root_from_proof);
     }
@@ -526,7 +547,7 @@ mod test {
         for _ in 0..sample_size {
             // We generate random witness instances and relative proof values
             let rln_witness = random_rln_witness(tree_height);
-            let proof_values = proof_values_from_witness(&rln_witness);
+            let proof_values = proof_values_from_witness(&rln_witness).unwrap();
 
             // We prepare id_commitment and we set the leaf at provided index
             let rln_witness_ser = serialize_witness(&rln_witness).unwrap();
@@ -617,11 +638,14 @@ mod test {
 
         // Creating a RLN instance passing the raw data
         let mut rln_pointer_raw_bytes = MaybeUninit::<*mut RLN>::uninit();
+        let tree_config = "".to_string();
+        let tree_config_buffer = &Buffer::from(tree_config.as_bytes());
         let success = new_with_params(
             tree_height,
             circom_data,
             zkey_data,
             vk_data,
+            tree_config_buffer,
             rln_pointer_raw_bytes.as_mut_ptr(),
         );
         assert!(success, "RLN object creation failed");
@@ -644,12 +668,15 @@ mod test {
     fn test_rln_proof_ffi() {
         let tree_height = TEST_TREE_HEIGHT;
         let no_of_leaves = 256;
+        let user_message_limit = Fr::from(65535);
 
         // We generate a vector of random leaves
         let mut leaves: Vec<Fr> = Vec::new();
         let mut rng = thread_rng();
         for _ in 0..no_of_leaves {
-            leaves.push(Fr::rand(&mut rng));
+            let id_commitment = Fr::rand(&mut rng);
+            let rate_commitment = utils_poseidon_hash(&[id_commitment, Fr::from(100)]);
+            leaves.push(rate_commitment);
         }
 
         // We create a RLN instance
@@ -674,12 +701,7 @@ mod test {
         let result_data = <&[u8]>::from(&output_buffer).to_vec();
         let (identity_secret_hash, read) = bytes_le_to_fr(&result_data);
         let (id_commitment, _) = bytes_le_to_fr(&result_data[read..].to_vec());
-
-        // We set as leaf id_commitment, its index would be equal to no_of_leaves
-        let leaf_ser = fr_to_bytes_le(&id_commitment);
-        let input_buffer = &Buffer::from(leaf_ser.as_ref());
-        let success = set_next_leaf(rln_pointer, input_buffer);
-        assert!(success, "set next leaf call failed");
+        let rate_commitment = utils_poseidon_hash(&[id_commitment, user_message_limit]);
 
         let identity_index: usize = no_of_leaves;
 
@@ -689,13 +711,30 @@ mod test {
 
         // We generate a random epoch
         let epoch = hash_to_field(b"test-epoch");
+        let rln_identifier = hash_to_field(b"test-rln-identifier");
+        let external_nullifier = utils_poseidon_hash(&[epoch, rln_identifier]);
+
+        let user_message_limit = Fr::from(100);
+        let message_id = Fr::from(0);
+        let rate_commitment = utils_poseidon_hash(&[id_commitment, user_message_limit]);
+
+        // We set as leaf rate_commitment, its index would be equal to no_of_leaves
+        let leaf_ser = fr_to_bytes_le(&rate_commitment);
+        let input_buffer = &Buffer::from(leaf_ser.as_ref());
+        let success = set_next_leaf(rln_pointer, input_buffer);
+        assert!(success, "set next leaf call failed");
+
+        // We generate a random rln_identifier
+        let rln_identifier = hash_to_field(b"test-rln-identifier");
 
         // We prepare input for generate_rln_proof API
-        // input_data is [ identity_secret<32> | id_index<8> | epoch<32> | signal_len<8> | signal<var> ]
+        // input_data is [ identity_secret<32> | id_index<8> | user_message_limit<32> | message_id<32> | external_nullifier<32> | signal_len<8> | signal<var> ]
         let mut serialized: Vec<u8> = Vec::new();
         serialized.append(&mut fr_to_bytes_le(&identity_secret_hash));
         serialized.append(&mut normalize_usize(identity_index));
-        serialized.append(&mut fr_to_bytes_le(&epoch));
+        serialized.append(&mut fr_to_bytes_le(&user_message_limit));
+        serialized.append(&mut fr_to_bytes_le(&message_id));
+        serialized.append(&mut fr_to_bytes_le(&external_nullifier));
         serialized.append(&mut normalize_usize(signal.len()));
         serialized.append(&mut signal.to_vec());
 
@@ -729,6 +768,7 @@ mod test {
         // First part similar to test_rln_proof_ffi
         let tree_height = TEST_TREE_HEIGHT;
         let no_of_leaves = 256;
+        let user_message_limit = Fr::from(100);
 
         // We generate a vector of random leaves
         let mut leaves: Vec<Fr> = Vec::new();
@@ -759,12 +799,7 @@ mod test {
         let result_data = <&[u8]>::from(&output_buffer).to_vec();
         let (identity_secret_hash, read) = bytes_le_to_fr(&result_data);
         let (id_commitment, _) = bytes_le_to_fr(&result_data[read..].to_vec());
-
-        // We set as leaf id_commitment, its index would be equal to no_of_leaves
-        let leaf_ser = fr_to_bytes_le(&id_commitment);
-        let input_buffer = &Buffer::from(leaf_ser.as_ref());
-        let success = set_next_leaf(rln_pointer, input_buffer);
-        assert!(success, "set next leaf call failed");
+        let rate_commitment = utils_poseidon_hash(&[id_commitment, user_message_limit]);
 
         let identity_index: usize = no_of_leaves;
 
@@ -774,13 +809,27 @@ mod test {
 
         // We generate a random epoch
         let epoch = hash_to_field(b"test-epoch");
+        let rln_identifier = hash_to_field(b"test-rln-identifier");
+        let external_nullifier = utils_poseidon_hash(&[epoch, rln_identifier]);
+
+        let user_message_limit = Fr::from(100);
+        let message_id = Fr::from(0);
+
+        // We set as leaf rate_commitment, its index would be equal to no_of_leaves
+        let rate_commitment = utils_poseidon_hash(&[id_commitment, user_message_limit]);
+        let leaf_ser = fr_to_bytes_le(&rate_commitment);
+        let input_buffer = &Buffer::from(leaf_ser.as_ref());
+        let success = set_next_leaf(rln_pointer, input_buffer);
+        assert!(success, "set next leaf call failed");
 
         // We prepare input for generate_rln_proof API
-        // input_data is [ identity_secret<32> | id_index<8> | epoch<32> | signal_len<8> | signal<var> ]
+        // input_data is [ identity_secret<32> | id_index<8> | user_message_limit<32> | message_id<32> | external_nullifier<32> | signal_len<8> | signal<var> ]
         let mut serialized: Vec<u8> = Vec::new();
         serialized.append(&mut fr_to_bytes_le(&identity_secret_hash));
         serialized.append(&mut normalize_usize(identity_index));
-        serialized.append(&mut fr_to_bytes_le(&epoch));
+        serialized.append(&mut fr_to_bytes_le(&user_message_limit));
+        serialized.append(&mut fr_to_bytes_le(&message_id));
+        serialized.append(&mut fr_to_bytes_le(&external_nullifier));
         serialized.append(&mut normalize_usize(signal.len()));
         serialized.append(&mut signal.to_vec());
 
@@ -873,8 +922,12 @@ mod test {
         let (identity_secret_hash, read) = bytes_le_to_fr(&result_data);
         let (id_commitment, _) = bytes_le_to_fr(&result_data[read..].to_vec());
 
-        // We set as leaf id_commitment, its index would be equal to 0 since tree is empty
-        let leaf_ser = fr_to_bytes_le(&id_commitment);
+        let user_message_limit = Fr::from(100);
+        let message_id = Fr::from(0);
+        let rate_commitment = utils_poseidon_hash(&[id_commitment, user_message_limit]);
+
+        // We set as leaf rate_commitment, its index would be equal to 0 since tree is empty
+        let leaf_ser = fr_to_bytes_le(&rate_commitment);
         let input_buffer = &Buffer::from(leaf_ser.as_ref());
         let success = set_next_leaf(rln_pointer, input_buffer);
         assert!(success, "set next leaf call failed");
@@ -892,13 +945,17 @@ mod test {
 
         // We generate a random epoch
         let epoch = hash_to_field(b"test-epoch");
+        let rln_identifier = hash_to_field(b"test-rln-identifier");
+        let external_nullifier = utils_poseidon_hash(&[epoch, rln_identifier]);
 
         // We prepare input for generate_rln_proof API
         // input_data is [ identity_secret<32> | id_index<8> | epoch<32> | signal_len<8> | signal<var> ]
         let mut serialized1: Vec<u8> = Vec::new();
         serialized1.append(&mut fr_to_bytes_le(&identity_secret_hash));
         serialized1.append(&mut normalize_usize(identity_index));
-        serialized1.append(&mut fr_to_bytes_le(&epoch));
+        serialized1.append(&mut fr_to_bytes_le(&user_message_limit));
+        serialized1.append(&mut fr_to_bytes_le(&message_id));
+        serialized1.append(&mut fr_to_bytes_le(&external_nullifier));
 
         // The first part is the same for both proof input, so we clone
         let mut serialized2 = serialized1.clone();
@@ -960,9 +1017,10 @@ mod test {
         let result_data = <&[u8]>::from(&output_buffer).to_vec();
         let (identity_secret_hash_new, read) = bytes_le_to_fr(&result_data);
         let (id_commitment_new, _) = bytes_le_to_fr(&result_data[read..].to_vec());
+        let rate_commitment_new = utils_poseidon_hash(&[id_commitment_new, user_message_limit]);
 
         // We set as leaf id_commitment, its index would be equal to 1 since at 0 there is id_commitment
-        let leaf_ser = fr_to_bytes_le(&id_commitment_new);
+        let leaf_ser = fr_to_bytes_le(&rate_commitment_new);
         let input_buffer = &Buffer::from(leaf_ser.as_ref());
         let success = set_next_leaf(rln_pointer, input_buffer);
         assert!(success, "set next leaf call failed");
@@ -978,7 +1036,9 @@ mod test {
         let mut serialized: Vec<u8> = Vec::new();
         serialized.append(&mut fr_to_bytes_le(&identity_secret_hash_new));
         serialized.append(&mut normalize_usize(identity_index_new));
-        serialized.append(&mut fr_to_bytes_le(&epoch));
+        serialized.append(&mut fr_to_bytes_le(&user_message_limit));
+        serialized.append(&mut fr_to_bytes_le(&message_id));
+        serialized.append(&mut fr_to_bytes_le(&external_nullifier));
         serialized.append(&mut normalize_usize(signal3.len()));
         serialized.append(&mut signal3.to_vec());
 
@@ -1005,10 +1065,12 @@ mod test {
         assert!(success, "recover id secret call failed");
         let output_buffer = unsafe { output_buffer.assume_init() };
         let serialized_identity_secret_hash = <&[u8]>::from(&output_buffer).to_vec();
+        let (recovered_identity_secret_hash_new, _) =
+            bytes_le_to_fr(&serialized_identity_secret_hash);
 
-        // We passed two shares for different secrets, so recovery should be not successful
-        // To check it, we ensure that recovered identity secret hash is empty
-        assert!(serialized_identity_secret_hash.is_empty());
+        // ensure that the recovered secret does not match with either of the
+        // used secrets in proof generation
+        assert_ne!(recovered_identity_secret_hash_new, identity_secret_hash_new);
     }
 
     #[test]
@@ -1156,4 +1218,77 @@ mod test {
 
         assert_eq!(received_hash, expected_hash);
     }
+
+    #[test]
+    fn test_get_leaf() {
+        // We create a RLN instance
+        let tree_height = TEST_TREE_HEIGHT;
+        let no_of_leaves = 1 << TEST_TREE_HEIGHT;
+
+        let mut rln_pointer = MaybeUninit::<*mut RLN>::uninit();
+        let input_config = json!({ "resources_folder": TEST_RESOURCES_FOLDER }).to_string();
+        let input_buffer = &Buffer::from(input_config.as_bytes());
+        let success = new(tree_height, input_buffer, rln_pointer.as_mut_ptr());
+        assert!(success, "RLN object creation failed");
+        let rln_pointer = unsafe { &mut *rln_pointer.assume_init() };
+
+        // We generate a new identity tuple from an input seed
+        let seed_bytes: &[u8] = &[0, 1, 2, 3, 4, 5, 6, 7, 8, 9];
+        let input_buffer = &Buffer::from(seed_bytes);
+        let mut output_buffer = MaybeUninit::<Buffer>::uninit();
+        let success =
+            seeded_extended_key_gen(rln_pointer, input_buffer, output_buffer.as_mut_ptr());
+        assert!(success, "seeded key gen call failed");
+
+        let output_buffer = unsafe { output_buffer.assume_init() };
+        let result_data = <&[u8]>::from(&output_buffer).to_vec();
+        let (_, _, _, id_commitment) = deserialize_identity_tuple(result_data);
+
+        // We insert the id_commitment into the tree at a random index
+        let mut rng = thread_rng();
+        let index = rng.gen_range(0..no_of_leaves) as usize;
+        let leaf = fr_to_bytes_le(&id_commitment);
+        let input_buffer = &Buffer::from(leaf.as_ref());
+        let success = set_leaf(rln_pointer, index, input_buffer);
+        assert!(success, "set leaf call failed");
+
+        // We get the leaf at the same index
+        let mut output_buffer = MaybeUninit::<Buffer>::uninit();
+        let success = get_leaf(rln_pointer, index, output_buffer.as_mut_ptr());
+        assert!(success, "get leaf call failed");
+        let output_buffer = unsafe { output_buffer.assume_init() };
+        let result_data = <&[u8]>::from(&output_buffer).to_vec();
+        let (received_id_commitment, _) = bytes_le_to_fr(&result_data);
+
+        // We check that the received id_commitment is the same as the one we inserted
+        assert_eq!(received_id_commitment, id_commitment);
+    }
+
+    #[test]
+    fn test_metadata() {
+        // We create a RLN instance
+        let tree_height = TEST_TREE_HEIGHT;
+
+        let mut rln_pointer = MaybeUninit::<*mut RLN>::uninit();
+        let input_config = json!({ "resources_folder": TEST_RESOURCES_FOLDER }).to_string();
+        let input_buffer = &Buffer::from(input_config.as_bytes());
+        let success = new(tree_height, input_buffer, rln_pointer.as_mut_ptr());
+        assert!(success, "RLN object creation failed");
+        let rln_pointer = unsafe { &mut *rln_pointer.assume_init() };
+
+        let seed_bytes: &[u8] = &[0, 1, 2, 3, 4, 5, 6, 7, 8, 9];
+        let input_buffer = &Buffer::from(seed_bytes);
+
+        let success = set_metadata(rln_pointer, input_buffer);
+        assert!(success, "set_metadata call failed");
+
+        let mut output_buffer = MaybeUninit::<Buffer>::uninit();
+        let success = get_metadata(rln_pointer, output_buffer.as_mut_ptr());
+        assert!(success, "get_metadata call failed");
+
+        let output_buffer = unsafe { output_buffer.assume_init() };
+        let result_data = <&[u8]>::from(&output_buffer).to_vec();
+
+        assert_eq!(result_data, seed_bytes.to_vec());
+    }
 }

rln/tests/protocol.rs

@@ -1,5 +1,6 @@
 #[cfg(test)]
 mod test {
+    use ark_ff::BigInt;
     use rln::circuit::{
         circom_from_folder, vk_from_folder, zkey_from_folder, Fr, TEST_RESOURCES_FOLDER,
         TEST_TREE_HEIGHT,
@@ -13,152 +14,57 @@ mod test {
     type ConfigOf<T> = <T as ZerokitMerkleTree>::Config;
 
     // Input generated with https://github.com/oskarth/zk-kit/commit/b6a872f7160c7c14e10a0ea40acab99cbb23c9a8
-    const WITNESS_JSON_15: &str = r#"
-            {
-              "identity_secret": "12825549237505733615964533204745049909430608936689388901883576945030025938736",
-              "path_elements": [
-                "18622655742232062119094611065896226799484910997537830749762961454045300666333",
-                "20590447254980891299813706518821659736846425329007960381537122689749540452732",
-                "7423237065226347324353380772367382631490014989348495481811164164159255474657",
-                "11286972368698509976183087595462810875513684078608517520839298933882497716792",
-                "3607627140608796879659380071776844901612302623152076817094415224584923813162",
-                "19712377064642672829441595136074946683621277828620209496774504837737984048981",
-                "20775607673010627194014556968476266066927294572720319469184847051418138353016",
-                "3396914609616007258851405644437304192397291162432396347162513310381425243293",
-                "21551820661461729022865262380882070649935529853313286572328683688269863701601",
-                "6573136701248752079028194407151022595060682063033565181951145966236778420039",
-                "12413880268183407374852357075976609371175688755676981206018884971008854919922",
-                "14271763308400718165336499097156975241954733520325982997864342600795471836726",
-                "20066985985293572387227381049700832219069292839614107140851619262827735677018",
-                "9394776414966240069580838672673694685292165040808226440647796406499139370960",
-                "11331146992410411304059858900317123658895005918277453009197229807340014528524"
-              ],
-              "identity_path_index": [
-                1,
-                1,
-                0,
-                0,
-                0,
-                0,
-                0,
-                0,
-                0,
-                0,
-                0,
-                0,
-                0,
-                0,
-                0
-              ],
-              "x": "8143228284048792769012135629627737459844825626241842423967352803501040982",
-              "epoch": "0x0000005b612540fc986b42322f8cb91c2273afad58ed006fdba0c97b4b16b12f",
-              "rln_identifier": "11412926387081627876309792396682864042420635853496105400039841573530884328439"
-            }
-        "#;
-
-    // Input generated with protocol::random_rln_witness
-    const WITNESS_JSON_19: &str = r#"
-            {
-              "identity_secret": "922538810348594125658702672067738675294669207539999802857585668079702330450",
-              "path_elements": [
-                  "16059714054680148404543504061485737353203416489071538960876865983954285286166",
-                  "3041470753871943901334053763207316028823782848445723460227667780327106380356",
-                  "2557297527793326315072058421057853700096944625924483912548759909801348042183",
-                  "6677578602456189582427063963562590713054668181987223110955234085327917303436",
-                  "2250827150965576973906150764756422151438812678308727218463995574869267980301",
-                  "1895457427602709606993445561553433669787657053834360973759981803464906070980",
-                  "11033689991077061346803816826729204895841441316315304395980565540264104346466",
-                  "18588752216879570844240300406954267039026327526134910835334500497981810174976",
-                  "19346480964028499661277403659363466542857230928032088490855656809181891953123",
-                  "21460193770370072688835316363068413651465631481105148051902686770759127189327",
-                  "20906347653364838502964722817589315918082261023317339146393355650507243340078",
-                  "13466599592974387800162739317046838825289754472645703919149409009404541432954",
-                  "9617165663598957201253074168824246164494443748556931540348223968573884172285",
-                  "6936463137584425684797785981770877165377386163416057257854261010817156666898",
-                  "369902028235468424790098825415813437044876310542601948037281422841675126849",
-                  "13510969869821080499683463562609720931680005714401083864659516045615497273644",
-                  "2567921390740781421487331055530491683313154421589525170472201828596388395736",
-                  "14360870889466292805403568662660511177232987619663547772298178013674025998478",
-                  "4735344599616284973799984501493858013178071155960162022656706545116168334293"
-              ],
-              "identity_path_index": [
-                  1,
-                  0,
-                  1,
-                  0,
-                  1,
-                  1,
-                  0,
-                  0,
-                  1,
-                  1,
-                  1,
-                  0,
-                  0,
-                  0,
-                  1,
-                  0,
-                  1,
-                  1,
-                  0
-              ],
-              "x": "6427050788896290028100534859169645070970780055911091444144195464808120686416",
-              "epoch": "0x2bd155d9f85c741044da6909d144f9cc5ce8e0d545a9ed4921b156e8b8569bab",
-              "rln_identifier": "2193983000213424579594329476781986065965849144986973472766961413131458022566"
-            }
-        "#;
-
     const WITNESS_JSON_20: &str = r#"
             {
-              "identity_secret": "13732353453861280511150022598793312186188599006979552959297495195757997428306",
-              "path_elements": [
-                  "20463525608687844300981085488128968694844212760055234622292326942405619575964",
-                  "8040856403709217901175408904825741112286158901303127670929462145501210871313",
-                  "3776499751255585163563840252112871568402966629435152937692711318702338789837",
-                  "19415813252626942110541463414404411443562242499365750694284604341271149125679",
-                  "19414720788761208006634240390286942738242262010168559813148115573784354129237",
-                  "17680594732844291740094158892269696200077963275550625226493856898849422516043",
-                  "16009199741350632715210088346611798597033333293348807000623441780059543674510",
-                  "18743496911007535170857676824393811326863602477260615792503039058813338644738",
-                  "1029572792321380246989475723806770724699749375691788486434716005338938722216",
-                  "21713138150151063186050010182615713685603650963220209951496401043119768920892",
-                  "6713732504049401389983008178456811894856018247924860823028704114266363984580",
-                  "2746686888799473963221285145390361693256731812094259845879519459924507786594",
-                  "18620748467731297359505500266677881218553438497271819903304075323783392031715",
-                  "2446201221122671119406471414204229600430018713181038717206670749886932158104",
-                  "12037171942017611311954851302868199608036334625783560875426350283156617524597",
-                  "21798743392351780927808323348278035105395367759688979232116905142049921734349",
-                  "17450230289417496971557215666910229260621413088991137405744457922069827319039",
-                  "20936854099128086256353520300046664152516566958630447858438908748907198510485",
-                  "13513344965831154386658059617477268600255664386844920822248038939666265737046",
-                  "15546319496880899251450021422131511560001766832580480193115646510655765306630"
-
-              ],
-              "identity_path_index": [
-                  0,
-                  1,
-                  0,
-                  0,
-                  1,
-                  1,
-                  0,
-                  0,
-                  1,
-                  1,
-                  0,
-                  0,
-                  0,
-                  1,
-                  0,
-                  1,
-                  1,
-                  0,
-                  0,
-                  0
-              ],
-              "x": "18073935665561339809445069958310044423750771681863480888589546877024349720547",
-              "epoch": "0x147e4c23a43a1ddca78d94bcd28147f62ca74b3dc7e56bb0a314a954b9f0e567",
-              "rln_identifier": "2193983000213424579594329476781986065965849144986973472766961413131458022566"
+                "externalNullifier": "21074405743803627666274838159589343934394162804826017440941339048886754734203",
+                "identityPathIndex": [
+                    1,
+                    1,
+                    1,
+                    0,
+                    1,
+                    0,
+                    1,
+                    0,
+                    1,
+                    0,
+                    1,
+                    0,
+                    0,
+                    0,
+                    0,
+                    0,
+                    1,
+                    1,
+                    1,
+                    0
+                ],
+                "identitySecret": "2301650865650889795878889082892690584512243988708213561328369865554257051708",
+                "messageId": "1",
+                "pathElements": [
+                    "14082964758224722211945379872337797638951236517417253447686770846170014042825",
+                    "6628418579821163687428454604867534487917867918886059133241840211975892987309",
+                    "12745863228198753394445659605634840709296716381893463421165313830643281758511",
+                    "56118267389743063830320351452083247040583061493621478539311100137113963555",
+                    "3648731943306935051357703221473866306053186513730785325303257057776816073765",
+                    "10548621390442503192989374711060717107954536293658152583621924810330521179016",
+                    "11741160669079729961275351458682156164905457324981803454515784688429276743441",
+                    "17165464309215350864730477596846156251863702878546777829650812432906796008534",
+                    "18947162586829418653666557598416458949428989734998924978331450666032720066913",
+                    "8809427088917589399897132358419395928548406347152047718919154153577297139202",
+                    "6261460226929242970747566981077801929281729646713842579109271945192964422300",
+                    "13871468675790284383809887052382100311103716176061564908030808887079542722597",
+                    "10413964486611723004584705484327518190402370933255450052832412709168190985805",
+                    "3978387560092078849178760154060822400741873818692524912249877867958842934383",
+                    "14014915591348694328771517896715085647041518432952027841088176673715002508448",
+                    "17680675606519345547327984724173632294904524423937145835611954334756161077843",
+                    "17107175244885276119916848057745382329169223109661217238296871427531065458152",
+                    "18326186549441826262593357123467931475982067066825042001499291800252145875109",
+                    "7043961192177345916232559778383741091053414803377017307095275172896944935996",
+                    "2807630271073553218355393059254209097448243975722083008310815929736065268921"
+                ],
+                "userMessageLimit": "100",
+                "x": "20645213238265527935869146898028115621427162613172918400241870500502509785943"
             }
         "#;
 
@@ -170,7 +76,8 @@ mod test {
 
         // generate identity
         let identity_secret_hash = hash_to_field(b"test-merkle-proof");
-        let id_commitment = poseidon_hash(&vec![identity_secret_hash]);
+        let id_commitment = poseidon_hash(&[identity_secret_hash]);
+        let rate_commitment = poseidon_hash(&[id_commitment, 100.into()]);
 
         // generate merkle tree
         let default_leaf = Fr::from(0);
@@ -180,37 +87,21 @@ mod test {
             ConfigOf::<PoseidonTree>::default(),
         )
         .unwrap();
-        tree.set(leaf_index, id_commitment.into()).unwrap();
+        tree.set(leaf_index, rate_commitment.into()).unwrap();
 
         // We check correct computation of the root
         let root = tree.root();
 
-        if TEST_TREE_HEIGHT == 15 {
+        if TEST_TREE_HEIGHT == 20 || TEST_TREE_HEIGHT == 32 {
             assert_eq!(
                 root,
-                str_to_fr(
-                    "0x1984f2e01184aef5cb974640898a5f5c25556554e2b06d99d4841badb8b198cd",
-                    16
-                )
-                .unwrap()
-            );
-        } else if TEST_TREE_HEIGHT == 19 {
-            assert_eq!(
-                root,
-                str_to_fr(
-                    "0x219ceb53f2b1b7a6cf74e80d50d44d68ecb4a53c6cc65b25593c8d56343fb1fe",
-                    16
-                )
-                .unwrap()
-            );
-        } else if TEST_TREE_HEIGHT == 20 {
-            assert_eq!(
-                root,
-                str_to_fr(
-                    "0x21947ffd0bce0c385f876e7c97d6a42eec5b1fe935aab2f01c1f8a8cbcc356d2",
-                    16
-                )
-                .unwrap()
+                BigInt([
+                    4939322235247991215,
+                    5110804094006647505,
+                    4427606543677101242,
+                    910933464535675827
+                ])
+                .into()
             );
         }
 
@@ -302,7 +193,7 @@ mod test {
             vec![1, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0];
 
         // We add the remaining elements for the case TEST_TREE_HEIGHT = 20
-        if TEST_TREE_HEIGHT == 19 || TEST_TREE_HEIGHT == 20 {
+        if TEST_TREE_HEIGHT == 20 {
             expected_path_elements.append(&mut vec![
                 str_to_fr(
                     "0x22f98aa9ce704152ac17354914ad73ed1167ae6596af510aa5b3649325e06c92",
@@ -341,7 +232,7 @@ mod test {
         assert_eq!(identity_path_index, expected_identity_path_index);
 
         // We check correct verification of the proof
-        assert!(tree.verify(&id_commitment, &merkle_proof).unwrap());
+        assert!(tree.verify(&rate_commitment, &merkle_proof).unwrap());
     }
 
     #[test]
@@ -353,24 +244,12 @@ mod test {
         let builder = circom_from_folder(TEST_RESOURCES_FOLDER).unwrap();
 
         // We compute witness from the json input example
-        let mut witness_json: &str = "";
-
-        if TEST_TREE_HEIGHT == 15 {
-            witness_json = WITNESS_JSON_15;
-        } else if TEST_TREE_HEIGHT == 19 {
-            witness_json = WITNESS_JSON_19;
-        } else if TEST_TREE_HEIGHT == 20 {
-            witness_json = WITNESS_JSON_20;
-        }
-
-        let rln_witness = rln_witness_from_json(witness_json);
-
-        let rln_witness_unwrapped = rln_witness.unwrap();
+        let witness_json = WITNESS_JSON_20;
+        let rln_witness = rln_witness_from_json(witness_json).unwrap();
 
         // Let's generate a zkSNARK proof
-        let proof = generate_proof(builder, &proving_key, &rln_witness_unwrapped).unwrap();
-
-        let proof_values = proof_values_from_witness(&rln_witness_unwrapped);
+        let proof = generate_proof(builder, &proving_key, &rln_witness).unwrap();
+        let proof_values = proof_values_from_witness(&rln_witness).unwrap();
 
         // Let's verify the proof
         let verified = verify_proof(&verification_key, &proof, &proof_values);
@@ -386,6 +265,8 @@ mod test {
 
         // Generate identity pair
         let (identity_secret_hash, id_commitment) = keygen();
+        let user_message_limit = Fr::from(100);
+        let rate_commitment = poseidon_hash(&[id_commitment, user_message_limit]);
 
         //// generate merkle tree
         let default_leaf = Fr::from(0);
@@ -395,7 +276,7 @@ mod test {
             ConfigOf::<PoseidonTree>::default(),
         )
         .unwrap();
-        tree.set(leaf_index, id_commitment.into()).unwrap();
+        tree.set(leaf_index, rate_commitment.into()).unwrap();
 
         let merkle_proof = tree.proof(leaf_index).expect("proof should exist");
 
@@ -404,14 +285,18 @@ mod test {
 
         // We set the remaining values to random ones
         let epoch = hash_to_field(b"test-epoch");
-        //let rln_identifier = hash_to_field(b"test-rln-identifier");
+        let rln_identifier = hash_to_field(b"test-rln-identifier");
+        let external_nullifier = poseidon_hash(&[epoch, rln_identifier]);
 
         let rln_witness: RLNWitnessInput = rln_witness_from_values(
             identity_secret_hash,
             &merkle_proof,
             x,
-            epoch, /*, rln_identifier*/
-        );
+            external_nullifier,
+            user_message_limit,
+            Fr::from(1),
+        )
+        .unwrap();
 
         // We generate all relevant keys
         let proving_key = zkey_from_folder(TEST_RESOURCES_FOLDER).unwrap();
@@ -421,7 +306,7 @@ mod test {
         // Let's generate a zkSNARK proof
         let proof = generate_proof(builder, &proving_key, &rln_witness).unwrap();
 
-        let proof_values = proof_values_from_witness(&rln_witness);
+        let proof_values = proof_values_from_witness(&rln_witness).unwrap();
 
         // Let's verify the proof
         let success = verify_proof(&verification_key, &proof, &proof_values).unwrap();
@@ -432,15 +317,7 @@ mod test {
     #[test]
     fn test_witness_serialization() {
         // We test witness serialization
-        let mut witness_json: &str = "";
-
-        if TEST_TREE_HEIGHT == 15 {
-            witness_json = WITNESS_JSON_15;
-        } else if TEST_TREE_HEIGHT == 19 {
-            witness_json = WITNESS_JSON_19;
-        } else if TEST_TREE_HEIGHT == 20 {
-            witness_json = WITNESS_JSON_20;
-        }
+        let witness_json: &str = WITNESS_JSON_20;
 
         let rln_witness = rln_witness_from_json(witness_json).unwrap();
 
@@ -449,7 +326,7 @@ mod test {
         assert_eq!(rln_witness, deser);
 
         // We test Proof values serialization
-        let proof_values = proof_values_from_witness(&rln_witness);
+        let proof_values = proof_values_from_witness(&rln_witness).unwrap();
         let ser = serialize_proof_values(&proof_values);
         let (deser, _) = deserialize_proof_values(&ser);
         assert_eq!(proof_values, deser);

rln/tests/public.rs

@@ -1,5 +1,6 @@
 #[cfg(test)]
 mod test {
+    use ark_ff::BigInt;
     use ark_std::{rand::thread_rng, UniformRand};
     use rand::Rng;
     use rln::circuit::{Fr, TEST_RESOURCES_FOLDER, TEST_TREE_HEIGHT};
@@ -15,6 +16,7 @@ mod test {
     fn test_merkle_proof() {
         let tree_height = TEST_TREE_HEIGHT;
         let leaf_index = 3;
+        let user_message_limit = 1;
 
         let input_buffer =
             Cursor::new(json!({ "resources_folder": TEST_RESOURCES_FOLDER }).to_string());
@@ -23,9 +25,10 @@ mod test {
         // generate identity
         let identity_secret_hash = hash_to_field(b"test-merkle-proof");
         let id_commitment = utils_poseidon_hash(&vec![identity_secret_hash]);
+        let rate_commitment = utils_poseidon_hash(&[id_commitment, user_message_limit.into()]);
 
-        // We pass id_commitment as Read buffer to RLN's set_leaf
-        let mut buffer = Cursor::new(fr_to_bytes_le(&id_commitment));
+        // We pass rate_commitment as Read buffer to RLN's set_leaf
+        let mut buffer = Cursor::new(fr_to_bytes_le(&rate_commitment));
         rln.set_leaf(leaf_index, &mut buffer).unwrap();
 
         // We check correct computation of the root
@@ -33,25 +36,17 @@ mod test {
         rln.get_root(&mut buffer).unwrap();
         let (root, _) = bytes_le_to_fr(&buffer.into_inner());
 
-        if TEST_TREE_HEIGHT == 15 {
+        if TEST_TREE_HEIGHT == 20 {
             assert_eq!(
                 root,
-                str_to_fr(
-                    "0x1984f2e01184aef5cb974640898a5f5c25556554e2b06d99d4841badb8b198cd",
-                    16
-                )
-                .unwrap()
+                Fr::from(BigInt([
+                    17110646155607829651,
+                    5040045984242729823,
+                    6965416728592533086,
+                    2328960363755461975
+                ]))
             );
-        } else if TEST_TREE_HEIGHT == 19 {
-            assert_eq!(
-                root,
-                str_to_fr(
-                    "0x219ceb53f2b1b7a6cf74e80d50d44d68ecb4a53c6cc65b25593c8d56343fb1fe",
-                    16
-                )
-                .unwrap()
-            );
-        } else if TEST_TREE_HEIGHT == 20 {
+        } else if TEST_TREE_HEIGHT == 32 {
             assert_eq!(
                 root,
                 str_to_fr(
@@ -153,7 +148,7 @@ mod test {
             vec![1, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0];
 
         // We add the remaining elements for the case TEST_TREE_HEIGHT = 20
-        if TEST_TREE_HEIGHT == 19 || TEST_TREE_HEIGHT == 20 {
+        if TEST_TREE_HEIGHT == 20 || TEST_TREE_HEIGHT == 32 {
             expected_path_elements.append(&mut vec![
                 str_to_fr(
                     "0x22f98aa9ce704152ac17354914ad73ed1167ae6596af510aa5b3649325e06c92",
@@ -192,8 +187,12 @@ mod test {
         assert_eq!(identity_path_index, expected_identity_path_index);
 
         // We double check that the proof computed from public API is correct
-        let root_from_proof =
-            compute_tree_root(&id_commitment, &path_elements, &identity_path_index, false);
+        let root_from_proof = compute_tree_root(
+            &identity_secret_hash,
+            &user_message_limit.into(),
+            &path_elements,
+            &identity_path_index,
+        );
 
         assert_eq!(root, root_from_proof);
     }

semaphore/Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "semaphore-wrapper"
-version = "0.1.0"
+version = "0.3.0"
 edition = "2021"
 license = "MIT OR Apache-2.0"
 
@@ -21,7 +21,7 @@ color-eyre = "0.6.1"
 once_cell = "1.8"
 rand = "0.8.4"
 semaphore = { git = "https://github.com/worldcoin/semaphore-rs", rev = "ee658c2"}
-ethers-core = { git = "https://github.com/gakonst/ethers-rs", default-features = false }
+ethers-core = { version = "2.0.8", default-features = false }
 ruint = { version = "1.2.0", features = [ "serde", "num-bigint", "ark-ff" ] }
 serde = "1.0"
 thiserror = "1.0.0"
@@ -47,4 +47,4 @@ opt-level = 3
 # Dependencies are optimized, even in a dev build. This improves dev performance
 # while having neglible impact on incremental build times.
 [profile.dev.package."*"]
-opt-level = 3
+opt-level = 3

utils/Cargo.toml

@@ -1,24 +1,36 @@
 [package]
-name = "utils"
-version = "0.1.0"
+name = "zerokit_utils"
+version = "0.4.1"
 edition = "2021"
 license = "MIT OR Apache-2.0"
+description = "Various utilities for Zerokit"
+documentation = "https://github.com/vacp2p/zerokit"
+homepage = "https://vac.dev"
+repository = "https://github.com/vacp2p/zerokit"
+
+[lib]
+bench = false
 
 [dependencies]
 ark-ff = { version = "=0.4.1", default-features = false, features = ["asm"] }
 num-bigint = { version = "=0.4.3", default-features = false, features = ["rand"] }
 color-eyre = "=0.6.2"
-pmtree = { git = "https://github.com/Rate-Limiting-Nullifier/pmtree", rev = "bf27d4273b34a7f4ec3c77cdf67fb17a5602504a", optional = true}
+pmtree = { package = "pmtree", version = "=2.0.0", optional = true}
 sled = "=0.34.7"
-serde = "1.0.44"
+serde = "=1.0.163"
 
 [dev-dependencies]
 ark-bn254 = "=0.4.0"
-num-traits = "0.2.11"
-hex-literal = "0.3.4"
-tiny-keccak = { version = "2.0.2", features = ["keccak"] }
+num-traits = "=0.2.15"
+hex-literal = "=0.3.4"
+tiny-keccak = { version = "=2.0.2", features = ["keccak"] }
+criterion = { version = "=0.4.0", features = ["html_reports"] }
 
 [features]
 default = ["parallel"]
 parallel = ["ark-ff/parallel"]
 pmtree-ft = ["pmtree"]
+
+[[bench]]
+name = "merkle_tree_benchmark"
+harness = false

utils/Makefile.toml

@@ -5,3 +5,7 @@ args = ["build", "--release"]
 [tasks.test]
 command = "cargo"
 args = ["test", "--release"]
+
+[tasks.bench]
+command = "cargo"
+args = ["bench"]

utils/README.md

@@ -0,0 +1,15 @@
+# Utils crate
+
+## Building
+
+1. `cargo build`
+
+## Testing
+
+1. `cargo test`
+
+## Benchmarking
+
+1. `cargo bench`
+
+To view the results of the benchmark, open the `target/criterion/report/index.html` file generated after the bench

utils/benches/merkle_tree_benchmark.rs

@@ -0,0 +1,119 @@
+use criterion::{criterion_group, criterion_main, Criterion};
+use hex_literal::hex;
+use tiny_keccak::{Hasher as _, Keccak};
+use zerokit_utils::{
+    FullMerkleConfig, FullMerkleTree, Hasher, OptimalMerkleConfig, OptimalMerkleTree,
+    ZerokitMerkleTree,
+};
+
+#[derive(Clone, Copy, Eq, PartialEq)]
+struct Keccak256;
+
+impl Hasher for Keccak256 {
+    type Fr = [u8; 32];
+
+    fn default_leaf() -> Self::Fr {
+        [0; 32]
+    }
+
+    fn hash(inputs: &[Self::Fr]) -> Self::Fr {
+        let mut output = [0; 32];
+        let mut hasher = Keccak::v256();
+        for element in inputs {
+            hasher.update(element);
+        }
+        hasher.finalize(&mut output);
+        output
+    }
+}
+
+pub fn optimal_merkle_tree_benchmark(c: &mut Criterion) {
+    let mut tree =
+        OptimalMerkleTree::<Keccak256>::new(2, [0; 32], OptimalMerkleConfig::default()).unwrap();
+
+    let leaves = [
+        hex!("0000000000000000000000000000000000000000000000000000000000000001"),
+        hex!("0000000000000000000000000000000000000000000000000000000000000002"),
+        hex!("0000000000000000000000000000000000000000000000000000000000000003"),
+        hex!("0000000000000000000000000000000000000000000000000000000000000004"),
+    ];
+
+    c.bench_function("OptimalMerkleTree::set", |b| {
+        b.iter(|| {
+            tree.set(0, leaves[0]).unwrap();
+        })
+    });
+
+    c.bench_function("OptimalMerkleTree::delete", |b| {
+        b.iter(|| {
+            tree.delete(0).unwrap();
+        })
+    });
+
+    c.bench_function("OptimalMerkleTree::override_range", |b| {
+        b.iter(|| {
+            tree.override_range(0, leaves, [0, 1, 2, 3]).unwrap();
+        })
+    });
+
+    c.bench_function("OptimalMerkleTree::compute_root", |b| {
+        b.iter(|| {
+            tree.compute_root().unwrap();
+        })
+    });
+
+    c.bench_function("OptimalMerkleTree::get", |b| {
+        b.iter(|| {
+            tree.get(0).unwrap();
+        })
+    });
+}
+
+pub fn full_merkle_tree_benchmark(c: &mut Criterion) {
+    let mut tree =
+        FullMerkleTree::<Keccak256>::new(2, [0; 32], FullMerkleConfig::default()).unwrap();
+
+    let leaves = [
+        hex!("0000000000000000000000000000000000000000000000000000000000000001"),
+        hex!("0000000000000000000000000000000000000000000000000000000000000002"),
+        hex!("0000000000000000000000000000000000000000000000000000000000000003"),
+        hex!("0000000000000000000000000000000000000000000000000000000000000004"),
+    ];
+
+    c.bench_function("FullMerkleTree::set", |b| {
+        b.iter(|| {
+            tree.set(0, leaves[0]).unwrap();
+        })
+    });
+
+    c.bench_function("FullMerkleTree::delete", |b| {
+        b.iter(|| {
+            tree.delete(0).unwrap();
+        })
+    });
+
+    c.bench_function("FullMerkleTree::override_range", |b| {
+        b.iter(|| {
+            tree.override_range(0, leaves, [0, 1, 2, 3]).unwrap();
+        })
+    });
+
+    c.bench_function("FullMerkleTree::compute_root", |b| {
+        b.iter(|| {
+            tree.compute_root().unwrap();
+        })
+    });
+
+    c.bench_function("FullMerkleTree::get", |b| {
+        b.iter(|| {
+            tree.get(0).unwrap();
+        })
+    });
+}
+
+criterion_group!(
+    benches,
+    optimal_merkle_tree_benchmark,
+    full_merkle_tree_benchmark
+);
+criterion_main!(benches);

utils/src/merkle_tree/full_merkle_tree.rs

@@ -29,6 +29,9 @@ pub struct FullMerkleTree<H: Hasher> {
     // The next available (i.e., never used) tree index. Equivalently, the number of leaves added to the tree
     // (deletions leave next_index unchanged)
     next_index: usize,
+
+    // metadata that an application may use to store additional information
+    metadata: Vec<u8>,
 }
 
 /// Element of a Merkle proof
@@ -94,9 +97,14 @@ where
             cached_nodes,
             nodes,
             next_index,
+            metadata: Vec::new(),
         })
     }
 
+    fn close_db_connection(&mut self) -> Result<()> {
+        Ok(())
+    }
+
     // Returns the depth of the tree
     fn depth(&self) -> usize {
         self.depth
@@ -234,6 +242,15 @@ where
     fn compute_root(&mut self) -> Result<FrOf<Self::Hasher>> {
         Ok(self.root())
     }
+
+    fn set_metadata(&mut self, metadata: &[u8]) -> Result<()> {
+        self.metadata = metadata.to_vec();
+        Ok(())
+    }
+
+    fn metadata(&self) -> Result<Vec<u8>> {
+        Ok(self.metadata.to_vec())
+    }
 }
 
 impl<H: Hasher> FullMerkleTree<H>

utils/src/merkle_tree/merkle_tree.rs

@@ -63,6 +63,9 @@ pub trait ZerokitMerkleTree {
     fn delete(&mut self, index: usize) -> Result<()>;
     fn proof(&self, index: usize) -> Result<Self::Proof>;
     fn verify(&self, leaf: &FrOf<Self::Hasher>, witness: &Self::Proof) -> Result<bool>;
+    fn set_metadata(&mut self, metadata: &[u8]) -> Result<()>;
+    fn metadata(&self) -> Result<Vec<u8>>;
+    fn close_db_connection(&mut self) -> Result<()>;
 }
 
 pub trait ZerokitMerkleProof {

utils/src/merkle_tree/optimal_merkle_tree.rs

@@ -30,6 +30,9 @@ where
     // The next available (i.e., never used) tree index. Equivalently, the number of leaves added to the tree
     // (deletions leave next_index unchanged)
     next_index: usize,
+
+    // metadata that an application may use to store additional information
+    metadata: Vec<u8>,
 }
 
 /// The Merkle proof
@@ -76,9 +79,14 @@ where
             depth,
             nodes: HashMap::new(),
             next_index: 0,
+            metadata: Vec::new(),
         })
     }
 
+    fn close_db_connection(&mut self) -> Result<()> {
+        Ok(())
+    }
+
     // Returns the depth of the tree
     fn depth(&self) -> usize {
         self.depth
@@ -216,6 +224,15 @@ where
         self.recalculate_from(0)?;
         Ok(self.root())
     }
+
+    fn set_metadata(&mut self, metadata: &[u8]) -> Result<()> {
+        self.metadata = metadata.to_vec();
+        Ok(())
+    }
+
+    fn metadata(&self) -> Result<Vec<u8>> {
+        Ok(self.metadata.to_vec())
+    }
 }
 
 impl<H: Hasher> OptimalMerkleTree<H>

utils/src/pm_tree/sled_adapter.rs

@@ -45,6 +45,15 @@ impl Database for SledDB {
         Ok(SledDB(db))
     }
 
+    fn close(&mut self) -> PmtreeResult<()> {
+        let _ = self.0.flush().map_err(|_| {
+            PmtreeErrorKind::DatabaseError(DatabaseErrorKind::CustomError(
+                "Cannot flush database".to_string(),
+            ))
+        })?;
+        Ok(())
+    }
+
     fn get(&self, key: DBKey) -> PmtreeResult<Option<Value>> {
         match self.0.get(key) {
             Ok(value) => Ok(value.map(|val| val.to_vec())),

utils/src/poseidon/poseidon_constants.rs

@@ -36,20 +36,12 @@ impl PoseidonGrainLFSR {
         assert!(is_field == 1);
 
         // b0, b1 describes the field
-        if is_field == 1 {
-            state[1] = true;
-        } else {
-            state[1] = false;
-        }
+        state[1] = is_field == 1;
 
         assert!(is_sbox_an_inverse == 0 || is_sbox_an_inverse == 1);
 
         // b2, ..., b5 describes the S-BOX
-        if is_sbox_an_inverse == 1 {
-            state[5] = true;
-        } else {
-            state[5] = false;
-        }
+        state[5] = is_sbox_an_inverse == 1;
 
         // b6, ..., b17 are the binary representation of n (prime_num_bits)
         {

utils/tests/merkle_tree.rs

@@ -3,7 +3,7 @@
 mod test {
     use hex_literal::hex;
     use tiny_keccak::{Hasher as _, Keccak};
-    use utils::{
+    use zerokit_utils::{
         FullMerkleConfig, FullMerkleTree, Hasher, OptimalMerkleConfig, OptimalMerkleTree,
         ZerokitMerkleProof, ZerokitMerkleTree,
     };

utils/tests/poseidon_constants.rs

@@ -3,7 +3,7 @@ mod test {
     use ark_bn254::Fr;
     use num_bigint::BigUint;
     use num_traits::Num;
-    use utils::poseidon_hash::Poseidon;
+    use zerokit_utils::poseidon_hash::Poseidon;
 
     const ROUND_PARAMS: [(usize, usize, usize, usize); 8] = [
         (2, 8, 56, 0),