Main Circuits
This iden3 circuits are the heart of the protocol. The main ones are:
stateTransition.circom
, checks the execution of the identity state transtion by taking the old identity state and the new identity state as inputs.authentication.circom
, checks that the prover is owner of an identity.credentialAtomicQueryMTP.circom
, checks that a claim issued to the prover (and added to issuer's Claims Tree) satisfies a query set by the verifier.credentialAtomicQuerySig.circom
checks that a claim issued to the prover (and signed by the Issuer) satisfies a query set by the verifier.
You can find all the source code on Github - Iden3 Circuits and here are the details of the Iden3 Protocol Phase2 Trusted Setup Ceremony
stateTransition
Instantiation Parameters
nLevels
Merkle tree depth level for Claims tree
Inputs
Input | Description | Public or Private |
---|---|---|
userID | Prover's Identifier | Public |
oldUserState | Prover's Identity State (before transition) | Public |
newUserState | Prover's Identity State (after transition) | Public |
isOldStateGenesis | "1" indicates that the old state is genesis: it means that this is the first State Transition, otherwise "0" | Public |
claimsTreeRoot | Prover's Claims Tree Root | Private |
authClaimMtp[nLevels] | Merkle Tree Proof of Auth Claim inside Prover's Claims tree | Private |
authClaim[8] | Prover's Auth Claim | Private |
revTreeRoot | Prover's Revocation Tree Root | Private |
authClaimNonRevMtp[nLevels] | Merkle Tree Proof of non membership of Auth Claim inside Prover's Revocation Tree | Private |
authClaimNonRevMtpNoAux | Flag that indicates whether to check the auxiliary Node | Private |
authClaimNonRevMtpAuxHv | Auxiliary Node Value | Private |
authClaimNonRevMtpAuxHi | Auxiliary Node Index | Private |
rootsTreeRoot | Prover's Roots Tree Root | Private |
signatureR8x | Signature of the challenge (Rx point) | Private |
signatureR8y | Signature of the challenge (Ry point) | Private |
signatureS | Signature of the challenge (S point) | Private |
Scope
- If oldState is genesis, verifies that userID is derived from the oldUserState (= genesis state). Performed using
cutId()
,cutState()
andisEqual()
templates - newUserState is different than zero using
isZero()
comparator - oldUserState and newUserState are different using
isEqual()
- Verifies user's identity ownership using
idOwnershipBySignature(nLevels)
template. The message signed by the user isH(oldstate, newstate)
whereH
is a Poseidon hash function executed inside thePoseidon(nInputs)
template
Circuit Specific Files (From Trusted Setup)
- Final zkey
circuit_final.zkey
- Verification Key
verification_key.json
- WASM Witness Generator `circuit.wasm
authentication
coming soon!
credentialAtomicQueryMTP
coming soon!
credentialAtomicQuerySig
coming soon!