Main Circuits
This iden3 circuits are the heart of the protocol. The main ones are:
stateTransition.circom, checks the execution of the identity state transtion by taking the old identity state and the new identity state as inputs.authentication.circom, checks that the prover is owner of an identity.credentialAtomicQueryMTP.circom, checks that a claim issued to the prover (and added to issuer's Claims Tree) satisfies a query set by the verifier.credentialAtomicQuerySig.circomchecks that a claim issued to the prover (and signed by the Issuer) satisfies a query set by the verifier.
You can find all the source code on Github - Iden3 Circuits and here are the details of the Iden3 Protocol Phase2 Trusted Setup Ceremony
stateTransition
Instantiation Parameters
nLevelsMerkle tree depth level for Claims tree
Inputs
| Input | Description | Public or Private |
|---|---|---|
| userID | Prover's Identifier | Public |
| oldUserState | Prover's Identity State (before transition) | Public |
| newUserState | Prover's Identity State (after transition) | Public |
| isOldStateGenesis | "1" indicates that the old state is genesis: it means that this is the first State Transition, otherwise "0" | Public |
| claimsTreeRoot | Prover's Claims Tree Root | Private |
| authClaimMtp[nLevels] | Merkle Tree Proof of Auth Claim inside Prover's Claims tree | Private |
| authClaim[8] | Prover's Auth Claim | Private |
| revTreeRoot | Prover's Revocation Tree Root | Private |
| authClaimNonRevMtp[nLevels] | Merkle Tree Proof of non membership of Auth Claim inside Prover's Revocation Tree | Private |
| authClaimNonRevMtpNoAux | Flag that indicates whether to check the auxiliary Node | Private |
| authClaimNonRevMtpAuxHv | Auxiliary Node Value | Private |
| authClaimNonRevMtpAuxHi | Auxiliary Node Index | Private |
| rootsTreeRoot | Prover's Roots Tree Root | Private |
| signatureR8x | Signature of the challenge (Rx point) | Private |
| signatureR8y | Signature of the challenge (Ry point) | Private |
| signatureS | Signature of the challenge (S point) | Private |
Scope
- If oldState is genesis, verifies that userID is derived from the oldUserState (= genesis state). Performed using
cutId(),cutState()andisEqual()templates - newUserState is different than zero using
isZero()comparator - oldUserState and newUserState are different using
isEqual() - Verifies user's identity ownership using
idOwnershipBySignature(nLevels)template. The message signed by the user isH(oldstate, newstate)whereHis a Poseidon hash function executed inside thePoseidon(nInputs)template
Circuit Specific Files (From Trusted Setup)
- Final zkey
circuit_final.zkey - Verification Key
verification_key.json - WASM Witness Generator `circuit.wasm
authentication
coming soon!
credentialAtomicQueryMTP
coming soon!
credentialAtomicQuerySig
coming soon!