Merkle Memberships Program; Clean up #2

chfanghr · 2023-09-20T11:30:08Z

No description provided.

src/library/plugin/pluginType.ts

src/library/tools/pluginServer/config.ts

src/library/tools/pluginServer/index.ts

src/plugins/passwordTree/common/passwordTreeProgram.ts

adamczykm · 2023-10-02T21:55:14Z

Additionally, I think that we will need to rethink the IProver interface. Good that we don't use it anywhere yet.

src/plugins/passwordTree/common/passwordTreeProgram.ts

fix port number

adamczykm · 2023-10-06T13:56:46Z

src/plugins/merkleMemberships/client/index.ts

It's a nice functional implementation but got noisy. Typescript syntax is not very beautiful it appears. I'll propose some changes.

src/plugins/merkleMemberships/common/merkleMembershipsProgram.ts

adamczykm

There are some changes required.
Please try to add some docstrings already. They don't have to be beautiful yet, but should explain the high-level operations of the code. To make it easier to understand how the proof is achieved etc.
Additionaly, we need the headless client to be able to test the flow of the updated plugin.
It can be done with another PR though.

src/plugins/merkleMemberships/server/index.ts

tsconfig.json

adamczykm

The leaf index problem is still unresolved. The server should be sending the entire tree or all the leaves to ensure anonimity.

src/library/tools/pluginServer/index.ts

src/plugins/merkleMemberships/client/index.ts

adamczykm · 2023-10-09T23:43:40Z

src/plugins/merkleMemberships/client/index.ts

+    )(proof);
+  }
+
+  async fetchPublicInputs(


The problem here is that asking for a specific index of the tree reveals the identity.
The only solution is to transfer the entire tree. Then it should be searched for the index and this way the witness could be generated.
If there's no easy way to serialize the tree then the list of all leaves should be send and the tree should be rebuilt.

This is apparently not very efficient. I don't see why this hurts anonymity - a client can always make a bunch of junk requests to confuse the server if the server decides to log the traffic.

Aside from that, I have some concerns regarding the security of this implementation - if someone knows the value x where Poseidon.hash([x]) == Field(0) and if any of the trees have one or more holes, we are screwed. Is this possible? Not so familiar with the poseidon hash algorithm.

src/plugins/merkleMemberships/server/index.ts

adamczykm

Approving before the deeper review.

chfanghr requested a review from adamczykm September 20, 2023 11:30

chfanghr changed the base branch from master to develop September 20, 2023 11:30

chfanghr changed the title ~~Store password tree root unchain~~ Store password tree root onchain Sep 20, 2023

chfanghr force-pushed the connor/simple-password-tree-root-update branch from ddb8b08 to f34c12f Compare September 28, 2023 14:14

chfanghr marked this pull request as ready for review September 28, 2023 14:15

use mina blockchain to storage the password tree root

2afdd64

chfanghr force-pushed the connor/simple-password-tree-root-update branch from f34c12f to 2afdd64 Compare September 28, 2023 14:18

Reorganize plugins structure. Fix imports.

33b3edb

adamczykm force-pushed the connor/simple-password-tree-root-update branch 4 times, most recently from b2319f6 to accb962 Compare October 2, 2023 21:39

Some renaming + changes to the password tree program

230514e

adamczykm force-pushed the connor/simple-password-tree-root-update branch from accb962 to 230514e Compare October 2, 2023 21:42

adamczykm suggested changes Oct 2, 2023

View reviewed changes

adamczykm reviewed Oct 3, 2023

View reviewed changes