📔Smart Contract Spec

SemaphoreZk3 Docs

Overview

This is a smart contract written in Solidity that allows the creation of circles, addition of members, and the ability to double signal. The contract is part of the SemaphoreZk3 project and is licensed under the MIT license. The contract uses Merkle trees to store the identities of the members and to verify the validity of the proofs. Additionally, the contract allows the content URI of each circle to be updated and provides events to notify external contracts of circle creation, signal broadcasting, and content URI updates.

Contract Details

Contract Address: 0xc37b46664Eb529A28B944E21daEcD8B11b0745dF

Prerequisites

The following interfaces are imported in the contract:

  • ISemaphoreZk3

  • ISemaphoreVerifier

And the following base contract is extended:

  • SemaphoreGroups

Functions

createCircle

This function creates a new circle with the provided circleId, coordinator, merkleTreeDepth, and contentURI.

function createCircle(
        uint256 circleId,
        address coordinator,
        uint256 merkleTreeDepth,
        string calldata contentURI
    ) public override

Parameters

  • circleId (uint256): The ID of the circle to create.

  • coordinator (address): The address of the coordinator for the circle.

  • merkleTreeDepth (uint256): The depth of the Merkle tree to use for the circle.

  • contentURI (string): The content URI associated with the circle.

addIdentity

This function adds an identity to a given circle.

function addIdentity(
        uint256 circleId,
        uint256 identityCommitment,
        string calldata contentURI
    ) public override onlyCoordinator(circleId)

Parameters

  • circleId (uint256): The ID of the circle to add the identity to.

  • identityCommitment (uint256): The identity commitment to add to the circle.

  • contentURI (string): The content URI associated with the identity.

revokeIdentity

This function revokes an identity from a given circle.

function revokeIdentity(
        uint256 circleId,
        uint256 identityCommitment,
        uint256[] calldata proofSiblings,
        uint8[] calldata proofPathIndices,
        string calldata contentURI
    ) public override onlyCoordinator(circleId)

Parameters

  • circleId (uint256): The ID of the circle to revoke the identity from.

  • identityCommitment (uint256): The identity commitment to revoke from the circle.

  • proofSiblings (uint256[]): The Merkle tree siblings of the identity commitment.

  • proofPathIndices (uint8[]): The Merkle tree path indices of the identity commitment.

  • contentURI (string): The content URI associated with the identity.

updateContentURI

This function updates the content URI associated with a given circle.

function updateContentURI(uint256 circleId, string calldata contentURI) public override onlyCoordinator(circleId)

Parameters

  • circleId (uint256): The ID of the circle to update the content URI for.

  • contentURI (string): The new content URI to associate with the circle.

getContentURI

This function gets the content URI associated with a given circle.

solidityCopy codefunction getContentURI(uint256 circleId) public view virtual override returns (string memory)

Parameters

  • circleId (uint256): The ID of the circle to get the content URI for.

Returns

  • string: The content URI associated with the given circle.

broadcastSignal

function broadcastSignal(
    uint256 signal,
    uint256 nullifierHash,
    uint256 circleId,
    uint256 externalNullifier,
    uint256[8] calldata proof
) public override onlyCoordinator(circleId)

This function is used to broadcast a signal to the members of a given circle. The signal can be any uint256 value, and the nullifierHash is a unique identifier for the signal that is used to prevent double-spending of the same signal.

The function takes the following parameters:

  • signal: The uint256 value of the signal to broadcast.

  • nullifierHash: A unique identifier for the signal that is used to prevent double-spending of the same signal.

  • circleId: The ID of the circle to broadcast the signal to.

  • externalNullifier: An external identifier for the signal that is used to prevent collusion between circles.

  • proof: An array of 8 uint256 values that represents the proof that the signal was computed correctly.

The function first checks if the doubleSpend flag for the given circle is false and if the nullifierHash is already used. If it is, the function reverts with a Semaphore__YouAreUsingTheSameNillifierTwice error. Otherwise, the function verifies the proof using the verifier contract, which checks that the signal is a valid member of the Merkle tree for the given circle, and that the nullifierHash and externalNullifier are unique.

If the proof is valid, the function marks the nullifierHash as used for the given circle and emits a MembershipVerified event with the circleId and signal as parameters.

isValidProof

function isValidProof(
    uint256 signal,
    uint256 nullifierHash,
    uint256 circleId,
    uint256 externalNullifier,
    uint256[8] calldata proof
) public view virtual override returns (bool)

This function is used to check if a given proof is valid for a given circle. The proof consists of a signal, a nullifier hash, and a set of 8 integers that represent the proof.

The function takes the following parameters:

  • signal: The uint256 value of the signal to verify.

  • nullifierHash: A unique identifier for the signal that is used to prevent double-spending of the same signal.

  • circleId: The ID of the circle to verify the proof for.

  • externalNullifier: An external identifier for the signal that is used to prevent collusion between circles.

  • proof: An array of 8 uint256 values that represents the proof to verify.

The function returns a boolean value that indicates whether the proof is valid or not. To verify the proof, the function calls the verifyProof function of the verifier contract, passing in the merkleTreeRoot, nullifierHash, signal, externalNullifier, and proof parameters. If the proof is valid, the function returns true. If the proof is invalid, the function reverts with an error.

Events

CircleCreated(uint256 indexed circleId, address coordinator)

Emitted when a new circle is created.

  • circleId: Id of the newly created circle.

  • coordinator: Address of the coordinator of the newly created circle.

MembershipVerified(uint256 indexed circleId, uint256 signal)

Emitted when a user successfully broadcasts a signal in a circle.

  • circleId: Id of the circle in which the signal is broadcasted.

  • signal: The signal broadcasted by the user.

CircleURIUpdated(uint256 indexed circleId, string contentURI)

Emitted when the content URI of a circle is updated.

  • circleId: Id of the circle which has its content URI updated.

  • contentURI: The new content URI of the circle.

Last updated