Skip to content

Commit e6e3519

Browse files
jiangyy0824jiangyy0824
authored
Merge pull request #147 from tronprotocol/feature/verify_proofs
TIP-137: adjust encoding details
2 parents 4fdcc01 + 8f021ed commit e6e3519

File tree

1 file changed

+33
-14
lines changed

1 file changed

+33
-14
lines changed

tip-137.md

Lines changed: 33 additions & 14 deletions
Original file line numberDiff line numberDiff line change
@@ -97,52 +97,71 @@ The total input length of `verifyMintProof` is 1480 bytes. For the output, `resu
9797
`verifyTransferProof` function is used to verify the validity of zero-knowledge proof for shielded tokens transactions.
9898

9999
```
100-
bytes32[10][] input = abi.encode(nullifier, anchor, value_commitment, rk, zkproof);
101-
bytes32[9][] output = abi.encode(note_commitment, value_commitment, epk, zkproof);
100+
bytes32[10][] input;
102101
bytes32[2][] spend_authority_signature;
102+
bytes32[9][] output;
103103
(bool result, bytes memory msg) = verifyTransferProof(abi.encode(input, spend_authority_signature, output, bindingSignature, signHash, frontier, leafCount));
104+
105+
```
106+
107+
`input`, `spend_authority_signature` , and `output` are variable length arrays. The length of a single `input` is 320 bytes, it includes:
108+
109+
```
110+
[32 bytes for nullifier][32 bytes for anchor][32 bytes for value_commitment][32 bytes for epk][32 bytes for rk][192 bytes for zkproof]
111+
```
112+
113+
The length of a single `spend_authority_signature` is 64 bytes, it includes:
114+
115+
```
116+
[64 bytes for spend_authority_signature]
117+
```
118+
119+
The length of a single `output` is 288 bytes, it includes:
120+
121+
```
122+
[32 bytes for note_commitment][32 bytes for value_commitment][32 bytes for epk][192 bytes for zkproof]
104123
```
105124

106-
The parameters are specified as above.
125+
The other parameters are:
107126

108127
```
109-
[32 bytes for nullifier][32 bytes for anchor][32 bytes for value_commitment][32 bytes for epk][32 bytes for rk][192 bytes for zkproof][32 bytes for note_commitment][32 bytes for epk][192 bytes for zkproof][64 bytes for bindingSignature][32 bytes for signHash][1056 bytes for frontier][32 bytes for leafCount]
128+
[64 bytes for bindingSignature][32 bytes for signHash][1056 bytes for frontier][32 bytes for leafCount]
110129
```
111130

112-
The total input length of `verifyTransferProof` is variable. According to the input and output number in a `transfer` transaction, there are four scenarios:
131+
The total input length of `verifyTransferProof` is also variable. According to the input and output number in a `transfer` transaction, there are four scenarios:
113132

114133
- one input and one output
115134

116135
```
117-
[320 bytes for input][288 bytes for output][64 bytes for spend_authority_signature]
136+
[320 bytes for input][64 bytes for spend_authority_signature][288 bytes for output]
118137
```
119138

120-
The total input length of `verifyTransferProof` is 1856 bytes.
139+
The original total input length is 1856 bytes. Since the special encoding rule of `abi.encode(...)` for variable arrays, the total input length of `verifyTransferProof` is 2048 bytes.
121140

122141
- one input and two output
123142

124143
```
125-
[320 bytes for input][576 bytes for output][64 bytes for spend_authority_signature]
144+
[320 bytes for input][64 bytes for spend_authority_signature][576 bytes for output]
126145
```
127-
The total input length of `verifyTransferProof` is 2144 bytes.
146+
The original total input length is 2144 bytes. Since the special encoding rule of `abi.encode(...)` for variable arrays, the total input length of `verifyTransferProof` is 2336 bytes.
128147

129148
- two input and one output
130149

131150
```
132-
[640 bytes for input][288 bytes for output][128 bytes for spend_authority_signature]
151+
[640 bytes for input][128 bytes for spend_authority_signature][288 bytes for output]
133152
```
134153

135-
The total input length of `verifyTransferProof` is 2240 bytes.
154+
The original total input length is 2240 bytes. Since the special encoding rule of `abi.encode(...)` for variable arrays, the total input length of `verifyTransferProof` is 2432 bytes.
136155

137156
- Two input and two output
138157

139158
```
140-
[640 bytes for input][576 bytes for output][128 bytes for spend_authority_signature]
159+
[640 bytes for input][128 bytes for spend_authority_signature][576 bytes for output]
141160
```
142161

143-
The total input length of `verifyTransferProof` is 2528 bytes.
162+
The original total input length is 2528 bytes. Since the special encoding rule of `abi.encode(...)` for variable arrays, the total input length of `verifyTransferProof` is 2720 bytes.
144163

145-
For the output, `result` is a bool value to indicate whether the proof verification succeeds. The length of `msg` is 66 ~ 1058 bytes, which returns the node value to construct the Merkle tree. The time cost of `verifyTransferProof` function takes about 10~15 ms in parallel mode.
164+
For the output, `result` is a bool value to indicate whether the proof verification succeeds. The length of `msg` is 33 ~ 1058 bytes, which returns the node value to construct the Merkle tree. The time cost of `verifyTransferProof` function takes about 10~15 ms in parallel mode.
146165

147166
(3)`verifyBurnProof`
148167

0 commit comments

Comments
 (0)