test: add test for on-chain zk verification

examples/CRISP/circuits/.gitignore

@@ -1,2 +1,3 @@
 target/
-Prover.toml 
+Prover.toml 
+crs

examples/CRISP/circuits/src/main.nr

@@ -18,16 +18,16 @@ use utils::{check_coefficient_values_with_balance, check_coefficient_zero};
 
 fn main(
     // Ciphertext Addition Section.
-    prev_ct0is: pub [Polynomial<2048>; 1],
-    prev_ct1is: pub [Polynomial<2048>; 1],
+    prev_ct0is: [Polynomial<2048>; 1],
+    prev_ct1is: [Polynomial<2048>; 1],
     sum_ct0is: [Polynomial<2048>; 1],
     sum_ct1is: [Polynomial<2048>; 1],
     sum_r0is: [Polynomial<2048>; 1],
     sum_r1is: [Polynomial<2048>; 1],
     // Greco Section.
-    params: pub Params<2048, 1>,
-    pk0is: pub [Polynomial<2048>; 1],
-    pk1is: pub [Polynomial<2048>; 1],
+    params: Params<2048, 1>,
+    pk0is: [Polynomial<2048>; 1],
+    pk1is: [Polynomial<2048>; 1],
     ct0is: [Polynomial<2048>; 1],
     ct1is: [Polynomial<2048>; 1],
     u: Polynomial<2048>,
@@ -45,17 +45,17 @@ fn main(
     signature: [u8; 64],
     hashed_message: [u8; 32],
     // Merkle Tree Section.
-    merkle_root: pub Field,
+    merkle_root: Field,
     merkle_proof_length: u32,
     merkle_proof_indices: [u1; 20],
     merkle_proof_siblings: [Field; 20],
     // Slot Address Section.
-    slot_address: pub Field,
+    slot_address: Field,
     // Balance Section.
     balance: Field,
     // Whether this is the first vote for this slot.
-    is_first_vote: pub bool,
-) -> pub ([Polynomial<2048>; 1], [Polynomial<2048>; 1]) {
+    is_first_vote: bool,
+) {
     // Verify the ECDSA signature.
     let is_signature_valid =
         verify_signature(hashed_message, public_key_x, public_key_y, signature);
@@ -118,7 +118,7 @@ fn main(
         // Verify the correct coefficient values and that the vote is <= balance
         check_coefficient_values_with_balance(k1, params.crypto_params().q_mod_t, balance);
 
-        (ct0is, ct1is)
+        // (ct0is, ct1is)
     } else {
         // check if vote == 0.
         let is_vote_zero = check_coefficient_zero(k1);
@@ -128,11 +128,11 @@ fn main(
         // If so, (ct0is, ct1is) should be returned.
 
         if is_first_vote {
-            (ct0is, ct1is)
+            // (ct0is, ct1is)
         } else {
             // check if the sum is valid
             assert(is_ct_add_valid);
-            (sum_ct0is, sum_ct1is)
+            // (sum_ct0is, sum_ct1is)
         }
     }
 }

examples/CRISP/client/libs/wasm/pkg/crisp_worker.js

@@ -4,38 +4,63 @@
 // without even the implied warranty of MERCHANTABILITY
 // or FITNESS FOR A PARTICULAR PURPOSE.
 
-import { EnclaveSDK, FheProtocol } from '@enclave-e3/sdk'
-import circuit from '../../noir/crisp_circuit.json'
+import {
+  encryptVoteAndGenerateCRISPInputs,
+  generateProofWithReturnValue,
+  VotingMode,
+  encodeVote,
+  encryptVote,
+  generateMerkleProof,
+  verifyProof,
+  hashLeaf,
+} from '@crisp-e3/sdk'
 
 self.onmessage = async function (event) {
   const { type, data } = event.data
   switch (type) {
     case 'encrypt_vote':
       try {
-        const { voteId, publicKey } = data
-        // use default params for now as they do not matter for what we are doing here,
-        // which is just encrypting the vote and generating a proof
-        const sdk = EnclaveSDK.create({
-          chainId: 31337,
-          contracts: {
-            enclave: '0xc6e7DF5E7b4f2A278906862b61205850344D4e7d',
-            ciphernodeRegistry: '0xc6e7DF5E7b4f2A278906862b61205850344D4e7d',
-          },
-          // local node
-          rpcUrl: 'http://localhost:8545',
-          // default Anvil private key
-          privateKey: '0xac0974bec39a17e36ba4a6b4d238ff944bacb478cbed5efcae784d7bf4f2ff80',
-          protocol: FheProtocol.BFV,
+        const { voteId, publicKey, address, signature, message } = data
+
+        // voteId is either 0 or 1, so we need to encode the vote accordingly.
+        // We are adapting to the current CRISP application.
+        const vote = voteId === 0 ? { yes: 0n, no: 1n } : { yes: 1n, no: 0n }
+        const balance = 1n
+
+        const leaf = hashLeaf(address.toLowerCase(), balance.toString())
+        // TODO: get the leaves from the server (pass them from the client).
+        const merkleProof = generateMerkleProof(0n, balance, address.toLowerCase(), [
+          leaf,
+          4720511075913887710172192848636076523165432993226978491435561065722130431597n,
+          14131255645332550266535358189863475289290770471998199141522479556687499890181n,
+        ])
+
+        const encodedVote = encodeVote(vote, VotingMode.GOVERNANCE, balance)
+        const encryptedVote = await encryptVote(encodedVote, publicKey)
+
+        const inputs = await encryptVoteAndGenerateCRISPInputs({
+          encodedVote,
+          publicKey,
+          previousCiphertext: encryptedVote,
+          signature,
+          message,
+          merkleData: merkleProof,
+          balance,
+          slotAddress: address.toLowerCase(),
+          isFirstVote: true,
         })
 
-        const result = await sdk.encryptNumberAndGenProof(voteId, publicKey, circuit)
+        const { proof, returnValue } = await generateProofWithReturnValue(inputs)
+
+        // TODO: returnValue is the encrypted vote. We need to convert it from Noir format to BFV format
+        // instead of using the encryptVote function (which should be removed from the SDK).
 
         self.postMessage({
           type: 'encrypt_vote',
           success: true,
           encryptedVote: {
-            vote: result.encryptedVote,
-            proofData: result.proof,
+            vote: encryptedVote,
+            proofData: proof,
           },
         })
       } catch (error) {

examples/CRISP/client/package.json

@@ -12,20 +12,17 @@
     "cli": "pnpm sh ./scripts/cli.sh",
     "dev": "vite --no-open --host",
     "dev-static": "NO_HOT=1 vite --no-open --host",
-    "build": "tsc && vite build",
+    "build:sdk": "pnpm -C ../packages/crisp-sdk build",
+    "build": "pnpm build:sdk && tsc && vite build",
     "lint": "eslint . --ext ts,tsx --report-unused-disable-directives --max-warnings 0",
     "preview": "vite preview",
     "predeploy": "pnpm run build",
     "deploy": "gh-pages -d dist"
   },
   "dependencies": {
-    "@aztec/bb.js": "^0.82.2",
+    "@crisp-e3/sdk": "workspace:*",
     "@emotion/babel-plugin": "^11.11.0",
     "@emotion/react": "^11.11.4",
-    "@enclave-e3/sdk": "^0.1.5",
-    "@noir-lang/acvm_js": "1.0.0-beta.3",
-    "@noir-lang/noir_js": "1.0.0-beta.3",
-    "@noir-lang/noirc_abi": "1.0.0-beta.3",
     "@phosphor-icons/react": "^2.1.4",
     "@svgr/rollup": "^8.1.0",
     "@tanstack/react-query": "^5.74.3",

examples/CRISP/client/src/context/voteManagement/VoteManagement.types.ts

@@ -27,7 +27,13 @@ export type VoteManagementContextType = {
   getPastPolls: () => Promise<void>
   setVotingRound: React.Dispatch<React.SetStateAction<VotingRound | null>>
   setUser: React.Dispatch<React.SetStateAction<{ address: string } | null>>
-  encryptVote: (voteId: bigint, publicKey: Uint8Array) => Promise<EncryptedVote | undefined>
+  encryptVote: (
+    voteId: bigint,
+    publicKey: Uint8Array,
+    address: string,
+    signature: string,
+    message: string,
+  ) => Promise<EncryptedVote | undefined>
   broadcastVote: (vote: BroadcastVoteRequest) => Promise<BroadcastVoteResponse | undefined>
   getRoundStateLite: (roundCount: number) => Promise<void>
   setPastPolls: React.Dispatch<React.SetStateAction<PollResult[]>>