Skip to main content

Nullifier

Nullifiers are used as a public commitment to a specific anonymous account, to forbid actions like double spending, or allow a consistent identity between anonymous actions.

RFC: https://github.com/o1-labs/o1js/issues/756

Paper: https://eprint.iacr.org/2022/1255.pdf

Extends

  • {"private": {"c": Field; "g_r": Group; "h_m_pk_r": Group; }; "public": {"nullifier": Group; "s": Scalar; }; "publicKey": Group; }

Constructors

new Nullifier()

new Nullifier(value: {
  "private": {
     "c": Field;
     "g_r": Group;
     "h_m_pk_r": Group;
    };
  "public": {
     "nullifier": Group;
     "s": Scalar;
    };
  "publicKey": Group;
 }): Nullifier

Parameters

value

value.private= undefined

value.private.c: Field= Field

value.private.g_r: Group= Group

value.private.h_m_pk_r: Group= Group

value.public= undefined

value.public.nullifier: Group= Group

value.public.s: Scalar= Scalar

value.publicKey: Group= Group

Returns

Nullifier

Inherited from

Struct({ publicKey: Group, public: { nullifier: Group, s: Scalar, }, private: { c: Field, g_r: Group, h_m_pk_r: Group, }, }).constructor

Source

lib/provable/types/struct.ts:148

Properties

private

private: {
  "c": Field;
  "g_r": Group;
  "h_m_pk_r": Group;
};

c

c: Field = Field;

g_r

g_r: Group = Group;

h_m_pk_r

h_m_pk_r: Group = Group;

Inherited from

Struct({ publicKey: Group, public: { nullifier: Group, s: Scalar, }, private: { c: Field, g_r: Group, h_m_pk_r: Group, }, }).private

Source

lib/provable/crypto/nullifier.ts:26

public

public: {
  "nullifier": Group;
  "s": Scalar;
};

nullifier

nullifier: Group = Group;

s

s: Scalar = Scalar;

Inherited from

Struct({ publicKey: Group, public: { nullifier: Group, s: Scalar, }, private: { c: Field, g_r: Group, h_m_pk_r: Group, }, }).public

Source

lib/provable/crypto/nullifier.ts:22

publicKey

publicKey: Group = Group;

Inherited from

Struct({ publicKey: Group, public: { nullifier: Group, s: Scalar, }, private: { c: Field, g_r: Group, h_m_pk_r: Group, }, }).publicKey

Source

lib/provable/crypto/nullifier.ts:21

_isStruct

static _isStruct: true;

Inherited from

Struct({ publicKey: Group, public: { nullifier: Group, s: Scalar, }, private: { c: Field, g_r: Group, h_m_pk_r: Group, }, })._isStruct

Source

lib/provable/types/struct.ts:148

check()

static check: (value: {
  "private": {
     "c": Field;
     "g_r": Group;
     "h_m_pk_r": Group;
    };
  "public": {
     "nullifier": Group;
     "s": Scalar;
    };
  "publicKey": Group;
 }) => void;

Add assertions to the proof to check if value is a valid member of type T. This function does not return anything, instead it creates any number of assertions to prove that value is a valid member of the type T.

For instance, calling check function on the type Bool asserts that the value of the element is either 1 or 0.

Parameters

value

the element of type T to put assertions on.

value.private= undefined

value.private.c: Field= Field

value.private.g_r: Group= Group

value.private.h_m_pk_r: Group= Group

value.public= undefined

value.public.nullifier: Group= Group

value.public.s: Scalar= Scalar

value.publicKey: Group= Group

Returns

void

Inherited from

Struct({ publicKey: Group, public: { nullifier: Group, s: Scalar, }, private: { c: Field, g_r: Group, h_m_pk_r: Group, }, }).check

Source

lib/provable/types/provable-intf.ts:76

empty()

static empty: () => {
  "private": {
     "c": Field;
     "g_r": Group;
     "h_m_pk_r": Group;
    };
  "public": {
     "nullifier": Group;
     "s": Scalar;
    };
  "publicKey": Group;
};

Returns

{
  "private": {
     "c": Field;
     "g_r": Group;
     "h_m_pk_r": Group;
    };
  "public": {
     "nullifier": Group;
     "s": Scalar;
    };
  "publicKey": Group;
}
private
private: {
  "c": Field;
  "g_r": Group;
  "h_m_pk_r": Group;
};
private.c
c: Field = Field;
private.g_r
g_r: Group = Group;
private.h_m_pk_r
h_m_pk_r: Group = Group;
public
public: {
  "nullifier": Group;
  "s": Scalar;
};
public.nullifier
nullifier: Group = Group;
public.s
s: Scalar = Scalar;
publicKey
publicKey: Group = Group;

Inherited from

Struct({ publicKey: Group, public: { nullifier: Group, s: Scalar, }, private: { c: Field, g_r: Group, h_m_pk_r: Group, }, }).empty

Source

lib/provable/types/struct.ts:158

fromFields()

static fromFields: (fields: Field[]) => {
  "private": {
     "c": Field;
     "g_r": Group;
     "h_m_pk_r": Group;
    };
  "public": {
     "nullifier": Group;
     "s": Scalar;
    };
  "publicKey": Group;
};

Parameters

fields: Field[]

Returns

{
  "private": {
     "c": Field;
     "g_r": Group;
     "h_m_pk_r": Group;
    };
  "public": {
     "nullifier": Group;
     "s": Scalar;
    };
  "publicKey": Group;
}
private
private: {
  "c": Field;
  "g_r": Group;
  "h_m_pk_r": Group;
};
private.c
c: Field = Field;
private.g_r
g_r: Group = Group;
private.h_m_pk_r
h_m_pk_r: Group = Group;
public
public: {
  "nullifier": Group;
  "s": Scalar;
};
public.nullifier
nullifier: Group = Group;
public.s
s: Scalar = Scalar;
publicKey
publicKey: Group = Group;

Inherited from

Struct({ publicKey: Group, public: { nullifier: Group, s: Scalar, }, private: { c: Field, g_r: Group, h_m_pk_r: Group, }, }).fromFields

Source

lib/provable/types/provable-intf.ts:115

fromValue

static fromValue: (x: {
  "private": {
     "c": Field;
     "g_r": Group;
     "h_m_pk_r": Group;
    };
  "public": {
     "nullifier": Group;
     "s": Scalar;
    };
  "publicKey": Group;
 } | {
  "private": {
     "c": Field;
     "g_r": Group;
     "h_m_pk_r": Group;
    };
  "public": {
     "nullifier": Group;
     "s": Scalar;
    };
  "publicKey": Group;
 }) => {
  "private": {
     "c": Field;
     "g_r": Group;
     "h_m_pk_r": Group;
    };
  "public": {
     "nullifier": Group;
     "s": Scalar;
    };
  "publicKey": Group;
 } & (value: {
  "private": {
     "c": Field;
     "g_r": Group;
     "h_m_pk_r": Group;
    };
  "public": {
     "nullifier": Group;
     "s": Scalar;
    };
  "publicKey": Group;
 }) => {
  "private": {
     "c": Field;
     "g_r": Group;
     "h_m_pk_r": Group;
    };
  "public": {
     "nullifier": Group;
     "s": Scalar;
    };
  "publicKey": Group;
};

Convert provable type from a normal JS type.

Inherited from

Struct({ publicKey: Group, public: { nullifier: Group, s: Scalar, }, private: { c: Field, g_r: Group, h_m_pk_r: Group, }, }).fromValue

Source

lib/provable/types/provable-intf.ts:86

toAuxiliary()

static toAuxiliary: (value?: {
  "private": {
     "c": Field;
     "g_r": Group;
     "h_m_pk_r": Group;
    };
  "public": {
     "nullifier": Group;
     "s": Scalar;
    };
  "publicKey": Group;
 }) => any[];

A function that takes value (optional), an element of type T, as argument and returns an array of any type that make up the "auxiliary" (non-provable) data of value.

Parameters

value?

the element of type T to generate the auxiliary data array from, optional. If not provided, a default value for auxiliary data is returned.

value.private?= undefined

value.private.c?: Field= Field

value.private.g_r?: Group= Group

value.private.h_m_pk_r?: Group= Group

value.public?= undefined

value.public.nullifier?: Group= Group

value.public.s?: Scalar= Scalar

value.publicKey?: Group= Group

Returns

any[]

Inherited from

Struct({ publicKey: Group, public: { nullifier: Group, s: Scalar, }, private: { c: Field, g_r: Group, h_m_pk_r: Group, }, }).toAuxiliary

Source

lib/provable/types/provable-intf.ts:47

toCanonical()?

static optional toCanonical: (x: {
  "private": {
     "c": Field;
     "g_r": Group;
     "h_m_pk_r": Group;
    };
  "public": {
     "nullifier": Group;
     "s": Scalar;
    };
  "publicKey": Group;
 }) => {
  "private": {
     "c": Field;
     "g_r": Group;
     "h_m_pk_r": Group;
    };
  "public": {
     "nullifier": Group;
     "s": Scalar;
    };
  "publicKey": Group;
};

Optional method which transforms a provable type into its canonical representation.

This is needed for types that have multiple representations of the same underlying value, and might even not have perfect completeness for some of those representations.

An example is the ForeignField class, which allows non-native field elements to exist in unreduced form. The unreduced form is not perfectly complete, for example, addition of two unreduced field elements can cause a prover error.

Specific protocols need to be able to protect themselves against incomplete operations at all costs. For example, when using actions and reducer, the reducer must be able to produce a proof regardless of the input action. toCanonical() converts any input into a safe form and enables us to handle cases like this generically.

Note: For most types, this method is the identity function. The identity function will also be used when the toCanonical() is not present on a type.

Parameters

x

x.private= undefined

x.private.c: Field= Field

x.private.g_r: Group= Group

x.private.h_m_pk_r: Group= Group

x.public= undefined

x.public.nullifier: Group= Group

x.public.s: Scalar= Scalar

x.publicKey: Group= Group

Returns

{
  "private": {
     "c": Field;
     "g_r": Group;
     "h_m_pk_r": Group;
    };
  "public": {
     "nullifier": Group;
     "s": Scalar;
    };
  "publicKey": Group;
}
private
private: {
  "c": Field;
  "g_r": Group;
  "h_m_pk_r": Group;
};
private.c
c: Field = Field;
private.g_r
g_r: Group = Group;
private.h_m_pk_r
h_m_pk_r: Group = Group;
public
public: {
  "nullifier": Group;
  "s": Scalar;
};
public.nullifier
nullifier: Group = Group;
public.s
s: Scalar = Scalar;
publicKey
publicKey: Group = Group;

Inherited from

Struct({ publicKey: Group, public: { nullifier: Group, s: Scalar, }, private: { c: Field, g_r: Group, h_m_pk_r: Group, }, }).toCanonical

Source

lib/provable/types/provable-intf.ts:104

toFields()

static toFields: (value: {
  "private": {
     "c": Field;
     "g_r": Group;
     "h_m_pk_r": Group;
    };
  "public": {
     "nullifier": Group;
     "s": Scalar;
    };
  "publicKey": Group;
 }) => Field[];

A function that takes value, an element of type T, as argument and returns an array of Field elements that make up the provable data of value.

Parameters

value

the element of type T to generate the Field array from.

value.private= undefined

value.private.c: Field= Field

value.private.g_r: Group= Group

value.private.h_m_pk_r: Group= Group

value.public= undefined

value.public.nullifier: Group= Group

value.public.s: Scalar= Scalar

value.publicKey: Group= Group

Returns

Field[]

Inherited from

Struct({ publicKey: Group, public: { nullifier: Group, s: Scalar, }, private: { c: Field, g_r: Group, h_m_pk_r: Group, }, }).toFields

Source

lib/provable/types/provable-intf.ts:36

toInput()

static toInput: (x: {
  "private": {
     "c": Field;
     "g_r": Group;
     "h_m_pk_r": Group;
    };
  "public": {
     "nullifier": Group;
     "s": Scalar;
    };
  "publicKey": Group;
 }) => {
  "fields": Field[];
  "packed": [Field, number][];
};

Parameters

x

x.private= undefined

x.private.c: Field= Field

x.private.g_r: Group= Group

x.private.h_m_pk_r: Group= Group

x.public= undefined

x.public.nullifier: Group= Group

x.public.s: Scalar= Scalar

x.publicKey: Group= Group

Returns

{
  "fields": Field[];
  "packed": [Field, number][];
}
fields?
optional fields: Field[];
packed?
optional packed: [Field, number][];

Inherited from

Struct({ publicKey: Group, public: { nullifier: Group, s: Scalar, }, private: { c: Field, g_r: Group, h_m_pk_r: Group, }, }).toInput

Source

lib/provable/types/struct.ts:152

toJSON()

static toJSON: (x: {
  "private": {
     "c": Field;
     "g_r": Group;
     "h_m_pk_r": Group;
    };
  "public": {
     "nullifier": Group;
     "s": Scalar;
    };
  "publicKey": Group;
 }) => {
  "private": {
     "c": Field;
     "g_r": Group;
     "h_m_pk_r": Group;
    };
  "public": {
     "nullifier": Group;
     "s": Scalar;
    };
  "publicKey": Group;
};

Parameters

x

x.private= undefined

x.private.c: Field= Field

x.private.g_r: Group= Group

x.private.h_m_pk_r: Group= Group

x.public= undefined

x.public.nullifier: Group= Group

x.public.s: Scalar= Scalar

x.publicKey: Group= Group

Returns

{
  "private": {
     "c": Field;
     "g_r": Group;
     "h_m_pk_r": Group;
    };
  "public": {
     "nullifier": Group;
     "s": Scalar;
    };
  "publicKey": Group;
}
private
private: {
  "c": Field;
  "g_r": Group;
  "h_m_pk_r": Group;
};
private.c
c: string = Field;
private.g_r
g_r: {
  "x": string;
  "y": string;
 } = Group;
private.g_r.x
x: string;
private.g_r.y
y: string;
private.h_m_pk_r
h_m_pk_r: {
  "x": string;
  "y": string;
 } = Group;
private.h_m_pk_r.x
x: string;
private.h_m_pk_r.y
y: string;
public
public: {
  "nullifier": Group;
  "s": Scalar;
};
public.nullifier
nullifier: {
  "x": string;
  "y": string;
 } = Group;
public.nullifier.x
x: string;
public.nullifier.y
y: string;
public.s
s: string = Scalar;
publicKey
publicKey: {
  "x": string;
  "y": string;
 } = Group;
publicKey.x
x: string;
publicKey.y
y: string;

Inherited from

Struct({ publicKey: Group, public: { nullifier: Group, s: Scalar, }, private: { c: Field, g_r: Group, h_m_pk_r: Group, }, }).toJSON

Source

lib/provable/types/struct.ts:156

toValue()

static toValue: (x: {
  "private": {
     "c": Field;
     "g_r": Group;
     "h_m_pk_r": Group;
    };
  "public": {
     "nullifier": Group;
     "s": Scalar;
    };
  "publicKey": Group;
 }) => {
  "private": {
     "c": Field;
     "g_r": Group;
     "h_m_pk_r": Group;
    };
  "public": {
     "nullifier": Group;
     "s": Scalar;
    };
  "publicKey": Group;
};

Convert provable type to a normal JS type.

Parameters

x

x.private= undefined

x.private.c: Field= Field

x.private.g_r: Group= Group

x.private.h_m_pk_r: Group= Group

x.public= undefined

x.public.nullifier: Group= Group

x.public.s: Scalar= Scalar

x.publicKey: Group= Group

Returns

{
  "private": {
     "c": Field;
     "g_r": Group;
     "h_m_pk_r": Group;
    };
  "public": {
     "nullifier": Group;
     "s": Scalar;
    };
  "publicKey": Group;
}
private
private: {
  "c": Field;
  "g_r": Group;
  "h_m_pk_r": Group;
};
private.c
c: bigint = Field;
private.g_r
g_r: {
  "x": bigint;
  "y": bigint;
 } = Group;
private.g_r.x
x: bigint;
private.g_r.y
y: bigint;
private.h_m_pk_r
h_m_pk_r: {
  "x": bigint;
  "y": bigint;
 } = Group;
private.h_m_pk_r.x
x: bigint;
private.h_m_pk_r.y
y: bigint;
public
public: {
  "nullifier": Group;
  "s": Scalar;
};
public.nullifier
nullifier: {
  "x": bigint;
  "y": bigint;
 } = Group;
public.nullifier.x
x: bigint;
public.nullifier.y
y: bigint;
public.s
s: bigint = Scalar;
publicKey
publicKey: {
  "x": bigint;
  "y": bigint;
 } = Group;
publicKey.x
x: bigint;
publicKey.y
y: bigint;

Inherited from

Struct({ publicKey: Group, public: { nullifier: Group, s: Scalar, }, private: { c: Field, g_r: Group, h_m_pk_r: Group, }, }).toValue

Source

lib/provable/types/provable-intf.ts:81

Methods

assertUnused()

assertUnused(witness: MerkleMapWitness, root: Field): void

Checks if the Nullifier has been used before.

Parameters

witness: MerkleMapWitness

root: Field

Returns

void

Example

// asserts that the nullifier has not been used before, throws an error otherwise
nullifier.assertUnused();

Source

lib/provable/crypto/nullifier.ts:128

getPublicKey()

getPublicKey(): PublicKey

Returns the PublicKey that is associated with this Nullifier.

Returns

PublicKey

Example

let pk = nullifier.getPublicKey();

Source

lib/provable/crypto/nullifier.ts:157

isUnused()

isUnused(witness: MerkleMapWitness, root: Field): Bool

Returns the state of the Nullifier.

Parameters

witness: MerkleMapWitness

root: Field

Returns

Bool

Example

// returns a Bool based on whether or not the nullifier has been used before
let isUnused = nullifier.isUnused();

Source

lib/provable/crypto/nullifier.ts:108

key()

key(): Field

The key of the nullifier, which belongs to a unique message and a public key. Used as an index in Merkle trees.

Returns

Field

Example

// returns the key of the nullifier which can be used as index in a Merkle tree/map
let key = nullifier.key();

Source

lib/provable/crypto/nullifier.ts:95

setUsed()

setUsed(witness: MerkleMapWitness): Field

Sets the Nullifier, returns the new Merkle root.

Parameters

witness: MerkleMapWitness

Returns

Field

Example

// calculates the new root of the Merkle tree in which the nullifier is set to used
let newRoot = nullifier.setUsed(witness);

Source

lib/provable/crypto/nullifier.ts:143

verify()

verify(message: Field[]): void

Verifies that the Nullifier belongs to a specific message. Throws an error if the Nullifier is incorrect.

Parameters

message: Field[]

Returns

void

Example

let nullifierMessage = [voteId, ...otherData];
// throws an error if the nullifier is invalid or doesn't belong to this specific message
nullifier.verify(nullifierMessage);

Source

lib/provable/crypto/nullifier.ts:47

createTestNullifier()

static createTestNullifier(message: Field[], sk: PrivateKey): Nullifier

Note: This is not the recommended way to create a Nullifier in production. Please use mina-signer to create Nullifiers. Also, this function cannot be run within provable code to avoid unintended creations of Nullifiers - a Nullifier should never be created inside proveable code (e.g. a smart contract) directly, but rather created inside the users wallet (or other secure enclaves, so the private key never leaves that enclave).

PLUME: An ECDSA Nullifier Scheme for Unique Pseudonymity within Zero Knowledge Proofs https://eprint.iacr.org/2022/1255.pdf chapter 3 page 14

Parameters

message: Field[]

sk: PrivateKey

Returns

Nullifier

Source

lib/provable/crypto/nullifier.ts:170

fromJSON()

static fromJSON(json: Nullifier): Nullifier

Parameters

json: Nullifier

Returns

Nullifier

Overrides

Struct({ publicKey: Group, public: { nullifier: Group, s: Scalar, }, private: { c: Field, g_r: Group, h_m_pk_r: Group, }, }).fromJSON

Source

lib/provable/crypto/nullifier.ts:32

sizeInFields()

static sizeInFields(): number

Return the size of the T type in terms of Field type, as Field is the primitive type.

Returns

number

A number representing the size of the T type in terms of Field type.

Inherited from

Struct({ publicKey: Group, public: { nullifier: Group, s: Scalar, }, private: { c: Field, g_r: Group, h_m_pk_r: Group, }, }).sizeInFields

Source

lib/provable/types/provable-intf.ts:66