Merge pull request #197 from semaphore-protocol/fix/zero-values

Generate zeroValue based on groupId

Author: cedoor

packages/contracts/contracts/Semaphore.sol

@@ -40,10 +40,9 @@ contract Semaphore is ISemaphore, SemaphoreGroups {
     function createGroup(
         uint256 groupId,
         uint256 merkleTreeDepth,
-        uint256 zeroValue,
         address admin
     ) external override onlySupportedMerkleTreeDepth(merkleTreeDepth) {
-        _createGroup(groupId, merkleTreeDepth, zeroValue);
+        _createGroup(groupId, merkleTreeDepth);
 
         groups[groupId].admin = admin;
         groups[groupId].merkleTreeDuration = 1 hours;
@@ -55,11 +54,10 @@ contract Semaphore is ISemaphore, SemaphoreGroups {
     function createGroup(
         uint256 groupId,
         uint256 merkleTreeDepth,
-        uint256 zeroValue,
         address admin,
         uint256 merkleTreeDuration
     ) external override onlySupportedMerkleTreeDepth(merkleTreeDepth) {
-        _createGroup(groupId, merkleTreeDepth, zeroValue);
+        _createGroup(groupId, merkleTreeDepth);
 
         groups[groupId].admin = admin;
         groups[groupId].merkleTreeDuration = merkleTreeDuration;

packages/contracts/contracts/base/SemaphoreGroups.sol

@@ -17,16 +17,16 @@ abstract contract SemaphoreGroups is Context, ISemaphoreGroups {
     /// @dev Creates a new group by initializing the associated tree.
     /// @param groupId: Id of the group.
     /// @param merkleTreeDepth: Depth of the tree.
-    /// @param zeroValue: Zero value of the tree.
-    function _createGroup(
-        uint256 groupId,
-        uint256 merkleTreeDepth,
-        uint256 zeroValue
-    ) internal virtual {
+    function _createGroup(uint256 groupId, uint256 merkleTreeDepth) internal virtual {
         if (getMerkleTreeDepth(groupId) != 0) {
             revert Semaphore__GroupAlreadyExists();
         }
 
+        // The zeroValue is in fact an implicit member of the group.
+        // Although there is a remote possibility that the preimage of
+        // the hash may be calculated, using this value minimizes the risk.
+        uint256 zeroValue = uint256(keccak256(abi.encodePacked(groupId))) >> 8;
+
         merkleTree[groupId].init(merkleTreeDepth, zeroValue);
 
         emit GroupCreated(groupId, merkleTreeDepth, zeroValue);

packages/contracts/contracts/extensions/SemaphoreVoting.sol

@@ -43,7 +43,7 @@ contract SemaphoreVoting is ISemaphoreVoting, SemaphoreGroups {
             revert Semaphore__MerkleTreeDepthIsNotSupported();
         }
 
-        _createGroup(pollId, merkleTreeDepth, 0);
+        _createGroup(pollId, merkleTreeDepth);
 
         Poll memory poll;
 

packages/contracts/contracts/extensions/SemaphoreWhistleblowing.sol

@@ -41,7 +41,7 @@ contract SemaphoreWhistleblowing is ISemaphoreWhistleblowing, SemaphoreGroups {
             revert Semaphore__MerkleTreeDepthIsNotSupported();
         }
 
-        _createGroup(entityId, merkleTreeDepth, 0);
+        _createGroup(entityId, merkleTreeDepth);
 
         entities[entityId] = editor;
 

packages/contracts/contracts/interfaces/ISemaphore.sol

@@ -68,25 +68,21 @@ interface ISemaphore {
     /// @dev Creates a new group. Only the admin will be able to add or remove members.
     /// @param groupId: Id of the group.
     /// @param depth: Depth of the tree.
-    /// @param zeroValue: Zero value of the tree.
     /// @param admin: Admin of the group.
     function createGroup(
         uint256 groupId,
         uint256 depth,
-        uint256 zeroValue,
         address admin
     ) external;
 
     /// @dev Creates a new group. Only the admin will be able to add or remove members.
     /// @param groupId: Id of the group.
     /// @param depth: Depth of the tree.
-    /// @param zeroValue: Zero value of the tree.
     /// @param admin: Admin of the group.
     /// @param merkleTreeRootDuration: Time before the validity of a root expires.
     function createGroup(
         uint256 groupId,
         uint256 depth,
-        uint256 zeroValue,
         address admin,
         uint256 merkleTreeRootDuration
     ) external;

packages/contracts/test/Semaphore.ts

@@ -17,6 +17,7 @@ describe("Semaphore", () => {
 
     const treeDepth = Number(process.env.TREE_DEPTH) || 20
     const groupId = 1
+    const group = new Group(groupId, treeDepth)
     const members = createIdentityCommitments(3)
 
     const wasmFilePath = `../../snark-artifacts/${treeDepth}/semaphore.wasm`
@@ -36,12 +37,7 @@ describe("Semaphore", () => {
 
     describe("# createGroup", () => {
         it("Should not create a group if the tree depth is not supported", async () => {
-            const transaction = semaphoreContract["createGroup(uint256,uint256,uint256,address)"](
-                groupId,
-                10,
-                0,
-                accounts[0]
-            )
+            const transaction = semaphoreContract["createGroup(uint256,uint256,address)"](groupId, 10, accounts[0])
 
             await expect(transaction).to.be.revertedWithCustomError(
                 semaphoreContract,
@@ -52,30 +48,34 @@ describe("Semaphore", () => {
         it("Should create a group", async () => {
             const transaction = semaphoreContract
                 .connect(signers[1])
-                ["createGroup(uint256,uint256,uint256,address)"](groupId, treeDepth, 0, accounts[1])
+                ["createGroup(uint256,uint256,address)"](groupId, treeDepth, accounts[1])
 
-            await expect(transaction).to.emit(semaphoreContract, "GroupCreated").withArgs(groupId, treeDepth, 0)
+            await expect(transaction)
+                .to.emit(semaphoreContract, "GroupCreated")
+                .withArgs(groupId, treeDepth, group.zeroValue)
             await expect(transaction)
                 .to.emit(semaphoreContract, "GroupAdminUpdated")
                 .withArgs(groupId, constants.AddressZero, accounts[1])
         })
 
         it("Should create a group with a custom Merkle tree root expiration", async () => {
             const groupId = 2
+            const group = new Group(2)
             const transaction = await semaphoreContract
                 .connect(signers[1])
-                ["createGroup(uint256,uint256,uint256,address,uint256)"](
+                ["createGroup(uint256,uint256,address,uint256)"](
                     groupId,
                     treeDepth,
-                    0,
                     accounts[0],
                     5 // 5 seconds.
                 )
             await semaphoreContract.addMember(groupId, members[0])
             await semaphoreContract.addMember(groupId, members[1])
             await semaphoreContract.addMember(groupId, members[2])
 
-            await expect(transaction).to.emit(semaphoreContract, "GroupCreated").withArgs(groupId, treeDepth, 0)
+            await expect(transaction)
+                .to.emit(semaphoreContract, "GroupCreated")
+                .withArgs(groupId, treeDepth, group.zeroValue)
             await expect(transaction)
                 .to.emit(semaphoreContract, "GroupAdminUpdated")
                 .withArgs(groupId, constants.AddressZero, accounts[0])
@@ -133,7 +133,7 @@ describe("Semaphore", () => {
         })
 
         it("Should add a new member in an existing group", async () => {
-            const group = new Group(treeDepth)
+            const group = new Group(groupId, treeDepth)
 
             group.addMember(members[0])
 
@@ -149,11 +149,11 @@ describe("Semaphore", () => {
         it("Should add new members to an existing group", async () => {
             const groupId = 3
             const members = [BigInt(1), BigInt(2), BigInt(3)]
-            const group = new Group(treeDepth)
+            const group = new Group(groupId, treeDepth)
 
             group.addMembers(members)
 
-            await semaphoreContract["createGroup(uint256,uint256,uint256,address)"](groupId, treeDepth, 0, accounts[0])
+            await semaphoreContract["createGroup(uint256,uint256,address)"](groupId, treeDepth, accounts[0])
 
             const transaction = semaphoreContract.addMembers(groupId, members)
 
@@ -178,13 +178,13 @@ describe("Semaphore", () => {
         it("Should update a member from an existing group", async () => {
             const groupId = 4
             const members = [BigInt(1), BigInt(2), BigInt(3)]
-            const group = new Group(treeDepth)
+            const group = new Group(groupId, treeDepth)
 
             group.addMembers(members)
 
             group.updateMember(0, BigInt(4))
 
-            await semaphoreContract["createGroup(uint256,uint256,uint256,address)"](groupId, treeDepth, 0, accounts[0])
+            await semaphoreContract["createGroup(uint256,uint256,address)"](groupId, treeDepth, accounts[0])
             await semaphoreContract.addMembers(groupId, members)
 
             const { siblings, pathIndices, root } = group.generateMerkleProof(0)
@@ -212,13 +212,13 @@ describe("Semaphore", () => {
         it("Should remove a member from an existing group", async () => {
             const groupId = 5
             const members = [BigInt(1), BigInt(2), BigInt(3)]
-            const group = new Group(treeDepth)
+            const group = new Group(groupId, treeDepth)
 
             group.addMembers(members)
 
             group.removeMember(2)
 
-            await semaphoreContract["createGroup(uint256,uint256,uint256,address)"](groupId, treeDepth, 0, accounts[0])
+            await semaphoreContract["createGroup(uint256,uint256,address)"](groupId, treeDepth, accounts[0])
             await semaphoreContract.addMembers(groupId, members)
 
             const { siblings, pathIndices, root } = group.generateMerkleProof(2)
@@ -233,7 +233,7 @@ describe("Semaphore", () => {
         const signal = 2
         const identity = new Identity("0")
 
-        const group = new Group(treeDepth)
+        const group = new Group(groupId, treeDepth)
 
         group.addMembers(members)
 
@@ -317,7 +317,7 @@ describe("Semaphore", () => {
 
         it("Should not verify a proof if the Merkle tree root is expired", async () => {
             const groupId = 2
-            const group = new Group(treeDepth)
+            const group = new Group(groupId, treeDepth)
 
             group.addMembers([members[0], members[1]])
 

packages/contracts/test/SemaphoreVoting.ts

@@ -116,7 +116,7 @@ describe("SemaphoreVoting", () => {
 
         it("Should add a voter to an existing poll", async () => {
             const { commitment } = new Identity("test")
-            const group = new Group(treeDepth)
+            const group = new Group(pollIds[1], treeDepth)
 
             group.addMember(commitment)
 
@@ -138,7 +138,7 @@ describe("SemaphoreVoting", () => {
         const identity = new Identity("test")
         const vote = 1
 
-        const group = new Group(treeDepth)
+        const group = new Group(pollIds[1], treeDepth)
 
         group.addMembers([identity.commitment, BigInt(1)])
 

packages/contracts/test/SemaphoreWhistleblowing.ts

@@ -73,7 +73,7 @@ describe("SemaphoreWhistleblowing", () => {
 
         it("Should add a whistleblower to an existing entity", async () => {
             const { commitment } = new Identity("test")
-            const group = new Group(treeDepth)
+            const group = new Group(entityIds[0], treeDepth)
 
             group.addMember(commitment)
 
@@ -96,7 +96,7 @@ describe("SemaphoreWhistleblowing", () => {
     describe("# removeWhistleblower", () => {
         it("Should not remove a whistleblower if the caller is not the editor", async () => {
             const { commitment } = new Identity()
-            const group = new Group(treeDepth)
+            const group = new Group(entityIds[0], treeDepth)
 
             group.addMember(commitment)
 
@@ -117,7 +117,7 @@ describe("SemaphoreWhistleblowing", () => {
 
         it("Should remove a whistleblower from an existing entity", async () => {
             const { commitment } = new Identity("test")
-            const group = new Group(treeDepth)
+            const group = new Group(entityIds[0], treeDepth)
 
             group.addMember(commitment)
 
@@ -139,7 +139,7 @@ describe("SemaphoreWhistleblowing", () => {
         const identity = new Identity("test")
         const leak = utils.formatBytes32String("This is a leak")
 
-        const group = new Group(treeDepth)
+        const group = new Group(entityIds[1], treeDepth)
 
         group.addMembers([identity.commitment, BigInt(1)])
 

packages/group/README.md

@@ -67,19 +67,19 @@ yarn add @semaphore-protocol/group
 
 ## 📜 Usage
 
-\# **new Group**(treeDepth = 20, zeroValue = BigInt(0)): _Group_
+\# **new Group**(groupId: _Member_, treeDepth = 20): _Group_
 
 ```typescript
 import { Group } from "@semaphore-protocol/group"
 
 // Group with max 1048576 members (20^²).
-const group1 = new Group()
+const group1 = new Group(1)
 
 // Group with max 65536 members (16^²).
-const group2 = new Group(16)
+const group2 = new Group(1, 16)
 
 // Group with max 16777216 members (24^²).
-const group3 = new Group(24)
+const group3 = new Group(1, 24)
 ```
 
 \# **addMember**(identityCommitment: _Member_)

packages/group/package.json

@@ -35,6 +35,9 @@
         "typedoc": "^0.22.11"
     },
     "dependencies": {
+        "@ethersproject/bignumber": "^5.7.0",
+        "@ethersproject/bytes": "^5.7.0",
+        "@ethersproject/keccak256": "^5.7.0",
         "@zk-kit/incremental-merkle-tree": "1.0.0",
         "poseidon-lite": "^0.0.2"
     }