feat(identity-proof): add identity-proof library

.eslintignore

@@ -21,3 +21,6 @@ build
 npm-debug.log*
 yarn-debug.log*
 yarn-error.log*
+
+# types
+types

.prettierrc.json

@@ -1,5 +1,6 @@
 {
     "semi": false,
     "arrowParens": "always",
-    "trailingComma": "none"
+    "trailingComma": "none",
+    "plugins": ["prettier-plugin-solidity"]
 }

jest.config.ts

@@ -1,7 +1,7 @@
 import fs from "fs"
 import type { Config } from "jest"
 
-const exclude = ["circuits", "contracts"]
+const exclude = ["identity-proof.circom"]
 
 const projects: any = fs
     .readdirSync("./packages", { withFileTypes: true })

package.json

@@ -35,6 +35,7 @@
         "@commitlint/config-conventional": "^19.1.0",
         "@types/jest": "^29.5.12",
         "@types/node": "^20.12.4",
+        "@types/snarkjs": "^0",
         "@typescript-eslint/eslint-plugin": "^7.5.0",
         "@typescript-eslint/parser": "^7.5.0",
         "changelogithub": "patch:changelogithub@npm%3A0.13.5#~/.yarn/patches/changelogithub-npm-0.13.5-9884734389.patch",
@@ -52,7 +53,9 @@
         "jest": "^29.7.0",
         "lint-staged": "^15.2.2",
         "prettier": "^3.2.5",
+        "prettier-plugin-solidity": "^1.3.1",
         "rimraf": "^5.0.5",
+        "snarkjs": "^0.7.4",
         "ts-jest": "^29.1.2",
         "ts-node": "^10.9.2",
         "typedoc": "^0.25.13",

packages/identity-proof.circom/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2024 Ethereum Foundation
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

packages/identity-proof.circom/README.md

@@ -0,0 +1,58 @@
+<p align="center">
+    <h1 align="center">
+        Semaphore Identity Proof (circuit)
+    </h1>
+    <p align="center">A circuit to prove the ownership of a Semaphore identity without revealing the private key.</p>
+</p>
+
+<p align="center">
+    <a href="https://github.com/semaphore-protocol">
+        <img src="https://img.shields.io/badge/project-Semaphore-blue.svg?style=flat-square">
+    </a>
+    <a href="https://github.com/semaphore-protocol/extensions/tree/main/packages/identity-proof.circom/LICENSE">
+        <img alt="NPM license" src="https://img.shields.io/npm/l/%40semaphore-extensions%2Fidentity-proof.circom?style=flat-square">
+    </a>
+    <a href="https://www.npmjs.com/package/@semaphore-extensions/identity-proof.circom">
+        <img alt="NPM version" src="https://img.shields.io/npm/v/@semaphore-extensions/identity-proof.circom?style=flat-square" />
+    </a>
+    <a href="https://npmjs.org/package/@semaphore-extensions/identity-proof.circom">
+        <img alt="Downloads" src="https://img.shields.io/npm/dm/@semaphore-extensions/identity-proof.circom.svg?style=flat-square" />
+    </a>
+</p>
+
+<div align="center">
+    <h4>
+        <a href="https://github.com/semaphore-protocol/extensions/blob/main/CONTRIBUTING.md">
+            👥 Contributing
+        </a>
+        <span>&nbsp;&nbsp;|&nbsp;&nbsp;</span>
+        <a href="https://github.com/semaphore-protocol/extensions/blob/main/CODE_OF_CONDUCT.md">
+            🤝 Code of conduct
+        </a>
+        <span>&nbsp;&nbsp;|&nbsp;&nbsp;</span>
+        <a href="https://github.com/semaphore-protocol/extensions/contribute">
+            🔎 Issues
+        </a>
+        <span>&nbsp;&nbsp;|&nbsp;&nbsp;</span>
+        <a href="https://semaphore.pse.dev/discord">
+            🗣️ Chat &amp; Support
+        </a>
+    </h4>
+</div>
+
+> [!WARNING]  
+> This library has **not** been audited.
+
+## 🛠 Install
+
+Install the `@semaphore-extensions/identity-proof.circom` package with npm:
+
+```bash
+npm i @semaphore-extensions/identity-proof.circom --save
+```
+
+or yarn:
+
+```bash
+yarn add @semaphore-extensions/identity-proof.circom
+```

packages/identity-proof.circom/package.json

@@ -0,0 +1,36 @@
+{
+    "name": "@semaphore-extensions/identity-proof.circom",
+    "version": "1.0.0-beta",
+    "description": "A circuit to prove the ownership of a Semaphore identity without revealing the private key.",
+    "license": "MIT",
+    "files": [
+        "**/*.circom",
+        "!main",
+        "!test",
+        "LICENSE",
+        "README.md"
+    ],
+    "repository": "https://github.com/semaphore-protocol/extensions",
+    "homepage": "https://github.com/semaphore-protocol/extensions/tree/main/packages/identity-proof.circom",
+    "bugs": {
+        "url": "https://github.com/semaphore-protocol/extensions.git/issues"
+    },
+    "scripts": {
+        "compile": "circomkit compile identity-proof",
+        "setup": "circomkit setup identity-proof",
+        "test": "mocha"
+    },
+    "publishConfig": {
+        "access": "public"
+    },
+    "dependencies": {
+        "circomlib": "2.0.5"
+    },
+    "devDependencies": {
+        "@types/mocha": "^10.0.6",
+        "@zk-kit/eddsa-poseidon": "^1.0.0-beta",
+        "circomkit": "^0.0.19",
+        "mocha": "^10.2.0",
+        "poseidon-lite": "^0.2.0"
+    }
+}

packages/identity-proof/tests/identity-proof.test.ts → packages/identity-proof.circom/tests/identity-proof.test.ts

@@ -29,6 +29,7 @@ describe("identity-proof", () => {
         })
     })
 
+    // eslint-disable-next-line jest/expect-expect
     it("Should compute the commitment correctly", async () => {
         await circuit.expectPass(INPUT, OUTPUT)
     })

packages/identity-proof.circom/tsconfig.json

@@ -0,0 +1,8 @@
+{
+    "compilerOptions": {
+        "target": "es2020",
+        "module": "commonjs",
+        "esModuleInterop": true
+    },
+    "include": ["tests/**/*"]
+}

packages/identity-proof/.npmrc

@@ -0,0 +1 @@
+engine-strict=true

packages/identity-proof/README.md

@@ -2,57 +2,133 @@
     <h1 align="center">
         Semaphore Identity Proof
     </h1>
-    <p align="center">A circuit to prove the ownership of a Semaphore identity without revealing the private key.</p>
+    <p align="center">A library to prove the ownership of a Semaphore identity without revealing the private key.</p>
 </p>
 
 <p align="center">
     <a href="https://github.com/semaphore-protocol">
         <img src="https://img.shields.io/badge/project-Semaphore-blue.svg?style=flat-square">
     </a>
     <a href="https://github.com/semaphore-protocol/extensions/tree/main/packages/identity-proof/LICENSE">
-        <img alt="NPM license" src="https://img.shields.io/npm/l/%40semaphore-extensions%2Fidentity-proof?style=flat-square">
+        <img alt="NPM license" src="https://img.shields.io/npm/l/%40semaphore-extensions%identity-proof?style=flat-square">
     </a>
     <a href="https://www.npmjs.com/package/@semaphore-extensions/identity-proof">
         <img alt="NPM version" src="https://img.shields.io/npm/v/@semaphore-extensions/identity-proof?style=flat-square" />
     </a>
     <a href="https://npmjs.org/package/@semaphore-extensions/identity-proof">
         <img alt="Downloads" src="https://img.shields.io/npm/dm/@semaphore-extensions/identity-proof.svg?style=flat-square" />
     </a>
+    <a href="https://bundlephobia.com/package/@semaphore-extensions/identity-proof">
+        <img alt="npm bundle size (scoped)" src="https://img.shields.io/bundlephobia/minzip/@semaphore-extensions/identity-proof" />
+    </a>
+    <a href="https://eslint.org/">
+        <img alt="Linter eslint" src="https://img.shields.io/badge/linter-eslint-8080f2?style=flat-square&logo=eslint" />
+    </a>
+    <a href="https://prettier.io/">
+        <img alt="Code style prettier" src="https://img.shields.io/badge/code%20style-prettier-f8bc45?style=flat-square&logo=prettier" />
+    </a>
 </p>
 
 <div align="center">
     <h4>
-        <a href="https://github.com/semaphore-protocol/extensions/blob/main/CONTRIBUTING.md">
-            👥 Contributing
-        </a>
-        <span>&nbsp;&nbsp;|&nbsp;&nbsp;</span>
-        <a href="https://github.com/semaphore-protocol/extensions/blob/main/CODE_OF_CONDUCT.md">
-            🤝 Code of conduct
-        </a>
-        <span>&nbsp;&nbsp;|&nbsp;&nbsp;</span>
-        <a href="https://github.com/semaphore-protocol/extensions/contribute">
-            🔎 Issues
+        <a href="https://appliedzkp.org/discord">
+            🗣️ Chat &amp; Support
         </a>
         <span>&nbsp;&nbsp;|&nbsp;&nbsp;</span>
-        <a href="https://semaphore.pse.dev/discord">
-            🗣️ Chat &amp; Support
+        <a href="https://semaphore-protocol.github.io/extensions/modules/_semaphore_extensions_identity_proof.html">
+            📘 Docs
         </a>
     </h4>
 </div>
 
+| This zero-knowledge library allows you to prove and verify that you have the private key of a Semaphore identity. It will be mainly used on-chain because you can get the same result off-chain using EdDSA signatures with the `@semaphore-protocol/identity` package. It facilitates the demonstration of having an EdDSA hash pre-image while keeping the pre-image value confidential. Additionally, it offers a mechanism to prevent the same proof from being reused. The circuit that forms the foundation of this library is accessible via this [link](https://github.com/semaphore-protocol/extensions/blob/main/packages/identity-proof.circom). |
+| ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
+
 > [!WARNING]  
-> This library has **not** been audited.
+> The Snark artifacts currently used to generate zero-knowledge proofs are the result of an insecure trusted setup, and the library has not yet been audited. Therefore, it is advised not to use it in production.
 
 ## 🛠 Install
 
-Install the `@zk-kit/circuits` package with npm:
+Install the `@semaphore-extensions/identity-proof` package:
 
 ```bash
-npm i @zk-kit/circuits --save
+npm i @semaphore-extensions/identity-proof
 ```
 
 or yarn:
 
 ```bash
-yarn add @zk-kit/circuits
+yarn add @semaphore-extensions/identity-proof
+```
+
+## 📜 Usage
+
+```typescript
+import { generate, verify } from "@semaphore-extensions/identity-proof"
+
+// Your private key (secret) associated with your commitment.
+const privateKey = "secret"
+// A public value used to contextualize the cryptographic proof and calculate the nullifier.
+const scope = "scope"
+
+// Generate the proof.
+const fullProof = await generate(privateKey, scope)
+
+/*
+    nb. commitment and scope are always the same - proof is variable.
+{
+    commitment: '21756852044673293804725356853298692762259855200429755225624171532449447776732',
+    scope: '52191664570483756643537362991541193331102618014473399276861326740461293928448',
+    proof: [
+        '14987543977537638797613616391807211498102534775759297152458980015937921301475',
+        '3399335485250714998192957632691923175498432819155620830553382340417897595836',
+        '458847933923791518779258584891719351511628278818450523853640641455008133942',
+        '9130558865745328382423837376229933835283742789420937388990076948167771186665',
+        '2527867303822223913583586720705858457538165210401589969189198821632271648294',
+        '870032122185130505849909299495220614500026484724112145131565329210361970548',
+        '7499124546917660821334566902083675362480525785493429715971012094306224236446',
+        '4681140599918274218600441523225984097742730174371377925026448119492671129895'
+    ]
+}
+
+*/
+console.log(fullProof)
+
+// If not specified, the Snark artifacts are downloaded automatically.
+// You can specify them as follows.
+
+// const fullProof = await generate(privateKey, scope, {
+//     wasm: "<your-path>/identity-proof.wasm",
+//     zkey: "<your-path>/identity-proof.zkey"
+// })
+
+// Verify the proof.
+const response = await verify(fullProof)
+
+// true.
+console.log(response)
+```
+
+## 📈 Benchmarks
+
+Benchmarks were run on an Intel Core i7-1165G7, 16 GB RAM machine.
+
+| Generate proof | Verify proof | Constraints |
+| -------------- | ------------ | ----------- |
+| `258ms`        | `15ms`       | `1017`      |
+
+```ts
+import { generate, verify } from "@semaphore-extensions/identity-proof"
+
+console.time("generate")
+
+const proof = await generate("secret", "scope")
+
+console.timeEnd("generate")
+
+console.time("verify")
+
+console.log(await verify(proof))
+
+console.timeEnd("verify")
 ```