System Verifier

System verifiers:
- verify specific instantiations of the light protocol circuit.
- are implemented in one Solana program each.
- verify a ZKP of Light transactions. (Light transactions invalidate and create shielded UTXOs.)
- the integrity UTXOs and their set membership in the Merkle tree.
- check public inputs of the zero-knowledge proof.
Integrity Hash:
- is computed from keccak256( recipient, recipientSol, signing_address, relayer fee, encrypted UTXOs )
root:
- The root is used as a reference that the zero-knowledge proof was computed on the correct Merkle tree. Uses the root from the passed in Merkle tree pda specified by a root index as the root input.
Mint:
- is an account that does not need to be sent as data
Public Amount Spl:
- is only checked in the proof and later used to shield, unshield
Public Amount Sol:
- is only checked in the proof and later used to shield, unshield, and pay the relayer
verifier Program Id: (only for app-enabled verifiers)
- uses the checks that the signer is a PDA
connecting Hash: (only for app-enabled verifiers)
- is used to cross-check inputs between an application verifier and a system verifier
- invoke the Merkle tree program to:
- insert nullifiers A nullifier is derived deterministically from a UTXO while not revealing any information about it. In other words, a nullifier is an identifier for a UTXO which is emitted by a proof and saved in a Solana PDA. At proof verification, the program checks whether the nullifier emitted by the proof already exists; if not, it inserts the nullifier. Therefore, every UTXO committed to the Merkle tree can only be used once in a proof.
- are trusted by the Merkle tree program.
- number of input UTXOs
- number of output UTXOs
- number of Solana transactions required to execute
- support app UTXOs
Verifier ID | Inputs | Outputs | Sol Tx | App Support | ProgramID |
---|---|---|---|---|---|
Zero | 2 | 2 | 1 | | |
One | 10 | 2 | 2 | | |
Two | 4 | 4 | 2 | | |
Three (Storage) | 2 | 2 | 2 | |
Name | Lookup | Description |
---|---|---|
signer | no | fee payer and signer of the transaction |
system program | yes | for account creation of leaves, nullifiers etc. |
merkle tree | yes | state pda of the merkle tree the input leaves have been inserted into |
pre inserted leaves index | yes | index of next queued leaf |
authority | yes | is used for cpi to merkle tree program |
token program | yes | token program for spl transfers |
sender spl | no | sender of spl tokens, in shield owned by the user, for transfers and unshields it a merkle tree pda |
recipient spl | no | recipient of spl tokens, in shield this is a merkle tree pda, for transfers and unshields it is owned by the user. |
sender sol | no | sender of sol tokens, in shield owned by the user, for transfers and unshields it a merkle tree pda |
recipient sol | no | recipient of sol tokens, in shield this is a merkle tree pda, for transfers and unshields it is owned by the user. |
relayer recipient | yes | recipient of the relayer |
escrow | yes | pda that is created and closed in the same transaction to do a sol transfer from the fee payer to the merkle tree |
token authority | yes | pda owned by the merkle tree to sign token withdrawals |
registered verifier | yes | regulates access control |
Last modified 16d ago