barretenberg
Loading...
Searching...
No Matches
src
barretenberg
join_split_example
proofs
notes
circuit
claim
compute_nullifier.hpp
1
#pragma once
2
3
#include "../../constants.hpp"
4
#include "barretenberg/join_split_example/types.hpp"
5
#include "barretenberg/stdlib/hash/pedersen/pedersen.hpp"
6
7
namespace
join_split_example {
8
namespace
proofs {
9
namespace
notes {
10
namespace
circuit {
11
namespace
claim {
12
13
inline
field_ct
compute_nullifier(
field_ct
const
& note_commitment)
14
{
15
return
pedersen_hash::hash(std::vector<field_ct>{ note_commitment }, GeneratorIndex::CLAIM_NOTE_NULLIFIER);
16
17
// Note: unlike for value note nullifiers, we don't need to then Blake2-hash this result (which would provide a
18
// psuedorandom-looking nullifier) because the contents of a claim note commitment are public anyway.
19
20
// Note also: nullifying a claim note with a nullifier derived this way _does_ leak _which_ claim note is being
21
// nullified. That, in turn, leaks the values contained in the two _output_ value commitments of the claim
22
// circuit (identities (publc keys) are NOT leaked though). However, when those value notes are
23
// later spent, the value note nullifiers will not reveal that it is those notes being spent.
24
}
25
26
}
// namespace claim
27
}
// namespace circuit
28
}
// namespace notes
29
}
// namespace proofs
30
}
// namespace join_split_example
proof_system::plonk::stdlib::field_t
Definition:
field.hpp:10
Generated by
1.9.6
