cleanup

tilo-14 · tilo-14 · commit 41cdcffcf7f8 · 2026-01-14T22:58:58.000Z
diff --git a/zk/nullifier/README.md b/zk/nullifier/README.md
@@ -1,45 +1,37 @@
-# Nullifier Registry
+# Nullifier for ZK 
 
-Creates nullifier accounts using compressed addresses. Prevents double-spend by failing if a nullifier already exists.
+Program with single instruction to create nullifiers to prevent double-spending.
 
-Light uses rent-free PDAs in an address Merkle tree indexed by Helius. No custom indexing required.
+Can be added to your custom program without requiring a custom circuit.
+
+* On Solana nullifiers require a data structure that ensures the nullifier is only created once.
+* A straight forward way is to derive a PDA with the nullifier as seed for the PDA account.
+* Nullifier accounts must remain active, hence lock ~0.001 SOL in rent per nullifier PDA permanently.
+* Compressed addresses are rent-free, provide similar functionality and derivation.
 
 | Storage | Cost per nullifier |
 |---------|-------------------|
 | PDA | ~0.001 SOL |
-| Compressed PDA | ~0.000005 SOL |
-
-## Requirements
+| Compressed PDA | ~0.000015 SOL |
 
-- **Rust** (1.90.0 or later)
-- **Node.js** (v22 or later)
-- **Solana CLI** (2.3.11 or later)
-- **Light CLI**: `npm install -g @lightprotocol/zk-compression-cli`
+In detail, a nullifier is a hash derived from your secret and the leaf the transaction is using.
+When you use private state (stored in a Merkle tree leaf), you publish the nullifier. The program stores it in a set.
+If anyone tries to spend the same leaf again, the nullifier would match one already stored, so the transaction fails.
+The nullifier reveals nothing about which leaf was spent.
+Different state produces different nullifiers, so observers can't link a nullifier back to its source leaf.
 
 ## Flow
-
-1. Client derives nullifier addresses from `[NULLIFIER_PREFIX, nullifier_value]`
-2. Client requests validity proof from RPC
-3. On-chain: derive addresses, create compressed accounts
-4. If any address exists, tx fails
-
-## Program instruction
-
-### `create_nullifier`
-
-Creates nullifier accounts for provided values.
-
-**Parameters:**
-- `data: NullifierInstructionData` - validity proof, tree info, indices
-- `nullifiers: Vec<[u8; 32]>` - nullifier values to register
-
-**Behavior:**
-- Derives address from `[b"nullifier", nullifier_value]`
-- Creates compressed account at derived address
-- Fails if address already exists (prevents replay)
+1. Client computes nullifier values (typically `hash(secret, context)`) and fetches validity proof from RPC for the derived addresses to prove it does not exist.
+3. Client calls `create_nullifier` with data, nullifiers and validity proof
+4. Program derives addresses, creates compressed accounts via CPI to Light system program
+5. If any address exists, Light system program rejects the CPI
 
 ## Build and Test
 
+- **Rust** (1.90.0 or later)
+- **Node.js** (v22 or later)
+- **Solana CLI** (2.3.11 or later)
+- **Light CLI**: `npm install -g @lightprotocol/zk-compression-cli`
 ### Using Makefile
 
 From the parent `zk/` directory:
diff --git a/zk/nullifier/programs/nullifier/src/lib.rs b/zk/nullifier/programs/nullifier/src/lib.rs
@@ -11,11 +11,6 @@ pub mod nullifier {
     use super::*;
 
     /// Creates nullifier accounts for the provided nullifier values.
-    ///
-    /// # Arguments
-    /// * `data` - Nullifier instruction data (proof, tree info, indices)
-    /// * `namespace` - Naespace for address derivation
-    /// * `nullifiers` - Vector of nullifier values to create accounts for
     pub fn create_nullifier<'info>(
         ctx: Context<'_, '_, '_, 'info, CreateNullifierAccounts<'info>>,
         data: NullifierInstructionData,
@@ -81,8 +76,7 @@ pub mod nullifier_creation {
     ///
     /// # Arguments
     /// * `nullifiers` - Slice of nullifier values to create accounts for
-    /// * `namespace` - Namespace for address derivation (e.g., your program's verification ID)
-    /// * `data` - Instruction data containing proof and tree info
+    /// * `data` - Instruction data with proof and tree info
     /// * `remaining_accounts` - Remaining accounts from the instruction context
     pub fn create_nullifiers<'info>(
         nullifiers: &[[u8; 32]],
diff --git a/zk/nullifier/ts-tests/nullifier.test.ts b/zk/nullifier/ts-tests/nullifier.test.ts
@@ -52,8 +52,6 @@ describe("nullifier", () => {
     it("should create a nullifier", async () => {
       const nullifier = randomBytes32();
 
-      console.log("Nullifier:", Buffer.from(nullifier).toString("hex").slice(0, 16) + "...");
-
       const { data, remainingAccounts } = await createNullifierInstructionData(
         rpc, PROGRAM_ID, [nullifier]
       );
@@ -72,23 +70,20 @@ describe("nullifier", () => {
       const sig = await rpc.sendTransaction(tx, [signer]);
       await confirmTx(rpc, sig);
 
-      console.log("Transaction signature:", sig);
+      console.log("Tx:", sig);
 
       const slot = await rpc.getSlot();
       await rpc.confirmTransactionIndexed(slot);
 
       const accounts = await rpc.getCompressedAccountsByOwner(PROGRAM_ID);
       assert.ok(accounts.items.length > 0, "Nullifier account should be created");
-      console.log("Created nullifier accounts:", accounts.items.length);
     });
   });
 
   describe("Multiple nullifiers", () => {
     it("should create multiple nullifiers in one transaction", async () => {
       const nullifiers = [randomBytes32(), randomBytes32()];
 
-      console.log("Creating 3 nullifiers in one transaction...");
-
       const { data, remainingAccounts } = await createNullifierInstructionData(
         rpc, PROGRAM_ID, nullifiers
       );
@@ -107,13 +102,10 @@ describe("nullifier", () => {
       const sig = await rpc.sendTransaction(tx, [signer]);
       await confirmTx(rpc, sig);
 
-      console.log("Transaction signature:", sig);
+      console.log("Tx:", sig);
 
       const slot = await rpc.getSlot();
       await rpc.confirmTransactionIndexed(slot);
-
-      const accounts = await rpc.getCompressedAccountsByOwner(PROGRAM_ID);
-      console.log("Total nullifier accounts:", accounts.items.length);
     });
   });
 });
diff --git a/zk/zk-id/README.md b/zk/zk-id/README.md
@@ -3,6 +3,7 @@
 
 A minimal zk id Solana program that uses zero-knowledge proofs for identity verification with compressed accounts.
 Note this is an example how to verify a zk inclusion proof, not a full zk identity protocol and not production-ready.
+
 For examples of zk identity protocols, see:
 - [Iden3](https://github.com/iden3) - Full decentralized identity protocol with claims, revocation, and recovery
 - [Semaphore](https://github.com/semaphore-protocol/semaphore) - Privacy-preserving group signaling with nullifiers
@@ -67,7 +68,7 @@ This script will:
 
 ## Build and Test
 
-### Using Makefile (recommended)
+### Using Makefile
 
 From the parent `zk/` directory:
 
diff --git a/zk/zk-id/ts-tests/zk-id.test.ts b/zk/zk-id/ts-tests/zk-id.test.ts
@@ -241,17 +241,13 @@ describe("zk-id", () => {
 
       const accounts = await rpc.getCompressedAccountsByOwner(PROGRAM_ID);
       assert.ok(accounts.items.length > 0, "Issuer account should be created");
-      console.log("Issuer account created");
     });
   });
 
   describe("Credential lifecycle", () => {
     it("should generate credential keypair correctly", () => {
       const { privateKey, publicKey } = generateCredentialKeypair();
 
-      console.log("Credential private key:", Buffer.from(privateKey).toString("hex").slice(0, 16) + "...");
-      console.log("Credential public key:", Buffer.from(publicKey).toString("hex").slice(0, 16) + "...");
-
       const hash = poseidon([BigInt("0x" + Buffer.from(privateKey).toString("hex"))]);
       const computedPublicKey = bigintToBytes32(poseidon.F.toObject(hash));
 
@@ -260,18 +256,13 @@ describe("zk-id", () => {
         Array.from(computedPublicKey),
         "Public key should be Poseidon(privateKey)"
       );
-
-      console.log("Keypair verified: publicKey = Poseidon(privateKey)");
     });
 
     it("should compute nullifier correctly", () => {
       const { privateKey } = generateCredentialKeypair();
       const verificationId = generateFieldElement();
       const nullifier = computeNullifier(verificationId, privateKey);
 
-      console.log("Verification ID:", Buffer.from(verificationId).toString("hex").slice(0, 16) + "...");
-      console.log("Nullifier:", Buffer.from(nullifier).toString("hex").slice(0, 16) + "...");
-
       const hash = poseidon([
         BigInt("0x" + Buffer.from(verificationId).toString("hex")),
         BigInt("0x" + Buffer.from(privateKey).toString("hex")),
@@ -283,15 +274,12 @@ describe("zk-id", () => {
         Array.from(computedNullifier),
         "Nullifier should be Poseidon(verification_id, privateKey)"
       );
-
-      console.log("Nullifier verified: nullifier = Poseidon(verification_id, credentialPrivateKey)");
     });
   });
 
   describe("ZK credential verification", () => {
     it("should demonstrate full ZK credential proof flow", async () => {
       const { privateKey: credentialPrivateKey, publicKey: credentialPubkey } = generateCredentialKeypair();
-      console.log("\n=== Step 1: Credential keypair generated ===");
 
       const ownerHashed = hashToBn254Field(PROGRAM_ID.toBytes());
       const merkleTreeHashed = hashToBn254Field(
@@ -304,7 +292,6 @@ describe("zk-id", () => {
 
       const verificationId = generateFieldElement();
       const nullifier = computeNullifier(verificationId, credentialPrivateKey);
-      console.log("\n=== Step 2: Nullifier computed ===");
 
       const encryptedDataHash = generateFieldElement();
       const address = generateFieldElement();
@@ -329,9 +316,6 @@ describe("zk-id", () => {
       }
       const expectedRoot = bigintToBytes32(current);
 
-      console.log("\n=== Step 3: Public inputs prepared ===");
-      console.log("\n=== Step 4: Generating ZK proof ===");
-
       const zkProof = await generateCredentialProof({
         ownerHashed,
         merkleTreeHashed,
@@ -352,9 +336,6 @@ describe("zk-id", () => {
       assert.ok(zkProof.a.length === 32, "Proof A should be 32 bytes");
       assert.ok(zkProof.b.length === 64, "Proof B should be 64 bytes");
       assert.ok(zkProof.c.length === 32, "Proof C should be 32 bytes");
-
-      console.log("\n=== ZK Proof generated successfully! ===");
-      console.log("Proof size: 128 bytes (compressed Groth16)");
     });
 
     it("should verify nullifier uniqueness property", () => {
@@ -371,8 +352,6 @@ describe("zk-id", () => {
         Array.from(nullifier2),
         "Different verification IDs should produce different nullifiers"
       );
-
-      console.log("Nullifier uniqueness verified");
     });
   });
 });
