Skip to content

Main Circuits

This iden3 circuits are the heart of the protocol. The main ones are:

You can find all the source code on Github - Iden3 Circuits. All the proving and verification keys necessary to use the circuits were generated after a Trusted Setup Ceremony. Details here: Iden3 Protocol Phase2 Trusted Setup Ceremony

stateTransition

Instantiation Parameters

  • nLevels Merkle tree depth level for Claims tree

Inputs

Input Description Public or Private
userID Prover's Identifier Public
oldUserState Prover's Identity State (before transition) Public
newUserState Prover's Identity State (after transition) Public
isOldStateGenesis "1" indicates that the old state is genesis: it means that this is the first State Transition, otherwise "0" Public
claimsTreeRoot Prover's Claims Tree Root Private
authClaimMtp[nLevels] Merkle Tree Proof of Auth Claim inside Prover's Claims tree Private
authClaim[8] Prover's Auth Claim Private
revTreeRoot Prover's Revocation Tree Root Private
authClaimNonRevMtp[nLevels] Merkle Tree Proof of non membership of Auth Claim inside Prover's Revocation Tree Private
authClaimNonRevMtpNoAux Flag that indicates whether to check the auxiliary Node Private
authClaimNonRevMtpAuxHv Auxiliary Node Value Private
authClaimNonRevMtpAuxHi Auxiliary Node Index Private
rootsTreeRoot Prover's Roots Tree Root Private
signatureR8x Signature of the challenge (Rx point) Private
signatureR8y Signature of the challenge (Ry point) Private
signatureS Signature of the challenge (S point) Private

Scope

  • If oldState is genesis, verifies that userID is derived from the oldUserState (= genesis state). Performed using cutId(), cutState()and isEqual() templates
  • newUserState is different than zero using isZero() comparator
  • oldUserState and newUserState are different using isEqual()
  • Verifies user's identity ownership using idOwnershipBySignature(nLevels) template. The message signed by the user is H(oldstate, newstate) where H is a Poseidon hash function executed inside the Poseidon(nInputs) template

Circuit Specific Files (From Trusted Setup)

authentication

coming soon!

credentialAtomicQueryMTP

This circuit checks that an issuer has issued a claim for identity and validates the ownership of that identity in the following manner:

  1. Checks the identity ownership by idOwnershipBySignature template
  2. Verifies the claim subject, the schema and the expiration time.
  3. Checks if the issuer claim exists in the issuer claims tree.
  4. Checks if the issuer claim is not revoked by an issuer.
  5. Checks if the issuer claim satisfies a query.

credentialAtomicQuerySig

This circuit checks that an issuer has issued a claim for identity and validates ownership of that identity in the following manner:

  1. Checks the identity ownership by idOwnershipBySignature template.
  2. Verifies the claim subject, the schema and the expiration time
  3. Checks if the issuer claim exists in the issuer claims tree.
  4. Verifies the claim signature by the issuer.
  5. Verifies if the issuer state matches with the one from the blockchain as the public input.
  6. Checks if the issuer claim satisfies a query.