Open
Description
Current Progress
- prepare: combine SHA256 into ECDSA + JWT circuit; remove age verification, since it will be done during the show phase Prepare circuit ES + SHA256 + JWT Decoding #7
- prepare: parse the JWT fields into a single column
- we will commit to this using Hyrax, and share the rerandomised commitment between prepare and show (thus getting proof linking for free)
- show proof: device binding + age verification
- this will use the parsed JWT column from the prepare proof
Column Commitment from Decoded JWT Claims
In the prepare circuit, we extract the Base64-decoded JWT fields into a 2D array:
signal output jwtClaims[maxMatches][decodedLen];
jwtClaims array holds the decoded claims extracted from the JWT payload using the claim-decoder. Each row is a different claim.
Hyrax Commitments
To prepare this for Hyrax-style vector commitment, i was thinking of doing something like this :
- Flatten the selected decoded claims into a 1D column vector of field elements.
- For each claim:
- Convert the raw byte array directly to a field element (since its fixed size)
Once we have the flattened vector:
witness_column = [roc_birthday, name, exp, iss ...]
We compute the Hyrax-style off-circuit as:
C = w_0 * G_0 + w_1 * G_1 + ... + w_n * G_n + r * H
Where:
- w_i: field elements from the parsed claim vector
- G_i: deterministically derived generator per field (e.g., hash-to-curve of label
"gen_i") T256 Curve - r: blinding scalar
- H: blinding generator
this commitment C, Witness will be passed to show circuit
Metadata
Metadata
Assignees
Labels
No labels