feat: implement proof generation and verification

Author: adklempner

package-lock.json

@@ -0,0 +1,6 @@
+{
+    "reporterEnabled": "spec, allure-mocha",
+    "allureMochaReporter": {
+      "outputDir": "allure-results"
+    }
+  }

packages/rln/.mocha.reporters.json

@@ -20,8 +20,11 @@ if (process.env.CI) {
   config.reporterOptions = {
     configFile: '.mocha.reporters.json'
   };
+  // Exclude integration tests in CI (they require RPC access)
+  console.log("Excluding integration tests in CI environment");
+  config.ignore = 'src/**/*.integration.spec.ts';
 } else {
   console.log("Running tests serially. To enable parallel execution update mocha config");
 }
 
-module.exports = config;
+module.exports = config;

packages/rln/.mocharc.cjs

@@ -38,9 +38,19 @@ module.exports = function (config) {
         watched: false,
         type: "wasm",
         nocache: true
+      },
+      {
+        pattern: "../../node_modules/@waku/zerokit-rln-wasm-utils/*.wasm",
+        included: false,
+        served: true,
+        watched: false,
+        type: "wasm",
+        nocache: true
       }
     ],
 
+    exclude: process.env.CI ? ["src/**/*.integration.spec.ts"] : [],
+
     preprocessors: {
       "src/**/*.spec.ts": ["webpack"]
     },
@@ -82,6 +92,12 @@ module.exports = function (config) {
           __dirname,
           "../../node_modules/@waku/zerokit-rln-wasm/rln_wasm_bg.wasm"
         ),
+      "/base/rln_wasm_utils_bg.wasm":
+        "/absolute" +
+        path.resolve(
+          __dirname,
+          "../../node_modules/@waku/zerokit-rln-wasm-utils/rln_wasm_utils_bg.wasm"
+        ),
       "/base/rln.wasm":
         "/absolute" + path.resolve(__dirname, "src/resources/rln.wasm"),
       "/base/rln_final.zkey":

packages/rln/karma.conf.cjs

@@ -39,6 +39,8 @@
     "check:lint": "eslint \"src/!(resources)/**/*.{ts,js}\" *.js",
     "check:spelling": "cspell \"{README.md,src/**/*.ts}\"",
     "test": "NODE_ENV=test run-s test:*",
+    "test:unit": "NODE_ENV=test mocha 'src/**/*.spec.ts' --ignore 'src/**/*.integration.spec.ts'",
+    "test:integration": "NODE_ENV=test mocha 'src/**/*.integration.spec.ts'",
     "test:browser": "karma start karma.conf.cjs",
     "watch:build": "tsc -p tsconfig.json -w",
     "watch:test": "mocha --watch",
@@ -60,7 +62,6 @@
     "@types/sinon": "^17.0.3",
     "@wagmi/cli": "^2.7.0",
     "@waku/build-utils": "^1.0.0",
-    "@waku/interfaces": "0.0.34",
     "@waku/message-encryption": "^0.0.37",
     "deep-equal-in-any-order": "^2.0.6",
     "fast-check": "^3.23.2",
@@ -83,6 +84,7 @@
     "@waku/core": "^0.0.40",
     "@waku/utils": "^0.0.27",
     "@waku/zerokit-rln-wasm": "^0.2.1",
+    "@waku/zerokit-rln-wasm-utils": "^0.1.0",
     "chai": "^5.1.2",
     "chai-as-promised": "^8.0.1",
     "chai-spies": "^1.1.0",

packages/rln/package.json

@@ -0,0 +1,205 @@
+import { expect } from "chai";
+import { type Address, createPublicClient, http } from "viem";
+import { lineaSepolia } from "viem/chains";
+
+import { Keystore } from "../keystore/index.js";
+import { RLNInstance } from "../rln.js";
+import { BytesUtils } from "../utils/index.js";
+import {
+  calculateRateCommitment,
+  extractPathDirectionsFromProof,
+  MERKLE_TREE_DEPTH,
+  reconstructMerkleRoot
+} from "../utils/merkle.js";
+import { TEST_KEYSTORE_DATA } from "../utils/test_keystore.js";
+
+import { RLN_CONTRACT } from "./constants.js";
+import { RLNBaseContract } from "./rln_base_contract.js";
+
+describe("RLN Proof Integration Tests", function () {
+  this.timeout(30000);
+
+  let rpcUrl: string;
+
+  before(async function () {
+    this.timeout(10000); // Allow time for WASM initialization
+
+    // Initialize WASM module before running tests
+    await RLNInstance.create();
+
+    rpcUrl = process.env.RPC_URL || "https://rpc.sepolia.linea.build";
+
+    if (!rpcUrl) {
+      console.log(
+        "Skipping integration tests - RPC_URL environment variable not set"
+      );
+      console.log(
+        "To run these tests, set RPC_URL to a Linea Sepolia RPC endpoint"
+      );
+      this.skip();
+    }
+  });
+
+  it("get merkle proof from contract, construct rln proof, verify rln proof", async function () {
+    // Load the test keystore from constant (browser-compatible)
+    const keystore = Keystore.fromString(TEST_KEYSTORE_DATA.keystoreJson);
+    if (!keystore) {
+      throw new Error("Failed to load test keystore");
+    }
+
+    // Use the known credential hash and password from the test data
+    const credentialHash = TEST_KEYSTORE_DATA.credentialHash;
+    const password = TEST_KEYSTORE_DATA.password;
+    console.log(`Using credential hash: ${credentialHash}`);
+    const credential = await keystore.readCredential(credentialHash, password);
+    if (!credential) {
+      throw new Error("Failed to unlock credential with provided password");
+    }
+
+    // Extract the ID commitment from the credential
+    const idCommitment = credential.identity.IDCommitmentBigInt;
+    console.log(`ID Commitment from keystore: ${idCommitment.toString()}`);
+
+    const publicClient = createPublicClient({
+      chain: lineaSepolia,
+      transport: http(rpcUrl)
+    });
+
+    const dummyWalletClient = createPublicClient({
+      chain: lineaSepolia,
+      transport: http(rpcUrl)
+    }) as any;
+
+    const contract = await RLNBaseContract.create({
+      address: RLN_CONTRACT.address as Address,
+      publicClient,
+      walletClient: dummyWalletClient
+    });
+
+    // First, get membership info to find the index
+    const membershipInfo = await contract.getMembershipInfo(idCommitment);
+
+    if (!membershipInfo) {
+      console.log(
+        `ID commitment ${idCommitment.toString()} not found in membership set`
+      );
+      this.skip();
+      return;
+    }
+
+    console.log(`Found membership at index: ${membershipInfo.index}`);
+    console.log(`Membership state: ${membershipInfo.state}`);
+
+    // Get the merkle proof for this member's index
+    const merkleProof = await contract.getMerkleProof(membershipInfo.index);
+
+    expect(merkleProof).to.be.an("array");
+    expect(merkleProof).to.have.lengthOf(MERKLE_TREE_DEPTH); // RLN uses fixed depth merkle tree
+
+    console.log(`Merkle proof for ID commitment ${idCommitment.toString()}:`);
+    console.log(`Index: ${membershipInfo.index}`);
+    console.log(`Proof elements (${merkleProof.length}):`);
+    merkleProof.forEach((element, i) => {
+      console.log(
+        `  [${i}]: ${element.toString()} (0x${element.toString(16)})`
+      );
+    });
+
+    // Verify all proof elements are valid bigints
+    merkleProof.forEach((element, i) => {
+      expect(element).to.be.a(
+        "bigint",
+        `Proof element ${i} should be a bigint`
+      );
+      expect(element).to.not.equal(0n, `Proof element ${i} should not be zero`);
+    });
+  });
+
+  it.only("should generate a valid RLN proof", async function () {
+    const publicClient = createPublicClient({
+      chain: lineaSepolia,
+      transport: http(rpcUrl)
+    });
+
+    const dummyWalletClient = createPublicClient({
+      chain: lineaSepolia,
+      transport: http(rpcUrl)
+    }) as any;
+
+    const contract = await RLNBaseContract.create({
+      address: RLN_CONTRACT.address as Address,
+      publicClient,
+      walletClient: dummyWalletClient
+    });
+    // get credential from keystore
+    const keystore = Keystore.fromString(TEST_KEYSTORE_DATA.keystoreJson);
+    if (!keystore) {
+      throw new Error("Failed to load test keystore");
+    }
+    const credentialHash = TEST_KEYSTORE_DATA.credentialHash;
+    const password = TEST_KEYSTORE_DATA.password;
+    const credential = await keystore.readCredential(credentialHash, password);
+    if (!credential) {
+      throw new Error("Failed to unlock credential with provided password");
+    }
+    const idCommitment = credential.identity.IDCommitmentBigInt;
+    const membershipInfo = await contract.getMembershipInfo(idCommitment);
+    if (!membershipInfo) {
+      throw new Error("Failed to get membership info");
+    }
+    const rateLimit = BigInt(membershipInfo.rateLimit);
+
+    const merkleProof = await contract.getMerkleProof(membershipInfo.index);
+    const merkleRoot = await contract.getMerkleRoot();
+    const rateCommitment = calculateRateCommitment(idCommitment, rateLimit);
+
+    // Get the array of indexes that correspond to each proof element
+    const proofElementIndexes = extractPathDirectionsFromProof(
+      merkleProof,
+      rateCommitment,
+      merkleRoot
+    );
+    if (!proofElementIndexes) {
+      throw new Error("Failed to extract proof element indexes");
+    }
+
+    // Verify the array has the correct length
+    expect(proofElementIndexes).to.have.lengthOf(MERKLE_TREE_DEPTH);
+
+    // Verify that we can reconstruct the root using these indexes
+    const reconstructedRoot = reconstructMerkleRoot(
+      merkleProof as bigint[],
+      BigInt(membershipInfo.index),
+      rateCommitment
+    );
+
+    expect(reconstructedRoot).to.equal(
+      merkleRoot,
+      "Reconstructed root should match contract root"
+    );
+
+    const testMessage = new TextEncoder().encode("test");
+    const rlnInstance = await RLNInstance.create();
+
+    const proof = await rlnInstance.zerokit.generateRLNProof(
+      testMessage,
+      membershipInfo.index,
+      new Date(),
+      credential.identity.IDSecretHash,
+      merkleProof.map((proof) => BytesUtils.fromBigInt(proof, 32, "little")),
+      proofElementIndexes.map((index) =>
+        BytesUtils.writeUIntLE(new Uint8Array(1), index, 0, 1)
+      ),
+      Number(rateLimit),
+      0
+    );
+
+    const isValid = rlnInstance.zerokit.verifyRLNProof(
+      BytesUtils.writeUIntLE(new Uint8Array(8), testMessage.length, 0, 8),
+      testMessage,
+      proof,
+      [BytesUtils.fromBigInt(merkleRoot, 32, "little")]
+    );
+    expect(isValid).to.be.true;
+  });
+});