Circuits

Arithmetic Circuits allow for zero-knowledge (ZK) operations, and are used e.g., by our genesis contracts for these specific use-cases:

Developers can write their own ZK circuits as part of their smart contracts, allowing for the proving and verification of zero-knowledge proofs.

Phoenix circuits

Circuits in Phoenix prove that the following conditions hold true:

Membership: Every note that is about to be spent is included in the Merkle tree of notes.
Ownership: The sender holds the note secret key for every note that is about to be spent.
Nullification: The nullifier is calculated correctly.
Minting: The value commitment for the newly minted notes are computed correctly.
Balance integrity: The sum of the values of all spent notes is equal to the sum of the values of all minted notes + the gas fee + a deposit, where a deposit refers to funds being transfered to a contract.

For additional information, you can have a look at the circuits and specifications.

Circuits in Citadel allow for the following actions: Request Creation and Encryption:

Stealth Address Generation: A new stealth address is correctly generated using Diffie-Hellman.
Data Encryption: The license stealth address and an additional key are encrypted using the derived key.
Session Initialization: Public inputs are used to construct session data (e.g. session ID, session hash, commitments…).
Verification: Pedersen commitments and hash commitment are calculated and verified.
Data Decryption: Requested data is decrypted using the derived key.
Signature Creation: A signature for the license is generated using the license secret key and hash.
License Data Encryption: The signature and attribute data are encrypted with the public key of the license.
Proof Generation: A proof of membership in a Merkle tree is created.
Proof Verification:: Cryptographic commitments are computed and the signature of the session hash is verified.

For additional information, you can have a look at the circuits and specifications.