Reputation Proof

The zero-knowledge circuit of reputation proof in UniRep

Users can use a reputation proof to claim that how the reputation is from a given attester. There are following things that user can choose to prove:

The pos_rep - neg_rep given by the attester is more than the claimed min_rep i.e.
```
(pos_rep - neg_rep) > min_rep
```
The graffiti_preimage of a graffiti i.e.
```
hash(graffiti_preimage) == graffiti
```

The reputation nullifiers are computed correctly i.e.

// for all nonces
nonce >= 0
nonce < pos_rep - neg_rep
reputation_nullifiers = hash5(
    REPUTATION_NULLIFIER_DOMAIN, 
    identity_nullifier, 
    epoch, 
    nonce, 
    attesterId
)

The circuit also checks if the user has registered and performed user state transition in the claimed epoch.

Public inputs

epoch
epoch_key
GST_root
attester_id
rep_nullifiers_amount
min_rep
prove_graffiti
graffiti_pre_image

Public outputs

rep_nullifiers

Private inputs

epoch_key_nonce
identity_nullifier
identity_trapdoor
user_tree_root
GST_path_index
GST_path_elements
pos_rep
neg_rep
graffiti
sign_up
UST_path_elements
selectors
rep_nonce

Contraints

1. Check if user exists in the Global State Tree and verify epoch key

Check the constrains in epoch key proof.

See: Epoch Key Proof circuit

2. Check if the reputation given by the attester is in the user state tree

Check if hash(pos_rep, neg_rep, graffiti, sign_up) is one of the leaves in the user state tree of root user_tree_root.

3. Check if reputation nullifiers are valid

Check if rep_nonce[i] < pos_rep - neg_rep for all output rep_nullifiers[i].

Check if

rep_nullifier[i] = hash(
    REPUTATION_NULLIFIER_DOMAIN = 2, 
    identity_nullifier, 
    epoch, 
    rep_nonce[i], 
    attester_id
)

See: Reputation nullifiers

4. Check if user has reputation greater than `min_rep`

Check if

min_rep > 0
pos_rep - neg_rep >= 0
pos_rep - neg_rep >= min_rep

5. Check pre-image of graffiti

Check if hash(graffiti_pre_image) == graffiti.

See the whole circuit in circuits/proveReputation.circom

PreviousEpoch Key Proof NextUser Sign Up Proof

Last updated 2 years ago

Was this helpful?

Contraints

1. Check if user exists in the Global State Tree and verify epoch key

Check the constrains in epoch key proof.

2. Check if the reputation given by the attester is in the user state tree

Check if hash(pos_rep, neg_rep, graffiti, sign_up) is one of the leaves in the user state tree of root user_tree_root.

3. Check if reputation nullifiers are valid

Check if rep_nonce[i] < pos_rep - neg_rep for all output rep_nullifiers[i].

Check if

rep_nullifier[i] = hash(
    REPUTATION_NULLIFIER_DOMAIN = 2, 
    identity_nullifier, 
    epoch, 
    rep_nonce[i], 
    attester_id
)

4. Check if user has reputation greater than min_rep

Check if

min_rep > 0

pos_rep - neg_rep >= 0

pos_rep - neg_rep >= min_rep

5. Check pre-image of graffiti

Check if hash(graffiti_pre_image) == graffiti.

Public inputs

Public outputs

Private inputs

Contraints

1. Check if user exists in the Global State Tree and verify epoch key

2. Check if the reputation given by the attester is in the user state tree

3. Check if reputation nullifiers are valid

4. Check if user has reputation greater than min_rep

5. Check pre-image of graffiti

Public inputs

Public outputs

Private inputs

Contraints

1. Check if user exists in the Global State Tree and verify epoch key

2. Check if the reputation given by the attester is in the user state tree

3. Check if reputation nullifiers are valid

4. Check if user has reputation greater than min_rep

5. Check pre-image of graffiti

4. Check if user has reputation greater than `min_rep`

4. Check if user has reputation greater than `min_rep`