Skip to main content
Version: 2.0.0-alpha-3

UniRep contract

This is the core UniRep contract.

import { Unirep } from '@unirep/contracts/Unirep.sol';

userSignUp

Submit a signup zk proof for a user.

caution

msg.sender must be the attester.

function userSignUp(
  uint[] memory publicSignals,
  uint[8] memory proof
) public

attesterSignUp

Register an attester contract. msg.sender will become an attester.

tip

The attesterId is the address of the attester contract. In this case msg.sender.

function attesterSignUp(uint epochLength) public

submitAttestation

Create an attestation to an epoch key. If the current epoch is not the same as targetEpoch the transaction will revert.

caution

msg.sender must be the attester.

function submitAttestation(
  uint targetEpoch,
  uint epochKey,
  uint posRep,
  uint negRep,
  uint graffiti
) public

buildHashchain

Create a hashchain of epoch key balance updates that can be used to update the epoch root.

function buildHashchain(uint160 attesterId) public

processHashchain

Update the epoch tree root using a ZK proof and a hashchain.

function processHashchain(
  uint[] memory publicSignals,
  uint[8] memory proof
) public

userStateTransition

Execute a user state transition using a ZK proof. This will insert a new state tree leaf in the current epoch.

function userStateTransition(
  uint[] memory publicSignals,
  uint[8] memory proof
) public

attesterCurrentEpoch

Get the current epoch number for an attester.

function attesterCurrentEpoch(
  uint160 attesterId
) public view returns (uint)

attesterEpochRemainingTime

Get the remaining time, in seconds, for the current epoch for an attester.

function attesterEpochRemainingTime(
  uint160 attesterId
) public view returns (uint)

decodeReputationSignals

Decode the public signals from a reputation proof into named variables.

function decodeReputationSignals(uint256[] memory publicSignals)
    public
    pure
    returns (ReputationSignals memory)
struct ReputationSignals {
    uint256 stateTreeRoot;
    uint256 epochKey;
    uint256 graffitiPreImage;
    uint256 proveGraffiti;
    uint256 nonce;
    uint256 epoch;
    uint256 attesterId;
    uint256 revealNonce;
    uint256 proveMinRep;
    uint256 proveMaxRep;
    uint256 proveZeroRep;
    uint256 minRep;
    uint256 maxRep;
}

verifyReputationProof

Verify a reputation proof and validate the public signals against the onchain state. This function will revert if any inputs are invalid.

caution

This function does not require the epoch for the proof to be the current epoch. The user may generate a valid proof for a past epoch. If you require the proof to be for the current epoch you should add an additional check using attesterCurrentEpoch.

function verifyReputationProof(
    uint256[] memory publicSignals,
    uint256[8] memory proof
) public;

decodeEpochKeySignals

Decode the public signals from an epoch key proof into named variables.

function decodeEpochKeySignals(uint256[] memory publicSignals)
    public
    pure
    returns (EpochKeySignals memory)
struct EpochKeySignals {
    uint256 revealNonce;
    uint256 stateTreeRoot;
    uint256 epochKey;
    uint256 data;
    uint256 nonce;
    uint256 epoch;
    uint256 attesterId;
}

verifyEpochKeyProof

Verify an epoch key proof and validate the public signals against the onchain state. This function will revert if any inputs are invalid.

caution

This function does not require the epoch for the proof to be the current epoch. The user may generate a valid proof for a past epoch. If you require the proof to be for the current epoch you should add an additional check using attesterCurrentEpoch.

function verifyEpochKeyProof(
    uint256[] memory publicSignals,
    uint256[8] memory proof
) public;

decodeEpochKeyLiteSignals

Decode the public signals from an epoch key lite proof info named variables.

function decodeEpochKeyLiteSignals(uint256[] memory publicSignals)
    public
    pure
    returns (EpochKeySignals memory)
tip

The stateTreeRoot variable in this struct is unused for epoch key lite proofs.

struct EpochKeySignals {
    uint256 revealNonce;
    uint256 stateTreeRoot;
    uint256 epochKey;
    uint256 data;
    uint256 nonce;
    uint256 epoch;
    uint256 attesterId;
}

verifyEpochKeyLiteProof

Verify an epoch key lite proof and validate the public signals against the onchain state. This function will revert if any inputs are invalid.

caution

This function does not require the epoch for the proof to be the current epoch. The user may generate a valid proof for a past epoch. If you require the proof to be for the current epoch you should add an additional check using attesterCurrentEpoch.

function verifyEpochKeyLiteProof(
    uint256[] memory publicSignals,
    uint256[8] memory proof
) public;

epochKeyVerifier

A contract address for an epoch key proof verifier. See IVerifier for more info.

danger

Using the verifier directly does not validate the output state root, attester id, or epoch. Prefer the verifyEpochKeyProof function unless you know what you are doing.

IVerifier public immutable epochKeyVerifier;

Example use:

bool valid = unirep.epochKeyVerifier.verifyProof(publicSignals, proof);

epochKeyLiteVerifier

A contract address for an epoch key lite proof verifier. See IVerifier for more info.

danger

Using the verifier directly does not validate the output state root, attester id, or epoch. Prefer the verifyEpochKeyProof function unless you know what you are doing.

IVerifier public immutable epochKeyLiteVerifier;

Example use:

bool valid = unirep.epochKeyLiteVerifier.verifyProof(publicSignals, proof);

signupVerifier

A contract address for a signup proof verifier. See IVerifier for more info.

IVerifier public immutable signupVerifier;

reputationVerifier

A contract address for a reputation proof verifier. See IVerifier for more info.

danger

Using the verifier directly does not validate the output state root, attester id, or epoch. Prefer the verifyReputationProof function unless you know what you are doing.

IVerifier public immutable reputationVerifier;

userStateTransitionVerifier

A contract address for a user state transition proof verifier. See IVerifier for more info.

IVerifier public immutable userStateTransitionVerifier;

aggregateEpochKeysVerifier

A contract address for an aggregate epoch keys proof verifier. See IVerifier for more info.

IVerifier public immutable aggregateEpochKeysVerifier;

attesterStartTimestamp

Get the start timestamp for an attester (in seconds). This is the start of the 0th epoch.

function attesterStartTimestamp(uint160 attesterId)
  public
  view
  returns (uint256)

attesterEpochSealed

Get a boolean indicating whether or not an epoch for an attester is sealed. Once the epoch is sealed users may execute user state transitions from the epoch.

function attesterEpochSealed(uint160 attesterId, uint256 epoch)
  public
  view
  returns (bool)

attesterOwedEpochKeys

Get the number of epoch keys that are owed a balance for an attester in an epoch.

function attesterOwedEpochKeys(uint160 attesterId, uint256 epoch)
  public
  view
  returns (uint256)

attesterHashchainTotalCount

Get the total number of hashchains for an attester in an epoch.

function attesterHashchainTotalCount(uint160 attesterId, uint256 epoch)
  public
  view
  returns (uint256)

attesterHashchainProcessedCount

Get the number of processed hashchains for an attester in an epoch.

function attesterHashchainProcessedCount(uint160 attesterId, uint256 epoch)
  public
  view
  returns (uint256)

attesterHashchain

Get a hashchain for an attester.

function attesterHashchain(uint160 attesterId, uint256 epoch, uint256 index)
  public
  view
  returns (EpochKeyHashchain)

attesterEpochLength

Get the epoch length for an attester.

function attesterEpochLength(uint160 attesterId)
  public
  view
  returns (uint256)

attesterStateTreeRootExists

Check if a state tree root exists for an attester and epoch.

function attesterStateTreeRootExists(uint160 attesterId, uint256 epoch, uint256 root)
  public
  view
  returns (bool)

attesterStateTreeRoot

Get the state tree root for an attester for an epoch.

function attesterStateTreeRoot(uint160 attesterId, uint256 epoch)
  public
  view
  returns (uint256)

attesterStateTreeLeafCount

Get the number of state tree leaves for an attester for an epoch.

function attesterStateTreeLeafCount(uint160 attesterId, uint256 epoch)
  public
  view
  returns (uint256)

attesterSemaphoreGroupRoot

Get the Semaphore group root for an attester.

function attesterSemaphoreGroupRoot(uint160 attesterId)
  public
  view
  returns (uint256)

attesterMemberCount

Get the number of members in the attester Semaphore group.

function attesterMemberCount(uint160 attesterId)
  public
  view
  returns (uint256)

attesterEpochRoot

Get the epoch tree root for an attester for a certain epoch.

function attesterEpochRoot(uint160 attesterId, uint256 epoch)
  public
  view
  returns (uint256)

stateTreeDepth

Get the state tree depth for the Unirep contract.

function stateTreeDepth() public view returns (uint8)

epochTreeDepth

Get the epoch tree depth for the Unirep contract.

function epochTreeDepth() public view returns (uint8)

epochTreeArity

Get the epoch tree arity for the Unirep contract.

function epochTreeArity() public view returns (uint8)

numEpochKeyNoncePerEpoch

Get the maximum nonce value for an epoch key. This determines the number of epoch keys per epoch.

function numEpochKeyNoncePerEpoch() public view returns (uint256)

Events

The UniRep contract emits a number of events to help offchain observers track state.

UserSignUp

Emitted when a user joins an attester.

event UserSignedUp(
    uint256 indexed epoch,
    uint256 indexed identityCommitment,
    uint160 indexed attesterId,
    uint256 leafIndex
);

UserStateTransitioned

Emitted when a user transitions to a new epoch.

event UserStateTransitioned(
    uint256 indexed epoch,
    uint160 indexed attesterId,
    uint256 indexed leafIndex,
    uint256 hashedLeaf,
    uint256 nullifier
);

AttestationSubmitted

Emitted when an attester makes an attestation to an epoch key.

event AttestationSubmitted(
    uint256 indexed epoch,
    uint256 indexed epochKey,
    uint160 indexed attesterId,
    uint256 posRep,
    uint256 negRep
);

StateTreeLeaf

Emitted when a leaf is added to a state tree.

event StateTreeLeaf(
    uint256 indexed epoch,
    uint160 indexed attesterId,
    uint256 indexed index,
    uint256 leaf
);

EpochTreeLeaf

Emitted when a leaf in an epoch tree is updated.

event EpochTreeLeaf(
    uint256 indexed epoch,
    uint160 indexed attesterId,
    uint256 indexed index,
    uint256 leaf
);

EpochEnded

Emitted when an attester epoch ends.

event EpochEnded(uint256 indexed epoch, uint160 indexed attesterId);

HashchainBuilt

Emitted when a hashchain is built for an attester.

event HashchainBuilt(
  uint256 indexed epoch,
  uint160 indexed attesterId,
  uint256 index
);

HashchainProcessed

Emitted when a hashchain has been processed.

event HashchainProcessed(
  uint256 indexed epoch,
  uint160 indexed attesterId,
  bool isEpochSealed
);