Skip to main content
Version: 2.0.0-beta-2

UniRep contract

This is the core UniRep contract.

import { Unirep } from '@unirep/contracts/Unirep.sol';

userSignUp

Submit a signup zk proof for a user.

caution

msg.sender must be the attester.

function userSignUp(
  uint[] memory publicSignals,
  uint[8] memory proof
) public

manualUserSignUp

Sign up a new user by manually supplying an identity commitment and state tree leaf. The initialData should be the values of the user data in the state tree leaf (if non-zero). This is designed to be used by applications that want custom signup proofs.

caution

msg.sender must be the attester.

function manualUserSignUp(
  uint64 epoch,
  uint256 identityCommitment,
  uint256 stateTreeLeaf,
  uint256[] memory initialData
) public

attesterSignUp

Register an attester contract. msg.sender will become an attester.

tip

The attesterId is the address of the attester contract. In this case msg.sender.

function attesterSignUp(uint epochLength) public

attesterSignUpViaRelayer

Register an attester contract through a relayer. The signature will be recovered and checked if it matches the given attester address.

function attesterSignUpViaRelayer(
  address attester,
  uint256 epochLength,
  bytes calldata signature
) public

attest

Create an attestation to an epoch key. If the current epoch is not the same as targetEpoch the transaction will revert.

Apply a change to a user data field at index fieldIndex. Changes will be applied using either addition or replacement, depending on which field is selected.

caution

msg.sender must be the attester.

function attest(
  uint epochKey,
  uint48 targetEpoch,
  uint fieldIndex,
  uint change
) public

userStateTransition

Execute a user state transition using a ZK proof. This will insert a new state tree leaf in the current epoch.

function userStateTransition(
  uint[] memory publicSignals,
  uint[8] memory proof
) public

attesterCurrentEpoch

Get the current epoch number for an attester.

function attesterCurrentEpoch(
  uint160 attesterId
) public view returns (uint48)

attesterEpochRemainingTime

Get the remaining time, in seconds, for the current epoch for an attester.

function attesterEpochRemainingTime(
  uint160 attesterId
) public view returns (uint)

decodeEpochKeyControl

Decode a epoch key related control from epoch key lite proof, epoch key proof, and reputation proof into named variables.

function decodeEpochKeyControl(uint256 control)
    public
    pure
    returns (
      uint256 revealNonce,
      uint256 attesterId,
      uint256 epoch,
      uint256 nonce
    )

decodeReputationControl

Decode a reputation related control from reputation proof into named variables.

function decodeReputationControl(uint256 control)
    public
    pure
    returns (
      uint256 minRep,
      uint256 maxRep,
      uint256 proveMinRep,
      uint256 proveMaxRep,
      uint256 proveZeroRep,
      uint256 proveGraffiti
    )

decodeReputationSignals

Decode the public signals from a reputation proof into named variables.

function decodeReputationSignals(uint256[] memory publicSignals)
    public
    pure
    returns (ReputationSignals memory)
struct ReputationSignals {
    uint256 stateTreeRoot;
    uint256 epochKey;
    uint256 graffitiPreImage;
    uint256 proveGraffiti;
    uint256 nonce;
    uint256 epoch;
    uint256 attesterId;
    uint256 revealNonce;
    uint256 proveMinRep;
    uint256 proveMaxRep;
    uint256 proveZeroRep;
    uint256 minRep;
    uint256 maxRep;
}

verifyReputationProof

Verify a reputation proof and validate the public signals against the onchain state. This function will revert if any inputs are invalid.

caution

This function does not require the epoch for the proof to be the current epoch. The user may generate a valid proof for a past epoch. If you require the proof to be for the current epoch you should add an additional check using attesterCurrentEpoch.

function verifyReputationProof(
    uint256[] memory publicSignals,
    uint256[8] memory proof
) public;

decodeEpochKeySignals

Decode the public signals from an epoch key proof into named variables.

function decodeEpochKeySignals(uint256[] memory publicSignals)
    public
    pure
    returns (EpochKeySignals memory)
struct EpochKeySignals {
    uint256 revealNonce;
    uint256 stateTreeRoot;
    uint256 epochKey;
    uint256 data;
    uint256 nonce;
    uint256 epoch;
    uint256 attesterId;
}

verifyEpochKeyProof

Verify an epoch key proof and validate the public signals against the onchain state. This function will revert if any inputs are invalid.

caution

This function does not require the epoch for the proof to be the current epoch. The user may generate a valid proof for a past epoch. If you require the proof to be for the current epoch you should add an additional check using attesterCurrentEpoch.

function verifyEpochKeyProof(
    uint256[] memory publicSignals,
    uint256[8] memory proof
) public;

decodeEpochKeyLiteSignals

Decode the public signals from an epoch key lite proof info named variables.

function decodeEpochKeyLiteSignals(uint256[] memory publicSignals)
    public
    pure
    returns (EpochKeySignals memory)
tip

The stateTreeRoot variable in this struct is unused for epoch key lite proofs.

struct EpochKeySignals {
    uint256 revealNonce;
    uint256 stateTreeRoot;
    uint256 epochKey;
    uint256 data;
    uint256 nonce;
    uint256 epoch;
    uint256 attesterId;
}

verifyEpochKeyLiteProof

Verify an epoch key lite proof and validate the public signals against the onchain state. This function will revert if any inputs are invalid.

caution

This function does not require the epoch for the proof to be the current epoch. The user may generate a valid proof for a past epoch. If you require the proof to be for the current epoch you should add an additional check using attesterCurrentEpoch.

function verifyEpochKeyLiteProof(
    uint256[] memory publicSignals,
    uint256[8] memory proof
) public;

epochKeyVerifier

A contract address for an epoch key proof verifier. See IVerifier for more info.

danger

Using the verifier directly does not validate the output state root, attester id, or epoch. Prefer the EpochKeyProof function unless you know what you are doing.

IVerifier public immutable epochKeyVerifier;

Example use:

bool valid = unirep.epochKeyVerifier.verifyProof(publicSignals, proof);

epochKeyLiteVerifier

A contract address for an epoch key lite proof verifier. See IVerifier for more info.

danger

Using the verifier directly does not validate the output state root, attester id, or epoch. Prefer the verifyEpochKeyProof function unless you know what you are doing.

IVerifier public immutable epochKeyLiteVerifier;

Example use:

bool valid = unirep.epochKeyLiteVerifier.verifyProof(publicSignals, proof);

signupVerifier

A contract address for a signup proof verifier. See IVerifier for more info.

IVerifier public immutable signupVerifier;

reputationVerifier

A contract address for a reputation proof verifier. See IVerifier for more info.

danger

Using the verifier directly does not validate the output state root, attester id, or epoch. Prefer the verifyReputationProof function unless you know what you are doing.

IVerifier public immutable reputationVerifier;

userStateTransitionVerifier

A contract address for a user state transition proof verifier. See IVerifier for more info.

IVerifier public immutable userStateTransitionVerifier;

attesterStartTimestamp

Get the start timestamp for an attester (in seconds). This is the start of the 0th epoch.

function attesterStartTimestamp(uint160 attesterId)
  public
  view
  returns (uint256)

attesterEpochLength

Get the epoch length for an attester.

function attesterEpochLength(uint160 attesterId)
  public
  view
  returns (uint256)

attesterStateTreeRootExists

Check if a state tree root exists for an attester and epoch.

function attesterStateTreeRootExists(uint160 attesterId, uint256 epoch, uint256 root)
  public
  view
  returns (bool)

attesterStateTreeRoot

Get the state tree root for an attester for the current epoch.

function attesterStateTreeRoot(uint160 attesterId)
  public
  view
  returns (uint256)

attesterStateTreeLeafCount

Get the number of state tree leaves for an attester for the current epoch.

function attesterStateTreeLeafCount(uint160 attesterId)
  public
  view
  returns (uint256)

attesterSemaphoreGroupRoot

Get the semaphore group root for an attester.

function attesterSemaphoreGroupRoot(uint160 attesterId)
  public
  view
  returns (uint256)

attesterMemberCount

Get the number of members in the attester semaphore group.

function attesterMemberCount(uint160 attesterId)
  public
  view
  returns (uint256)

attesterEpochRoot

Get the epoch tree root for an attester for a certain epoch.

function attesterEpochRoot(uint160 attesterId, uint256 epoch)
  public
  view
  returns (uint256)

stateTreeDepth

Get the state tree depth for the Unirep contract.

function stateTreeDepth() public view returns (uint8)

epochTreeDepth

Get the epoch tree depth for the Unirep contract.

function epochTreeDepth() public view returns (uint8)

historyTreeDepth

Get the history tree depth for the Unirep contract.

function historyTreeDepth() public view returns (uint8)

numEpochKeyNoncePerEpoch

Get the maximum nonce value for an epoch key. This determines the number of epoch keys per epoch.

function numEpochKeyNoncePerEpoch() public view returns (uint8)

fieldCount

The number of data fields each user has in this Unirep deployment.

function fieldCount() public view returns (uint8)

sumFieldCount

How many of the data fields are combined with addition. The sum fields are the first sumFieldCount fields in the user data.

function sumFieldCount() public view returns (uint8)

Events

The UniRep contract emits a number of events to help offchain observers track state.

AttesterSignedUp

Emitted when an attester registers with the unirep contract.

event AttesterSignedUp(
  uint160 indexed attesterId,
  uint256 indexed epochLength
);

UserSignUp

Emitted when a user joins an attester.

event UserSignedUp(
    uint256 indexed epoch,
    uint256 indexed identityCommitment,
    uint160 indexed attesterId,
    uint256 leafIndex
);

UserStateTransitioned

Emitted when a user transitions to a new epoch.

event UserStateTransitioned(
    uint256 indexed epoch,
    uint160 indexed attesterId,
    uint256 indexed leafIndex,
    uint256 hashedLeaf,
    uint256 nullifier
);

Attestation

Emitted when an attester makes an attestation to an epoch key.

event Attestation(
    uint256 indexed epoch,
    uint256 indexed epochKey,
    uint160 indexed attesterId,
    uint256 fieldIndex,
    uint256 change,
    uint256 timestamp
);

StateTreeLeaf

Emitted when a leaf is added to a state tree.

event StateTreeLeaf(
    uint256 indexed epoch,
    uint160 indexed attesterId,
    uint256 indexed index,
    uint256 leaf
);

EpochTreeLeaf

Emitted when a leaf in an epoch tree is updated.

event EpochTreeLeaf(
    uint256 indexed epoch,
    uint160 indexed attesterId,
    uint256 indexed index,
    uint256 leaf
);

HistoryTreeLeaf

Emitted when a leaf is added to the history tree.

event HistoryTreeLeaf(
    uint160 indexed attesterId,
    uint256 leaf
);

EpochEnded

Emitted when an attester epoch ends.

event EpochEnded(uint256 indexed epoch, uint160 indexed attesterId);