Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: make nullifier not leak identity between polls #1974

Open
wants to merge 1 commit into
base: dev
Choose a base branch
from

Conversation

ctrlc03
Copy link
Collaborator

@ctrlc03 ctrlc03 commented Dec 20, 2024

Description

Currently, the nullifier leaks user identity between polls, as it's the poseidon hash of the user original private key. By adding the poll Id as a public input, we can check inside the circuit that nullifier = poseidon(privateKey, pollId), thus resulting in completely different nullifiers per each poll, and also keeping the use of the nullifier to prevent double signup.

Confirmation

Copy link

vercel bot commented Dec 20, 2024

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name Status Preview Updated (UTC)
maci-website ✅ Ready (Inspect) Visit Preview Dec 20, 2024 10:48pm

packages/contracts/contracts/PollFactory.sol Dismissed Show dismissed Hide dismissed
packages/contracts/contracts/PollFactory.sol Dismissed Show dismissed Hide dismissed
Copy link
Collaborator

@kittybest kittybest left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks! But would the identity be leaked if we only hash the private key? I think the poseidon function is not reversible?

@ctrlc03
Copy link
Collaborator Author

ctrlc03 commented Dec 20, 2024

Thanks! But would the identity be leaked if we only hash the private key? I think the poseidon function is not reversible?

The issue is that if you register to 5 polls, each poll will have the same nullifier (which is, well was, the hash of the original private key signed up to the maci contract), so even if you use different poll keys and different addresses, others might observe that one user is the same and has x keys on x polls. Adding the poll Id makes it a completely new value which does not leak you joining other polls

Copy link
Collaborator

@0xmad 0xmad left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@ctrlc03 thanks!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
Status: In Progress
Development

Successfully merging this pull request may close these issues.

3 participants