Releases: semaphore-protocol/semaphore
v3.2.0
📣 Important news
Testnet networks
We are excited to announce that Semaphore is now available in the following testnet networks: Sepolia, Mumbai and Optimism Goerli. Please, check the contract addresses in our documentation. We will work to deploy the contracts on the mainnets as soon as possible!
New Semaphore package
@semaphore-protocol/subgraph
package has been replaced by @semaphore-protocol/data
, which contains the former subgraph class (now SemaphoreSubgraph
) and a new class (SemaphoreEthers
). SemaphoreEthers
supports all Ethers providers and networks and thus provides devs with a more flexible and simple solution to directly fetch on-chain data, potentially more convenient in the early stages of development.
Please, check out its README file for more information.
PR: #264
Special thanks to @vplasencia for the idea!
New subgraph endpoints
Semaphore discontinued TheGraph Hosting Service and is using TheGraph Studio now. You can find the new endpoints in our subgraph repository. New endpoints for Mumbai and Optimism Goerli are also available!
More security
identity
, group
, proof
) will not have any breaking changes in the future unless there are major bugs.
PR: #262
Special thanks to @vimwitch!
More efforts on packages' size
We know that package size is a key issue in adoption, especially in countries where connectivity is still slow. @semaphore-protocol/identity
package's size has been drastically reduced, decreasing from 1.2 MB to 114.6 kB. Check out the progress on Bundlephobia!
PR: #271
Special thanks to @vimwitch!
Semaphore benchmarks
Semaphore has a new repository to collect benchmarks. Currently there is a simple web page that can be used to test the speed of generating a Semaphore proof in your devices. Try generating a Semaphore proof yourself on https://benchmarks.semaphore.appliedzkp.org!
🚀 Features
- @semaphore-protocol/data:
- @semaphore-protocol/identity:
- @semaphore-protocol/hardhat: add hardhat task to deploy semaphore verifier only - by @shiyingt (97279)
♻️ Refactoring
- @semaphore-protocol/contracts: Change Semaphore__InvalidProof to InvalidProof - by @0xdeenz (dc39c)
View changes on GitHub
v3.1.0
🚀 Features
- @semaphore-protoco/subgraph:
- @semaphore-protocol/cli:
- Add check for latest version - by @vplasencia (ed812)
- Integrate inquirer in create command - by @vplasencia (7f63c)
- @semaphore-protocol/group:
View changes on GitHub
v3.0.0
Changelog
🚀 New Features
Semaphore CLI
Your Semaphore project can now be created with a simple command-line tool. For more information see the README file of our package or try our new Quick Setup in our documentation. Currently it can be used to create a project with Hardhat and Semaphore contracts (cli-template-hardhat
) but we plan to integrate new templates (e.g. Foundry template).
Semaphore Hardhat plugin
The Hardhat plugin for Semaphore can be used to deploy the Semaphore.sol
contract with a simple Hardhat task. For more information see the README file of our package.
🐛 Bug Fixes
Editor’s entity may be overwritten (V-SEM-VUL-003)
If an entity’s editor is overwritten, that entity would no longer be able to add or remove whistleblowers in the future. A malicious actor could therefore use createEntity to disrupt the expected operation of the contract.
For more information see the Github issue or read the Veridise report below.
merkleRootDuration
cannot be changed (V-SEM-VUL-007)
The admin might not know an appropriate value for the merkleRootDuration
and may like to change it if the the initial value is inconvenient. In addition, under certain circumstances a poorly chosen value could cause verifyProof to fail.
For more information see the Github issue or read the Veridise report below.
Infinite loop if input array is too large (V-SEM-VUL-006)
If an admin adds more than 255 members, the infinite loop will consume all of the transaction’s gas and then revert. This therefore can waste a user’s funds.
For more information see the Github issue or read the Veridise report below.
Different checks used to determine if group exists (V-SEM-VUL-010)
In the unlikely scenario that the group exists and the root hash is 0, legitimate verify, update, and remove transactions would get rejected until the root hash changes.
For more information see the Github issue or read the Veridise report below.
No zero value validation (V-SEM-VUL-001)
First, this value allows the creator of a group guaranteed access to the group. In certain circumstances this may be undesired (for example if the admin is not the group creator such as if the admin is a DAO that votes on who to add/remove or if an admin is changed) as the original creator has a permanent method of influencing the application that uses the groups. There are similar methods an admin (who might not be the group creator) can use without the zeroValue but these (1) are more visible as adding members is a matter of public record and (2) can be undone by removing the user.
Second, if common values such as 0 are repeatedly used and the identity commitment of this value is eventually compromised, such a user would be able to gain membership to all groups that use this value as the zeroValue.
For more information see the Github issue or read the Veridise report below.
Minor bug fixes
- No version range for
snarkjs
andposeidon-lite
dependencies by @cedoor in #226 - Fix/add ts suppress error comment by @vplasencia in #223
- Merkle roots for any tree update by @cedoor in #167
♻️ Refactoring
One Verifier to rule them all
The old SemaphoreCore.sol
contract allowed zero-knowledge proofs to be verified using 17 other Verifier.sol
contracts, each of which contained the same functions but with different parameters generated according to the depth of the Merkle tree. The new SemaphoreVerifier.sol
contract contains the same functions and an array of parameters that differ in the Verifier.sol
contracts, thus not duplicating the code and reducing the number of lines of code by about 3800. Deploying Semaphore contracts on other networks therefore becomes extremely cheaper.
New Poseidon library
@semaphore-protocol/identity
now uses poseidon-lite
, a stripped down Poseidon implementation pulled from circomlibjs
v0.0.8. This made it possible to drastically reduce code previously imported from the circomlibjs
library that was not actually used.
Minor changes
- Public
merkleTree
attribute and new method name by @cedoor in #163 - Remove modifiers from proof verification functions by @cedoor in #164
- New hash function to normalize signal & external nullifier by @cedoor in #170
- No SNARK restrictions for Group IDs by @cedoor in #180
- New hash function to generate identity secrets by @cedoor in #194
- Migrate from hardhat-waffle to hardhat-chai-matchers by @cedoor in #195
- Update circuits' nLevels comment by @cedoor in #204
- General refactoring and additional documentation to contracts by @cedoor in #210
- Arbitrum subgraph by @cedoor in #231
Migration
Some functions of the contracts and JavaScript libraries have been revised to make the dev experience smoother. Below are details of the changes to simplify your migration from v2.6.1 to v3.
@semaphore-protocol/contracts
SemaphoreVerifier.sol
The old Verifier contracts and the SemaphoreCore.sol
contract were replaced by a single SemaphoreVerifier.sol
contract, which contains a single external function to verify proofs. The old verifier
parameter (the verifier contract address) was replaced by merkleTreeDepth
.
- _verifyProof(signal, merkleTreeRoot, nullifierHash, externalNullifier, proof, verifier);
+ verifier.verifyProof(merkleTreeRoot, nullifierHash, signal, externalNullifier, proof, merkleTreeDepth);
SemaphoreGroups.sol
The zero value required for the Merkle trees of groups is now created internally based on the group id.
- _createGroup(groupId, merkleTreeDepth);
+ _createGroup(groupId, merkleTreeDepth, zeroValue);
Semaphore.sol
According to the new SemaphoreVerifier.sol
contract, the constructor of Semaphore.sol
only needs one address now.
- constructor(Verifier[] memory _verifiers) {
- for (uint8 i = 0; i < _verifiers.length; ) {
- verifiers[_verifiers[i].merkleTreeDepth] = IVerifier(_verifiers[i].contractAddress);
-
- unchecked {
- ++i;
- }
- }
- }
+ constructor(ISemaphoreVerifier _verifier) {
+ verifier = _verifier;
+ }
According to the new SemaphoreGroups.sol
contract, the createGroup
function only needs three or four parameters now.
- createGroup(groupId, merkleTreeDepth, admin);
+ createGroup(groupId, merkleTreeDepth, zeroValue, admin);
- createGroup(groupId, merkleTreeDepth, admin, merkleTreeDuration);
+ createGroup(groupId, merkleTreeDepth, zeroValue, admin, merkleTreeDuration);
@semaphore-protocol/identity
Get the identity commitment
The identity commitment is generated in the constructor of the class, so that it is immediately available as an accessor property together with trapdoor a nullifier.
import { Identity } from "@semaphore-protocol/identity"
import { Group } from "@semaphore-protocol/group"
const identity = new Identity()
const group = new Group(1)
- group.addMember(identity.generateCommitment())
+ group.addMember(identity.commitment)
@semaphore-protocol/group
Create a group
The constructor parameters of the Group
class are in accordance with the parameters of the createGroup
fun...
v3.0.0-beta.7
chore: update lockfile Former-commit-id: 3bcec50e19ef164d4be7abd91311b79bc48c8b01
v3.0.0-beta.6
chore: v3.0.0-beta.6 Former-commit-id: 1df18f81f775b4c7384247d8f620300290ea7312
v3.0.0-beta.5
chore: update lockfile Former-commit-id: 1d4e7c509e8422f3cd317c83b8e4c010c8d7fd3d
v3.0.0-beta.4
chore(cli): v0.5.0 Former-commit-id: bd30127759bea9a7b049920781a19d58bd1298c7
v3.0.0-beta.3
docs(proof): update readme file Former-commit-id: 55add650f9276eb97107b046dce3f4ec847ad8e5
v3.0.0-beta.2
Merge pull request #180 from semaphore-protocol/refactor/group-id No SNARK restrictions for Group IDs Former-commit-id: 27320f17233b18de477a74919084fba76513470f
v3.0.0-beta.1
chore: add license to contracts package Former-commit-id: 0f24c01ff15d49db44883adba3e88c0313a4a715