The circuit calculates the account-rlp of a burn address and then generate the leaf-trie-node accordingly.
It will then iterate through trie nodes and check whether keccak(layer[i])
is within keccak(layer[i+1])
.
Finally it will return the keccak of last layer as the state_root. The account balance and its nullifier are also exposed as public inputs.
Burn-key is a number you generate in order to start the burn/mint process. It somehow is your "private-key" to the world of EIP-7503.
- Burn-address: MiMC7(burnKey, receiverAddress) The amount can only be minted for the given receiver-address.
- Nullifier: MiMC7(burnKey, 1) Nullifier prevents us from using the burn-key again.
- PoW; MiMC7(burnKey, 2) < THRESHOLD Only burn-keys which fit in the equation can be used.
- Coin: MiMC7(burnKey, amount) A "coin" is an encrypted amount which can be partially withdrawn, resulting in a new coin.
We need a secret entropy other than the actual private-key of your Ethereum account. A good candidate is a ERC-191 digital-signature which can be safely generated by a crypto wallet.
The flow will be like this:
- The web application will ask the user to sign
"\x19Ethereum Signed Message:\n" + "EIP-7503"
string which will then return a deterministic signature. THIS SIGNATURE SHOULD NEVER BECOME PUBLIC - The scalar components of the signature may be used as an entropy for finding unlimited burn-keys.
Note
Optionally, use nix-shell
and then skip to step 5.
Or, use the Dockerfile
- Install Rust toolkit
curl --proto '=https' --tlsv1.2 https://sh.rustup.rs -sSf | sh
- Install Circom
git clone https://github.com/iden3/circom.git
cd circom && cargo install --path circom
- Clone this repo
git clone --recurse-submodules https://github.com/worm-privacy/proof-of-burn
cd proof-of-burn
- Install Python dependencies
python -m venv .venv
source .venv/bin/activate
pip install -r requirements.txt
- Start Ganache or Anvil (Foundry) server
ganache -d
anvil --mnemonic "myth like bonus scare over problem client lizard pioneer submit female collect"
- Run the Makefile
make
After running make
, the main.py
script will first initiate a transfer to a burn-address and will then generate an input file for the circuit. Then it will try to generate a witness file through the Circom-generated C program.