ZK-Sentinel V11
TESTNET
⚡ ZK Circuits
Circom circuit design, constraint analysis, and proof generation
6
Total Circuits
~45K
Constraints (max)
~700ms
Proof Time
Circuit Inventory
| Circuit | Signals (In/Out) | Constraints | Purpose |
|---|---|---|---|
| deposit.circom | 4 / 1 | ~800 | Commitment = Poseidon₄(secret, nullifier_real, nullifier_decoy, hash_frase) |
| withdraw_sentinel.circom | 12 / 7 | ~42,000 | Dual-path: real OR decoy nullifier based on arithmetic selector |
| partial_withdraw_v1.circom | 14 / 8 | ~45,000 | Conservation law: withdrawAmount + fee + changeAmount = denom |
| selective_disclosure_v1.circom | 8 / 7 | ~12,000 | Range proof: min ≤ amount ≤ max without revealing exact value |
| association_set_membership.circom | 4 / 2 | ~5,000 | Prove commitment ∈ association set (Proof of Innocence) |
| leaf_hasher.circom | 2 / 1 | ~400 | Leaf = Poseidon₂(commitment, amount) for V11 amount binding |
Dual Nullifier — Core Innovation
// Arithmetic selector (no branching — constant-time)
nullifier_selected = selector * nullifier_real + (1 - selector) * nullifier_decoy;
// selector = 1 → NORMAL mode → nullifier_real exposed
// selector = 0 → PANIC mode → nullifier_decoy exposed
// Both paths execute identical constraints — indistinguishable on-chain
Security Property: An observer analyzing the blockchain cannot determine whether a withdrawal used the real or decoy nullifier. The proof verification passes identically for both paths.
Compilation Pipeline
1
.circom
Source
2
r1cs
circom --r1cs
3
.zkey
Trusted setup
4
.wasm
Witness gen
5
Verifier.sol
On-chain vkey