A circuit question

[johnson86tw]

Hi, I'm confused that the circuit only verifies whether the two addresses are the same. So what if a user generate his own proof with his address like:

{
	"addressInDecimal": "1390849295786071768276380950238675083608645509734",
	"sameAddressButPublic": "0xf39Fd6e51aad88F6F4ce6aB8827279cffFb92266"
}

Could he then pass the verifier and mint the token without needing to be on the whitelist?

I'm still learning zk so maybe I've missed something.

[SpiralOutDotEu]

This is protected by the ceremony process.
Every time you run it it generates new random seed which is entered as contribution to the ceremony process.
See here:

zk_whitelist/src/cli.rs

Line 69 in 01c84e4

SubCommand::Setup => setup::handle_setup_subcommand(&runner, random_name, random_text)?,

You should keep the random seed and the generated zkey files private so that no ones can produce proofs on their own

The reason for checking the same address, once in public and once in private, is to have an assertion for the verifier and to have an input that solidity can handle.

Try to run the commands one by one manually and check the files it produces in each step.
https://github.com/SpiralOutDotEu/zk_whitelist/tree/master?tab=readme-ov-file#commands

In the back there are mostly circom and snarkjs commands so you can check them individually.
https://github.com/SpiralOutDotEu/zk_whitelist/tree/master/src/cli/commands