zeroledger · killroy192 · Mar 17, 2026 · Mar 17, 2026 · Mar 17, 2026
diff --git a/.gitattributes b/.gitattributes
@@ -0,0 +1 @@
+*.zkey filter=lfs diff=lfs merge=lfs -text
diff --git a/.github/workflows/quality-gate.yml b/.github/workflows/quality-gate.yml
@@ -20,10 +20,11 @@ jobs:
       - uses: actions/checkout@v4
       - uses: ./.github/actions/setup
       - run: npx hardhat compile
-  test:
-    needs: compile
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v4
-      - uses: ./.github/actions/setup
-      - run: npm run test
+  # disable tests, since require non-binary zk keys
+  # test:
+  #   needs: compile
+  #   runs-on: ubuntu-latest
+  #   steps:
+  #     - uses: actions/checkout@v4
+  #     - uses: ./.github/actions/setup
+  #     - run: npm run test
diff --git a/.husky/pre-commit b/.husky/pre-commit
@@ -0,0 +1 @@
+npm run lint
diff --git a/.husky/pre-push b/.husky/pre-push
@@ -0,0 +1 @@
+npm run test
diff --git a/README.md b/README.md
@@ -36,10 +36,22 @@ circuits/
 - **TypeScript**: Development language
 - **SnarkJS**: JavaScript library for zk-SNARKs
 
+### Spend Public Signals
+
+All `spend_*` circuits expose the following public signals (in order):
+
+- `inputs_hashes`
+- `inputs_interest`
+- `outputs_hashes`
+- `public_output_amount`
+
+`inputs_interest` is public so verifier calldata now includes per-input interest values.
+
 ## How to Use or Develop
 
 ### Prerequisites
 
+- [git-lfs](https://git-lfs.com/)
 - Node.js (v16+)
 - Circom compiler
 - PLONK trusted setup files (automatically downloaded)
@@ -152,4 +164,4 @@ For questions and support:
 
 - Open an issue on GitHub
 - Check existing documentation
-- Review test cases for usage examples
+- Review test cases for usage examples
diff --git a/circuits/deposit/build/deposit.zkey b/circuits/deposit/build/deposit.zkey
diff --git a/circuits/spend_11/build/Verifier_spend_11.sol b/circuits/spend_11/build/Verifier_spend_11.sol
@@ -40,25 +40,25 @@ contract PlonkVerifier {
 
     // Verification Key data
     uint32 constant n         = 2048;
-    uint16 constant nPublic   = 3;
-    uint16 constant nLagrange = 3;
+    uint16 constant nPublic   = 4;
+    uint16 constant nLagrange = 4;
 
-    uint256 constant Qmx  = 15173870253125816305761419588628547376503114467562702714130612300424595504969;
-    uint256 constant Qmy  = 20788965673603308942941949137667910835919289515092131125158130500144164666872;
-    uint256 constant Qlx  = 14479867423197638000014282629514155152306265195580362045431595065795285352614;
-    uint256 constant Qly  = 8590620877128618307462397084475745982953320501290478553868690154612478718969;
-    uint256 constant Qrx  = 16612556783880467602975833888538860845542527395477920130498841861552780163244;
-    uint256 constant Qry  = 9518458173203765534489657200572526832226583075907449856672930136628833828647;
-    uint256 constant Qox  = 5103088832547366964916549727954707849781866032750287824386753931641457847743;
-    uint256 constant Qoy  = 9669823589130118283433823060388866236020217312166838311918057767643372845739;
-    uint256 constant Qcx  = 18199342258530851332040302668423901807786887722833390330629059662385116066802;
-    uint256 constant Qcy  = 1857804145505955541286823436236043707169672968370666977950186492119628527070;
-    uint256 constant S1x  = 19292655857180153125490591100758628943591675341394116012900972390815083423831;
-    uint256 constant S1y  = 20097272869314640351267303681625477874680138019794417277255786628850456244269;
-    uint256 constant S2x  = 9946653375567124600450481697156930769536807117201515778026555005014462112132;
-    uint256 constant S2y  = 18234339063527570890506691745929513133342155691384543326757456111136132424295;
-    uint256 constant S3x  = 15988150779771320516881452265137874299733030013513207374098109371199385141704;
-    uint256 constant S3y  = 10463958206412537271252274663866768186365983988390846870328093194574497054891;
+    uint256 constant Qmx  = 19044169062674044000763140726041379347549750564165293260382498723838631844417;
+    uint256 constant Qmy  = 1459575766592316423577143905165608722420992672898602909450987968791742580721;
+    uint256 constant Qlx  = 288997766914999589654009773137793974014112498223982153991573713428301777587;
+    uint256 constant Qly  = 9479674489608074426198229070213013062777737846342680083196586545954615890004;
+    uint256 constant Qrx  = 3243313416734363838398217171213872320275966134293852634583872158337736206228;
+    uint256 constant Qry  = 19540656104658682187695537495476774154785660707953349954765370035697910980478;
+    uint256 constant Qox  = 1099871903847047878360357490375956341312376559139126123677354060524419744290;
+    uint256 constant Qoy  = 2020956902076688667954065417514245028846589151425346278873428454054610872260;
+    uint256 constant Qcx  = 13981463159804410827383223753483813944194862557100130306771097259912189072982;
+    uint256 constant Qcy  = 8660254351820712418838773586043522418418459076479192104462870597304832922610;
+    uint256 constant S1x  = 11951202513200125641902129723471112937153119144050149414055404128530661269129;
+    uint256 constant S1y  = 16770356286771649627654074559802665216165795582788235080342194225992425124360;
+    uint256 constant S2x  = 875181977125141301937964927733618856735602384400345804177429692129537715883;
+    uint256 constant S2y  = 12589902284384628886501410698220868634116742157792153247213423762008621983593;
+    uint256 constant S3x  = 16644617098992002976385133780334632196230425979955727900405758627434723685010;
+    uint256 constant S3y  = 7591816611980093484788709720289344648902430532003247318010584837321200633586;
     uint256 constant k1   = 2;
     uint256 constant k2   = 3;
     uint256 constant X2x1 = 21831381940315734285607113342023901060522397560371972897001948545212302161822;
@@ -118,11 +118,13 @@ contract PlonkVerifier {
 
     uint16 constant pEval_l3 = 864;
 
+    uint16 constant pEval_l4 = 896;
 
 
-    uint16 constant lastMem = 896;
+
+    uint16 constant lastMem = 928;
 
-    function verifyProof(uint256[24] calldata _proof, uint256[3] calldata _pubSignals) public view returns (bool) {
+    function verifyProof(uint256[24] calldata _proof, uint256[4] calldata _pubSignals) public view returns (bool) {
         assembly {
             /////////
             // Computes the inverse using the extended euclidean algorithm
@@ -241,14 +243,16 @@ contract PlonkVerifier {
 
                 mstore(add(mIn, 576), calldataload(add(pPublic, 64)))
 
-                mstore(add(mIn, 608 ), calldataload(pA))
-                mstore(add(mIn, 640 ), calldataload(add(pA, 32)))
-                mstore(add(mIn, 672 ), calldataload(pB))
-                mstore(add(mIn, 704 ), calldataload(add(pB, 32)))
-                mstore(add(mIn, 736 ), calldataload(pC))
-                mstore(add(mIn, 768 ), calldataload(add(pC, 32)))
+                mstore(add(mIn, 608), calldataload(add(pPublic, 96)))
+
+                mstore(add(mIn, 640 ), calldataload(pA))
+                mstore(add(mIn, 672 ), calldataload(add(pA, 32)))
+                mstore(add(mIn, 704 ), calldataload(pB))
+                mstore(add(mIn, 736 ), calldataload(add(pB, 32)))
+                mstore(add(mIn, 768 ), calldataload(pC))
+                mstore(add(mIn, 800 ), calldataload(add(pC, 32)))
 
-                beta := mod(keccak256(mIn, 800), q) 
+                beta := mod(keccak256(mIn, 832), q) 
                 mstore(add(pMem, pBeta), beta)
 
                 // challenges.gamma
@@ -404,9 +408,30 @@ contract PlonkVerifier {
                     )
                 )
 
+                w := mulmod(w, w1, q)
+
+
+                mstore(
+                    add(pMem, pEval_l4), 
+                    mulmod(
+                        n, 
+                        mod(
+                            add(
+                                sub(
+                                    mload(add(pMem, pXi)), 
+                                    w
+                                ), 
+                                q
+                            ),
+                            q
+                        ), 
+                        q
+                    )
+                )
+
 
 
-                inverseArray(add(pMem, pZhInv), 4 )
+                inverseArray(add(pMem, pZhInv), 5 )
 
                 let zh := mload(add(pMem, pZh))
                 w := 1
@@ -458,6 +483,24 @@ contract PlonkVerifier {
                 )
 
 
+                w := mulmod(w, w1, q)
+
+
+
+                mstore(
+                    add(pMem, pEval_l4), 
+                    mulmod(
+                        w,
+                        mulmod(
+                            mload(add(pMem, pEval_l4)),
+                            zh,
+                            q
+                        ),
+                        q
+                    )
+                )
+
+
 
 
 
@@ -511,6 +554,21 @@ contract PlonkVerifier {
                     ),
                     q
                 )
+
+                pl := mod(
+                    add(
+                        sub(
+                            pl,  
+                            mulmod(
+                                mload(add(pMem, pEval_l4)),
+                                calldataload(add(pPub, 96)),
+                                q
+                            )
+                        ),
+                        q
+                    ),
+                    q
+                )
 
 
                 mstore(add(pMem, pPI), pl)

diff --git a/circuits/spend_11/build/spend_11.r1cs b/circuits/spend_11/build/spend_11.r1cs
diff --git a/circuits/spend_11/build/spend_11.sym b/circuits/spend_11/build/spend_11.sym
@@ -1,7 +1,7 @@
 1,1,74,main.inputs_hashes[0]
-2,2,74,main.outputs_hashes[0]
-3,3,74,main.public_output_amount
-4,4,74,main.inputs_interest[0]
+2,2,74,main.inputs_interest[0]
+3,3,74,main.outputs_hashes[0]
+4,4,74,main.public_output_amount
 5,5,74,main.input_amounts[0]
 6,6,74,main.input_sValues[0]
 7,7,74,main.output_amounts[0]

diff --git a/circuits/spend_11/build/spend_11.zkey b/circuits/spend_11/build/spend_11.zkey
diff --git a/circuits/spend_11/build/spend_11_cpp/spend_11.cpp b/circuits/spend_11/build/spend_11_cpp/spend_11.cpp
@@ -260175,7 +260175,7 @@ assert(Fr_isTrue(&expaux[0]));
 {
 PFrElement aux_dest = &signalValues[mySignalStart + 8];
 // load src
-Fr_add(&expaux[1],&circuitConstants[608],&signalValues[mySignalStart + 3]); // line circom 38
+Fr_add(&expaux[1],&circuitConstants[608],&signalValues[mySignalStart + 1]); // line circom 38
 Fr_mul(&expaux[0],&signalValues[mySignalStart + 4],&expaux[1]); // line circom 38
 // end load src
 Fr_copy(aux_dest,&expaux[0]);
@@ -260235,7 +260235,7 @@ Poseidon_70_run(mySubcomponents[cmp_index_ref],ctx);
 cmp_index_ref_load = 1;
 cmp_index_ref_load = 1;
 {{
-Fr_eq(&expaux[0],&signalValues[mySignalStart + 1],&ctx->signalValues[ctx->componentMemory[mySubcomponents[1]].signalStart + 0]); // line circom 48
+Fr_eq(&expaux[0],&signalValues[mySignalStart + 2],&ctx->signalValues[ctx->componentMemory[mySubcomponents[1]].signalStart + 0]); // line circom 48
 }}
 if (!Fr_isTrue(&expaux[0])) std::cout << "Failed assert in template/function " << myTemplateName << " line 48. " <<  "Followed trace of components: " << ctx->getTrace(myId) << std::endl;
 assert(Fr_isTrue(&expaux[0]));
@@ -260293,7 +260293,7 @@ Fr_copy(aux_dest,&circuitConstants[83]);
 Fr_lt(&expaux[0],&lvar[4],&circuitConstants[83]); // line circom 43
 }
 {
-Fr_add(&expaux[2],&lvar[3],&signalValues[mySignalStart + 2]); // line circom 61
+Fr_add(&expaux[2],&lvar[3],&signalValues[mySignalStart + 3]); // line circom 61
 Fr_mul(&expaux[1],&expaux[2],&circuitConstants[608]); // line circom 61
 {{
 Fr_eq(&expaux[0],&lvar[2],&expaux[1]); // line circom 61

diff --git a/circuits/spend_11/build/spend_11_cpp/spend_11.dat b/circuits/spend_11/build/spend_11_cpp/spend_11.dat
diff --git a/circuits/spend_11/build/spend_11_js/spend_11.wasm b/circuits/spend_11/build/spend_11_js/spend_11.wasm
diff --git a/circuits/spend_11/spend_11.circom b/circuits/spend_11/spend_11.circom
@@ -2,4 +2,4 @@ pragma circom 2.1.4;
 
 include "../libs/spend.circom";
 
-component main {public [inputs_hashes, outputs_hashes, public_output_amount]} = Spend(1, 1);
+component main {public [inputs_hashes, inputs_interest, outputs_hashes, public_output_amount]} = Spend(1, 1);
Original file line number	Diff line number	Diff line change
Expand Up		@@ -2,4 +2,4 @@ pragma circom 2.1.4;

		include "../libs/spend.circom";

		component main {public [inputs_hashes, outputs_hashes, public_output_amount]} = Spend(1, 1);
		component main {public [inputs_hashes, inputs_interest, outputs_hashes, public_output_amount]} = Spend(1, 1);