Sismo Docs
Sismo.io
Search…
What is Sismo?
What are (ZK) Badges?
Sismo Protocol
User FAQ
Deployed Contract Addresses
DEVS - Tutorials
Read Sismo Badges
Mint a badge from your app
Create your ZK Badge in 15 Minutes
DEVS - Technical Doc
Sismo Hub
Technical Concepts
Commitment mapper
Accounts Registry tree
Hydra ZK Proving Schemes
Hydra-S1
Hydra M1
Pythia ZK Proving Scheme
Links
Hackathon resources
Github
Snapshot
Blog
Discord
Twitter
Powered By GitBook
Hydra-S1
The Hydra-S1 ZK Proving Scheme is the first proving scheme of the Hydra Family:
  • Hydra = using Hydra Delegated Proof of ownership (via commitment mapper)
  • S1 = Single source (only one source account), variant number 1
It enables users to prove, in one ZK Proof, that for a given ticket identifier (aka external nullifier) and for a defined Registry Merkle Tree filled with Accounts Trees:
  • They own 2 accounts
  • The source account is part of an accounts tree (Accounts Tree Merkle Proof)
  • This accounts tree was registered in a registry tree with a specific value (Registry Tree Merkle Proof)
  • A claim about their source account value is true:
    • e.g: "my account value is superior to 5" (non strict claim)
    • or "my account value is strictly equal to 5" (strict claim)
  • They correctly generated a userTicket (aka nullifierHash) by hashing the ticketIdentifier (a.k.a externalNullifier) with the secret from the source account (a.k.a IdNullifier)
The user ticket (a.k.a nullifierHash) can be stored by the verifier to make sure that a user cannot use two ZKPs for the same ticket identifier (a.k.a externalNullifier)
The Hydra-S1 ZK Proving Scheme is used by the Hydra S1 Attesters of the Sismo Protocol.
In the Hydra S1 Simple Attester, we use the Hydra S1 proving scheme to let a user:
  • Prove they own a source account that's part of a specific Group of accounts identified by a group identifier. (the accounts tree value in the registry tree = groupIdentifier)
  • Prove they own a destination account (that will receive the destination)
  • Make a claim about the value of the account inside the Group.
  • generate a userTicket that will be saved on-chain inside the attester.
The ticketIdentifier is defined as being the group identifier. This makes sure a user cannot generate two attestations per groups.
All these steps are executed inside the hydra-s1 circom circuit which is available here.
Technical Concepts - Previous
Hydra ZK Proving Schemes
Next
Hydra M1
Last modified 23d ago
Copy link