fix: hash inputs for external nullifier, remove length prefix for sha256

Author: adklempner

waku/waku_rln_relay/group_manager/on_chain/group_manager.nim

@@ -379,7 +379,11 @@ method generateProof*(
 
   let x = keccak.keccak256.digest(data)
 
-  let extNullifier = poseidon(@[@(epoch), @(rlnIdentifier)]).valueOr:
+  let epochHash = sha256(@(epoch)).valueOr:
+    return err("Failed to compute epoch hash: " & error)
+  let rlnIdentifierHash = sha256(@(rlnIdentifier)).valueOr:
+    return err("Failed to compute rln identifier hash: " & error)
+  let externalNullifier = poseidon(@[@(epochHash), @(rlnIdentifierHash)]).valueOr:
     return err("Failed to compute external nullifier: " & error)
 
   let witness = RLNWitnessInput(
@@ -457,10 +461,15 @@ method verifyProof*(
 
   var normalizedProof = proof
 
-  normalizedProof.externalNullifier = poseidon(
-    @[@(proof.epoch), @(proof.rlnIdentifier)]
-  ).valueOr:
-    return err("Failed to compute external nullifier: " & error)
+  let epochHash = sha256(@(proof.epoch)).valueOr:
+    return err("Failed to compute epoch hash: " & error)
+  let rlnIdentifierHash = sha256(@(proof.rlnIdentifier)).valueOr:
+    return err("Failed to compute rln identifier hash: " & error)
+  let externalNullifier = poseidon(
+    @[@(epochHash), @(rlnIdentifierHash)]
+   ).valueOr:
+     return err("Failed to compute external nullifier: " & error)
+  normalizedProof.externalNullifier = externalNullifier
 
   let proofBytes = serialize(normalizedProof, input)
   let proofBuffer = proofBytes.toBuffer()

waku/waku_rln_relay/rln/wrappers.nim

@@ -121,9 +121,8 @@ proc createRLNInstance*(): RLNResult =
 
 proc sha256*(data: openArray[byte]): RlnRelayResult[MerkleNode] =
   ## a thin layer on top of the Nim wrapper of the sha256 hasher
-  var lenPrefData = encodeLengthPrefix(data)
   var
-    hashInputBuffer = lenPrefData.toBuffer()
+    hashInputBuffer = data.toBuffer()
     outputBuffer: Buffer # will holds the hash output
 
   trace "sha256 hash input buffer length", bufflen = hashInputBuffer.len
@@ -181,8 +180,14 @@ proc toLeaves*(rateCommitments: seq[RateCommitment]): RlnRelayResult[seq[seq[byt
   return ok(leaves)
 
 proc extractMetadata*(proof: RateLimitProof): RlnRelayResult[ProofMetadata] =
-  let externalNullifier = poseidon(@[@(proof.epoch), @(proof.rlnIdentifier)]).valueOr:
-    return err("could not construct the external nullifier")
+  let epochHash = sha256(@(proof.epoch)).valueOr:
+    return err("Failed to compute epoch hash: " & error)
+  let rlnIdentifierHash = sha256(@(proof.rlnIdentifier)).valueOr:
+    return err("Failed to compute rln identifier hash: " & error)
+  let externalNullifier = poseidon(
+    @[@(epochHash), @(rlnIdentifierHash)]
+   ).valueOr:
+     return err("Failed to compute external nullifier: " & error)
   return ok(
     ProofMetadata(
       nullifier: proof.nullifier,