feat: optimize JWT circuit

Author: 0xVikasRushi

wallet-unit-poc/circom/circuits.json

@@ -2,7 +2,7 @@
   "jwt": {
     "file": "jwt",
     "template": "JWT",
-    "params": [2048, 256, 2000, 3, 50, 128]
+    "params": [2048, 2000, 4, 50, 128]
   },
   "ecdsa": {
     "file": "ecdsa/ecdsa",

wallet-unit-poc/circom/circuits/ec-extractor.circom

@@ -50,3 +50,43 @@ template ECPublicKeyExtractor(maxPayloadLength, valueCharLen, expectedB64Len, co
     pubKeyX <== xToNumber.out;
     pubKeyY <== yToNumber.out;
 }
+
+// Optimized version using bulk extraction (VarShiftLeft) instead of per-character selection
+template ECPublicKeyExtractor_Optimized(maxPayloadLength, coordinateByteLen) {
+    signal input payload[maxPayloadLength];
+    signal input xStartIndex;
+    signal input yStartIndex;
+    
+    signal output pubKeyX;
+    signal output pubKeyY;
+    
+    // Extract 44-char base64 strings in bulk    
+    component xExtractor = VarShiftLeft(maxPayloadLength, 44);
+    xExtractor.in <== payload;
+    xExtractor.shift <== xStartIndex;
+    
+    component yExtractor = VarShiftLeft(maxPayloadLength, 44);
+    yExtractor.in <== payload;
+    yExtractor.shift <== yStartIndex;
+    
+    signal xBase64[44] <== xExtractor.out;
+    signal yBase64[44] <== yExtractor.out;
+
+    // Decode base64url -> bytes
+    component decodeX = DecodeSD(44, coordinateByteLen);
+    decodeX.sdBytes <== xBase64;
+    decodeX.sdLen <== 43;
+    
+    component decodeY = DecodeSD(44, coordinateByteLen);
+    decodeY.sdBytes <== yBase64;  
+    decodeY.sdLen <== 43;
+    
+    component xToNumber = BytesToNumberBE(coordinateByteLen);
+    xToNumber.in <== decodeX.base64Out;
+    
+    component yToNumber = BytesToNumberBE(coordinateByteLen);
+    yToNumber.in <== decodeY.base64Out;
+    
+    pubKeyX <== xToNumber.out;
+    pubKeyY <== yToNumber.out;
+}

wallet-unit-poc/circom/circuits/jwt.circom

@@ -4,15 +4,13 @@ include "es256.circom";
 include "keyless_zk_proofs/hashtofield.circom";
 include "@zk-email/circuits/lib/sha.circom";
 include "claim-decoder.circom";
-include "age-verifier.circom";
 include "utils.circom";
 include "payload_matcher.circom";
 include "ec-extractor.circom";
 
 // Prepare Circuit
 template JWT(
     maxMessageLength,
-    maxB64HeaderLength,
     maxB64PayloadLength,
 
     maxMatches,
@@ -45,40 +43,29 @@ template JWT(
     signal claimHashes[maxMatches][32] <== ClaimHasher(maxMatches, maxClaimsLength)(claims);
     ClaimComparator(maxMatches, maxSubstringLength)(claimHashes ,claimLengths, matchSubstring, matchLength);
 
-    component es256 = ES256(maxMessageLength);
-    es256.message <== message;
-    es256.messageLength <== messageLength;
-    es256.sig_r <== sig_r;
-    es256.sig_s_inverse <== sig_s_inverse;
-    es256.pubKeyX <== pubKeyX;
-    es256.pubKeyY <== pubKeyY;
-
-    component extractor = HeaderPayloadExtractor(maxMessageLength,maxB64HeaderLength, maxB64PayloadLength);
-    extractor.message <== message;
-    extractor.messageLength <== messageLength;
-    extractor.periodIndex <== periodIndex;    
+    // Verify the signature
+    ES256(maxMessageLength)(message, messageLength, sig_r, sig_s_inverse, pubKeyX, pubKeyY);
 
+    signal payload[maxPayloadLength] <== PayloadExtractor(maxMessageLength, maxB64PayloadLength)(message, messageLength, periodIndex);
 
     signal payloadHash <== PayloadSubstringMatcher(maxPayloadLength, maxMatches, maxSubstringLength)(
-        extractor.payload,
+        payload,
         matchesCount,
         matchSubstring,
         matchLength,
         matchIndex
     );
 
-    signal xValueStart <== matchIndex[0] + matchLength[0];
-    signal yValueStart <== matchIndex[1] + matchLength[1];
-
-    // 32-byte coordinate -> 44 base64 characters (padding optional -> 43 or 44)
-    signal xValueEnd <== xValueStart + 43;
-    signal yValueEnd <== yValueStart + 43; 
+  
+    component ecExtractor = ECPublicKeyExtractor_Optimized(maxPayloadLength, 32);
+    ecExtractor.payload <== payload;
+    ecExtractor.xStartIndex <==  matchIndex[0] + matchLength[0];
+    ecExtractor.yStartIndex <==  matchIndex[1] + matchLength[1];
 
-    component ecExtractor = ECPublicKeyExtractor(maxPayloadLength, maxClaimsLength, 44, 32);
-    ecExtractor.payload <== extractor.payload;
-    ecExtractor.xStartIndex <== xValueStart;
-    ecExtractor.yStartIndex <== yValueStart;
 
     signal output KeyBindingX <== ecExtractor.pubKeyX;
     signal output KeyBindingY <== ecExtractor.pubKeyY;
+
+    signal output messages[maxMatches][decodedLen];
+    messages <== decodedClaims; 
 }

wallet-unit-poc/circom/circuits/main/jwt.circom

@@ -3,4 +3,4 @@ pragma circom 2.2.2;
 
 include "../jwt.circom";
 
-component main = JWT(2048, 256, 2000, 3, 50, 128);
+component main = JWT(2048, 2000, 4, 50, 128);