A Software Development Kit (SDK) for Zero-Knowledge Transactions

Last update: Jan 5, 2023

Overview

Aleo SDK

The Aleo SDK is a developer framework to make it simple to create a new account, craft a transaction, and broadcast it to the network.

1. Overview
2. Build Guide
3. Usage Guide

1. Overview

** ATTENTION: This codebase is in active development. **

For more information, visit Welcome to Aleo to get started.

2. Build Guide

2.1 Install Rust

We recommend installing Rust using rustup. You can install rustup as follows:

macOS or Linux:

curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh

Windows (64-bit):

Download the Windows 64-bit executable or Windows 32-bit executable and follow the on-screen instructions.

2.2a Build from Crates.io

We recommend installing aleo this way. In your terminal, run:

cargo install aleo

Now to use aleo, in your terminal, run:

aleo

2.2b Build from Source Code

Alternatively, you can install aleo by building from the source code as follows:

# Download the source code
git clone https://github.com/AleoHQ/aleo && cd aleo

# Install Aleo
$ cargo install --path .

Now to use aleo, in your terminal, run:

aleo

3. Usage Guide

3.1 Generate a new Aleo account.

To generate a new Aleo account, run:

aleo new [FLAGS] [OPTIONS]

The command can be run with the following optional parameters:

FLAGS:
    -h, --help       Prints help information
    -V, --version    Prints version information

OPTIONS:
    -s, --seed <seed>

Development

cargo run --release --example dummy_transaction

Comments

[Feature] Deploy command

Motivation

This is a first iteration of the aleo deploy command that would let Aleo users deploy their programs to the testnet3. This is a WIP PR and it is not intended to be the final code (yet) since that would imply changes to snarkVM in order to follow the pre stablished code conventions.

TODOs

Make the proper changes to snarkVM following the actual code convention.

opened by ilitteri 3
[Bug] Unable to Deploy Program with Imports to Local Aleo Node
🐛 Bug Report

Aleo programs with multiple files (one main.aleo file, one imported helper.aleo file) cannot deploy because the initialization in SnarkVM expects the imported program to be deployed already.

Steps to Reproduce

Run aleo node start in a program with at least one imported aleo file.

Code snippet to reproduce

main.aleo file

import importtest.aleo; // The 'main.aleo' program. program token.main; function hello: // Dummy input input r0 as address.public; // Dummy input input r1 as u64.public;

importtest.aleo file

program importtest.aleo; function hello: // Dummy input input r0 as address.public; // Dummy input input r1 as u64.public;

Stack trace & error message

📦 Deploying 'token.aleo' to the local development node... ⚠️ Cannot add program 'main.aleo' because its import 'importtest.aleo' must be added first

Expected Behavior

Programs with local imported files should deploy successfully. Local imports should be deployed to the local Aleo Node before the main program.

Your Environment

Aleo Version: built from source code

Rust Version: rustc 1.65.0-nightly

Computer OS: macOS Monetery Version 12.5

bug
opened by fulltimemike 3
Bump snarkvm-dpc from `19848e6` to `a4f01d1`
Bumps snarkvm-dpc from 19848e6 to a4f01d1.

Commits

a4f01d1 Merge pull request #455 from AleoHQ/fix/wasm-bhp-stack-overflow

9adf0a3 fix: reduce magic numbers to prevent stack overflow in wasm call to bhp

6e24723 Merge pull request #452 from AleoHQ/dependabot/cargo/structopt-0.3.25

9e65ca1 Merge pull request #443 from AleoHQ/dependabot/cargo/proc-macro2-1.0.30

0178f34 Merge pull request #450 from AleoHQ/feat/serialize

bb54384 Fix compilation

3e6eb9a Bump structopt from 0.3.23 to 0.3.25

0eceaa6 Adds back the serialize trait on N

495a198 Minor cleanup

3664d4c Update hasher for Transaction, adds transaction_id into struct

Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

dependencies rust
opened by dependabot[bot] 3

[Bug] thread 'main' panicked at 'Integer power failed on 2u32 and 32u32

🐛 Bug Report

When working with a u32 type and using the operation max_u32: u32 = 2u32 ** 32u32 - 1u32, there is an overflow error and it is impossible to allocate the maximum sized u32 value using this method.

Code snippet to reproduce

input r0 as u32.private // 32u32
pow 2u32 r0 into r1

Stack trace & error message

arosboro@Andrews-iMac aleo_bitwise_stack % export RUST_BACKTRACE=1;leo run push 14u32 "{
  owner: aleo1g7lprd8dkrt76jnyrgnw4mw0cpe2u4ckkajs96wqu8xyggze6v8qlegxp3.private,
  gates: 0u64.private,
  capacity: 32u32.private,
  top: 0u32.private,
  member_size: 32u32.private,
  s00: {
    b00: 0u32.private,
    b01: 0u32.private,
    b02: 0u32.private,
    b03: 0u32.private,
    b04: 0u32.private,
    b05: 0u32.private,
    b06: 0u32.private,
    b07: 0u32.private
  },
  s01: {
    b00: 0u32.private,
    b01: 0u32.private,
    b02: 0u32.private,
    b03: 0u32.private,
    b04: 0u32.private,
    b05: 0u32.private,
    b06: 0u32.private,
    b07: 0u32.private
  },
  s02: {
    b00: 0u32.private,
    b01: 0u32.private,
    b02: 0u32.private,
    b03: 0u32.private,
    b04: 0u32.private,
    b05: 0u32.private,
    b06: 0u32.private,
    b07: 0u32.private
  },
  s03: {
    b00: 0u32.private,
    b01: 0u32.private,
    b02: 0u32.private,
    b03: 0u32.private,
    b04: 0u32.private,
    b05: 0u32.private,
    b06: 0u32.private,
    b07: 0u32.private
  },
  _nonce: 1187103184385585538941608731894191400304769658683763343800607324013088691420group.public
}"
       Leo Compiled 'main.leo' into Aleo instructions
       Leo ✅ Built 'aleo_bitwise_stack.aleo' (in "/Users/arosboro/git/aleo_bitwise_stack/build")

🚀 Executing 'aleo_bitwise_stack.aleo/push'...

 • Executing 'aleo_bitwise_stack.aleo/push'...
thread 'main' panicked at 'Integer power failed on: 2u32 and 32u32', /Users/arosboro/.cargo/registry/src/github.com-1ecc6299db9ec823/snarkvm-console-network-environment-0.9.11/src/environment.rs:62:9
stack backtrace:
   0: _rust_begin_unwind
   1: core::panicking::panic_fmt
   2: core::panicking::panic_display
   3: snarkvm_synthesizer::program::instruction::operation::literals::Literals<N,O,_>::evaluate
   4: snarkvm_synthesizer::process::stack::execute::<impl snarkvm_synthesizer::process::stack::Stack<N>>::execute_function
   5: snarkvm_synthesizer::process::execute::<impl snarkvm_synthesizer::process::Process<N>>::execute
   6: snarkvm::package::run::<impl snarkvm::package::Package<N>>::run
   7: aleo::commands::run::Run::parse
   8: <leo::commands::run::Run as leo::commands::Command>::apply
   9: leo::commands::Command::try_execute
  10: leo::run_with_args
  11: scoped_tls::ScopedKey<T>::set
  12: leo::main
note: Some details are omitted, run with `RUST_BACKTRACE=full` for a verbose backtrace.

Expected Behavior

operation truncates to u32::MAX or the error is made more clear.

Your Environment

0.3.2
rustc 1.66.0 (69f9c33d7 2022-12-12)
macOS Monterey Version 12.6.1

bug

opened by arosboro 2

build(deps): bump tokio from 1.22.0 to 1.23.0
Bumps tokio from 1.22.0 to 1.23.0.

Release notes

Sourced from tokio's releases.

Tokio v1.23.0

Fixed

net: fix Windows named pipe connect (#5208)

io: support vectored writes for ChildStdin (#5216)

io: fix async fn ready() false positive for OS-specific events (#5231)

Changed

runtime: yield_now defers task until after driver poll (#5223)

runtime: reduce amount of codegen needed per spawned task (#5213)

windows: replace winapi dependency with windows-sys (#5204)

#5208: tokio-rs/tokio#5208 #5216: tokio-rs/tokio#5216 #5213: tokio-rs/tokio#5213 #5204: tokio-rs/tokio#5204 #5223: tokio-rs/tokio#5223 #5231: tokio-rs/tokio#5231

Commits

3ce5a26 chore: prepare Tokio v1.23 release (#5270)

644cb82 rt: fix *_closed false positives (#5231)

a1316cd io: impl std::io::BufRead on SyncIoBridge\<T> (#5265)

86ffabe docs: add note about current-thread + Handle::block_on (#5264)

00bf5ee sync: improve watch docs (#5261)

8751010 Fix typo (#5255)

2be71ad chore: move conditional AtomicU64 impl to new file (#5256)

d1b789f rt: fix new yield_now behavior with block_in_place (#5251)

2286273 rt: yield_now defers task until after driver poll (#5223)

993a60b chore: prepare tokio-macros v1.8.2 (#5246)

Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

dependencies rust
opened by dependabot[bot] 2
build(deps): bump clap from 3.2.23 to 4.0.27
Bumps clap from 3.2.23 to 4.0.27.

Release notes

Sourced from clap's releases.

v4.0.26

[4.0.26] - 2022-11-16

Fixes

(error) Fix typos in ContextKind::as_str

v4.0.25

[4.0.25] - 2022-11-15

Features

(error) Report available subcommands when required subcommand is missing

v4.0.24

[4.0.24] - 2022-11-14

Fixes

Avoid panic when printing an argument that isn't built

v4.0.23

[4.0.23] - 2022-11-11

Fixes

Don't panic on reporting invalid-long errors when followed by invalid UTF8

(help) Clarified argument to help subcommand

v4.0.22

[4.0.22] - 2022-11-07

Fixes

(help) Don't overflow into next-line-help early due to stale (pre-v4) padding calculations

v4.0.21

[4.0.21] - 2022-11-07

Features

(derive) long_about and long_help attributes, without a value, force using doc comment (before it wouldn't be set if there wasn't anything different than the short help)

v4.0.20

[4.0.20] - 2022-11-07

Fixes

(derive) Allow defaulted value parser for '()' fields

... (truncated)

Changelog

Sourced from clap's changelog.

[4.0.27] - 2022-11-24

Features

Have Arg::value_parser accept Vec<impl Into<PossibleValue>>

Implement Display and FromStr for ColorChoice

Fixes

Remove soundness issue by switching from atty to is-terminal

[4.0.26] - 2022-11-16

Fixes

(error) Fix typos in ContextKind::as_str

[4.0.25] - 2022-11-15

Features

(error) Report available subcommands when required subcommand is missing

[4.0.24] - 2022-11-14

Fixes

Avoid panic when printing an argument that isn't built

[4.0.23] - 2022-11-11

Fixes

Don't panic on reporting invalid-long errors when followed by invalid UTF8

(help) Clarified argument to help subcommand

[4.0.22] - 2022-11-07

Fixes

(help) Don't overflow into next-line-help early due to stale (pre-v4) padding calculations

[4.0.21] - 2022-11-07

Features

(derive) long_about and long_help attributes, without a value, force using doc comment (before it wouldn't be set if there wasn't anything different than the short help)

[4.0.20] - 2022-11-07

... (truncated)

Commits

3262016 chore: Release

757f95b docs: Update changelog

20e02eb Merge pull request #4509 from epage/possible

fb1d960 Merge pull request #4249 from jcgruenhage/replace-atty

94aca92 feat: Create ValueParser from Vec<PossibleValue>

3bccfce docs: Clarify PossibleValue is likely not needed

19981a2 docs: Clarify ColorChoice impls ValueEnum

8d92f3e feat: Add Display/FromStr to ColorChoice

ed683ef fix: Always expose ColorChoice

789bfd6 Merge pull request #4508 from epage/style

Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

dependencies rust
opened by dependabot[bot] 2
build(deps): bump snarkvm-wasm from 0.9.7 to 0.9.8
Bumps snarkvm-wasm from 0.9.7 to 0.9.8.

Commits

6d04326 chore(snarkvm): bump version for new release

25c575c Merge pull request #1270 from AleoHQ/feat/time-synthesizer

8ac2c57 Updates the outputs timers

7f26a83 Update timer logs

186a90d Add additional timers

ea7cd02 Add timer for vm operations

eb2b20c Add timer for process operations

d7b6fe3 Add timer for stack operations

cecdfdd Add aleo-std to synthesizer

6751e5a Merge pull request #1268 from AleoHQ/ref/keys

Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

dependencies rust
opened by dependabot[bot] 2
build(deps): bump clap from 3.2.8 to 3.2.12
Bumps clap from 3.2.8 to 3.2.12.

Release notes

Sourced from clap's releases.

v3.2.12

[3.2.12] - 2022-07-14

Fixes

Allow an arg to declare a conflict with a group

v3.2.11

[3.2.11] - 2022-07-13

Features

Added Arg::get_all_short_aliaes and Arg::get_all_aliases

v3.2.10

[3.2.10] - 2022-07-12

Fixes

Loosen lifetime on Command::mut_subcommand

Changelog

Sourced from clap's changelog.

[3.2.12] - 2022-07-14

Fixes

Allow an arg to declare a conflict with a group

[3.2.11] - 2022-07-13

Features

Added Arg::get_all_short_aliaes and Arg::get_all_aliases

[3.2.10] - 2022-07-12

Fixes

Loosen lifetime on Command::mut_subcommand

Commits

a8a7a61 chore: Release

ed8837f docs: Update changelog

afc5401 Merge pull request #3902 from tmccombs/get-conflicts-with-group

f27f1f5 fix: Include groups in get_arg_conflicts_with

2df0732 chore: Release

1c22422 docs: Update changelog

e8374e3 Merge pull request #3913 from emersonford/expose-non-visible-arg-aliases

e39156e feat: Add method to get non-visible arg aliases

9b6321a chore: Release

074712a chore: Update release process

Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

dependencies rust
opened by dependabot[bot] 2
build(deps): bump clap from 3.2.8 to 3.2.10
Bumps clap from 3.2.8 to 3.2.10.

Release notes

Sourced from clap's releases.

v3.2.10

[3.2.10] - 2022-07-12

Fixes

Loosen lifetime on Command::mut_subcommand

Changelog

Sourced from clap's changelog.

[3.2.10] - 2022-07-12

Fixes

Loosen lifetime on Command::mut_subcommand

Commits

9b6321a chore: Release

074712a chore: Update release process

096db79 docs: Update changelog

3802a35 Merge pull request #3909 from emersonford/fix-mut-subcommand-lifetime

8e1411b fix: Loosen lifetime constraint on mut_subcommand

5c7ad01 Merge pull request #3908 from jturner314-nrl/derive-ref-quotes

f94eafb Clarify in docs that rename_all needs a string literal

93565c2 Add "" around string literals in derive ref docs

7c0068e Merge pull request #3906 from epage/complete

6286339 docs(complete): Make example consistent

Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

dependencies rust
opened by dependabot[bot] 2
build(deps): bump node-forge from 1.2.1 to 1.3.1 in /website
Bumps node-forge from 1.2.1 to 1.3.1.

Changelog

Sourced from node-forge's changelog.

1.3.1 - 2022-03-29

Fixes

RFC 3447 and RFC 8017 allow for optional DigestAlgorithm NULL parameters for sha* algorithms and require NULL paramters for md2 and md5 algorithms.

1.3.0 - 2022-03-17

Security

Three RSA PKCS#1 v1.5 signature verification issues were reported by Moosa Yahyazadeh ([email protected]).

HIGH: Leniency in checking digestAlgorithm structure can lead to signature forgery.

The code is lenient in checking the digest algorithm structure. This can allow a crafted structure that steals padding bytes and uses unchecked portion of the PKCS#1 encoded message to forge a signature when a low public exponent is being used. For more information, please see "Bleichenbacher's RSA signature forgery based on implementation error" by Hal Finney.

CVE ID: CVE-2022-24771

GHSA ID: GHSA-cfm4-qjh2-4765

HIGH: Failing to check tailing garbage bytes can lead to signature forgery.

The code does not check for tailing garbage bytes after decoding a DigestInfo ASN.1 structure. This can allow padding bytes to be removed and garbage data added to forge a signature when a low public exponent is being used. For more information, please see "Bleichenbacher's RSA signature forgery based on implementation error" by Hal Finney.

CVE ID: CVE-2022-24772

GHSA ID: GHSA-x4jg-mjrx-434g

MEDIUM: Leniency in checking type octet.

DigestInfo is not properly checked for proper ASN.1 structure. This can lead to successful verification with signatures that contain invalid structures but a valid digest.

CVE ID: CVE-2022-24773

GHSA ID: GHSA-2r2c-g63r-vccr

Fixed

[asn1] Add fallback to pretty print invalid UTF8 data.

[asn1] fromDer is now more strict and will default to ensuring all input bytes are parsed or throw an error. A new option parseAllBytes can disable this behavior.

NOTE: The previous behavior is being changed since it can lead to security issues with crafted inputs. It is possible that code doing custom DER parsing may need to adapt to this new behavior and optional flag.

[rsa] Add and use a validator to check for proper structure of parsed ASN.1

... (truncated)

Commits

a0a4a42 Release 1.3.1.

a33830f Update changelog.

740954d Allow optional DigestAlgorithm parameters.

56f4316 Allow DigestInfo.DigestAlgorith.parameters to be optional

cbf0bd5 Start 1.3.1-0.

6c5b901 Release 1.3.0.

0f3972a Update changelog.

dc77b39 Fix error checking.

bb822c0 Add advisory links.

d4395fe Update changelog.

Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the Security Alerts page.

dependencies javascript
opened by dependabot[bot] 2
build(deps): bump async from 2.6.3 to 2.6.4 in /website
Bumps async from 2.6.3 to 2.6.4.

Changelog

Sourced from async's changelog.

v2.6.4

Fix potential prototype pollution exploit (#1828)

Commits

c6bdaca Version 2.6.4

8870da9 Update built files

4df6754 update changelog

8f7f903 Fix prototype pollution vulnerability (#1828)

See full diff in compare view

Maintainer changes

This version was pushed to npm by hargasinski, a new releaser for async since your current version.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the Security Alerts page.

dependencies javascript
opened by dependabot[bot] 2
[Bug] o
🐛 Bug Report

(Write your description here)

Steps to Reproduce

Code snippet to reproduce

# Add code here

Stack trace & error message

// Paste the output here

Expected Behavior

(Write what you expected to happen here)

Your Environment

bug
opened by huybien92 1
[Bug]
🐛 Bug Report

Code snippet to reproduce

Stack trace & error message error: failed to compile aleo v0.3.1 (C:\Users\Giga\aleo), intermediate artifacts can be found at C:\Users\Giga\aleo\target

Your Environment

bug
opened by gsulaberidze 2
String Integer undefined error[Bug]

String integer keeps dropping nonce while execution on the node

Aleo run update '{ owner: aleo16qlhfdrhxv2m2r6cuvl5grrw0mvruc6kcufmgasn7e7csxfj4y9s8dz3pu.private, gates: 0u64.private, message: "hello world"private, _nonce: 20945652754310690266192540395567222880172191888445476630754123022400300672595group.public }'
bug

opened by viha8 0
[Feature] WASM ViewKey.decrypt should handle bare ciphertexts

🚀 Feature

The decrypt function on the ViewKey within the wasm should handle decrypting ciphertexts and not just records. https://github.com/AleoHQ/aleo/blob/testnet3/wasm/src/account/view_key.rs#L46

Motivation

The motivation is to be able to decrypt specific inputs.

Implementation

The implementation is straightforward and self contained. The only question is should another function be introduced or should a singular function be able to handle both records and bare ciphertexts?

opened by evanmarshall 0
[FEATURE] Generate docs sub project
🚀 Feature

Generate a subproject for documentation purposes.

Motivation

To have a subproject for handling the docs from now on

Implementation

[ ] run npm init inside docs folder

[ ] install jsdoc and all the packages needed inside there

[ ] before docs generation, build wasp-pack inside a docs/pkg folder. This folder should be ignored by github.

[ ] generate docs inside docs running npm run build

[ ] make prettier and eslint to ignored this folder

[ ] use docs/readme.md as the docs main page

[ ] check that the github pages works correctly
opened by mationorato 0
Self.Anything is parsed as an address
🐛 Bug Report

Self.anything will be parsed as an address. Self.caller parses correctly, however; self.a or self.b will parse as addresses.

Steps to Reproduce

Code snippet to reproduce

program bug.aleo; record bug: owner as address.private; gates as u64.private; a as address.private; b as address.private; not_an_aleo_opcode as address.private; function example: cast self.caller 0u64 self.a self.b self.not_an_aleo_opcode into r0 as bug.record; output r0 as bug.record;

Stack trace & error message

➡️ Output • { owner: aleo1pas6kcc8nwqawwqu9fhz99anqkk9ccd9q0fk3nc3wzsr0utt7cxq5klu4k.private, gates: 0u64.private, a: aleo1c0k9657psh8qzr2usfw6u7a7yu6mwe6wh2ypup4t2ugpx784wsrqp53rdl.private, b: aleo1wk535qg0h9tarqeu40zkmpr0qv5mhdfa5lue6qcdcwtwgqm2pq9q2ezssx.private, not_an_aleo_opcode: aleo13h4g6epkv8a6z48waewdr9jp5gf4xmnuamhwy3a8n936t73j8vrq9uaz39.private, _nonce: 5582012585678402213691137563223232720299537956048903574854357996637224826608group.public }

Expected Behavior

Only implemented attributes of self in aleo should parse (like self.caller and self.parent in the future), and should otherwise throw an error. Note, each of the addresses parsed (self.a, self.b, self.not_an_aleo_opcode) are deterministic -- repeated runs on different machines will yield the same address, so the self.[trait_name] is likely being hashed here in snarkVM. I'm including this in case it helps with pinpointing the bug's location.

Your Environment

Aleo Version https://github.com/AleoHQ/aleo/commit/901453f1a9f1f38c5b3efaef0b1eddf21060c0bc

rustup 1.25.1

MacOS

bug
opened by fulltimemike 1

Releases(v0.3.2)

v0.3.2(Dec 13, 2022)

Source code(tar.gz)
Source code(zip)
aleo-v0.3.2-x86_64-apple-darwin.zip(10.79 MB)
aleo-v0.3.2-x86_64-unknown-linux-gnu.zip(10.94 MB)
v0.3.1(Nov 29, 2022)

Source code(tar.gz)
Source code(zip)
aleo-v0.3.1-x86_64-apple-darwin.zip(10.81 MB)
aleo-v0.3.1-x86_64-unknown-linux-gnu.zip(10.92 MB)
v0.3.0(Nov 15, 2022)

Source code(tar.gz)
Source code(zip)
aleo-v0.3.0-x86_64-apple-darwin.zip(10.75 MB)
aleo-v0.3.0-x86_64-unknown-linux-gnu.zip(10.90 MB)
v0.2.0(Jan 25, 2021)

Source code(tar.gz)
Source code(zip)
aleo-v0.2.0-x86_64-apple-darwin.zip(7.24 MB)
aleo-v0.2.0-x86_64-unknown-linux-gnu.zip(7.28 MB)

Owner

Aleo

Where Applications Become Zero-Knowledge

GitHub https://aleohq.github.io/aleo/

The Zero Knowledge Whitelist Tool is a powerful utility for managing an address whitelist using Zero-Knowledge (ZK) proofs.

zk_whitelist: A Zero Knowledge Whitelist Tool The Zero Knowledge Whitelist Tool is a powerful utility for managing an address whitelist using Zero-Kno

4 Nov 21, 2023

RISC Zero is a zero-knowledge verifiable general computing platform based on zk-STARKs and the RISC-V microarchitecture.

RISC Zero WARNING: This software is still experimental, we do not recommend it for production use (see Security section). RISC Zero is a zero-knowledg

653 Jan 3, 2023

This is a solana lite rpc which optimizes sending transactions and confirming transactions strategies.

Solana Lite RPC This project aims to create a lite rpc server which is responsible only for sending and confirming the transactions. The lite-rpc serv

7 Dec 24, 2022

Substreams development kit for Ethereum chains, contains Firehose Block model and helpers as well as utilities for Ethereum ABI encoding/decoding.

Substreams Ethereum Substreams development kit for Ethereum chains, contains Rust Firehose Block model and helpers as well as utilities for Ethereum A

15 Oct 25, 2022

A library facilitating the signing and broadcasting of transactions on Cosmos SDK-based blockchains

txf Transaction factory - a library facilitating the signing and broadcasting of transactions (txs) on Cosmos SDK-based blockchains. How to use Exampl

5 Jun 29, 2023

Zerocaf: A library built for EC operations in Zero Knowledge.

Dusk-Zerocaf WARNING: WIP Repo. Fast, efficient and bulletproof-friendly cryptographic operations. This repository contains an implementation of the S

50 Oct 31, 2022

Zero-Knowledge Assembly language and compiler

zkAsm A Zero-Knowledge circuit assembly language, designed to represent Zero-Knowledge circuits in a compressed format, to be stored on blockchains. I

1 Dec 30, 2021

Noir is a domain specific language for zero knowledge proofs

The Noir Programming Language Noir is a Domain Specific Language for SNARK proving systems. It has been designed to use any ACIR compatible proving sy

404 Jan 1, 2023

OpenZKP - pure Rust implementations of Zero-Knowledge Proof systems.

OpenZKP OpenZKP - pure Rust implementations of Zero-Knowledge Proof systems. Overview Project current implements ?? the Stark protocol (see its readme

529 Jan 5, 2023

Vector OLE and zero-knowledge for Z2k.

Mozzarella Benchmarking Code This repository contains the code developed for the benchmarking experiments in our paper: "Moz $\mathbb{Z}_{2^k}$ arella

7 Dec 20, 2022

Safeguard your financial privacy with zero-knowledge proofs.

Spinner The Spinner project (https://spinner.cash) takes a privacy first approach to protect users crypto assets. It is a layer-2 protocol built on th

21 Dec 28, 2022

STARK - SNARK recursive zero knowledge proofs, combinaison of the Winterfell library and the Circom language

STARK - SNARK recursive proofs The point of this library is to combine the SNARK and STARK computation arguments of knowledge, namely the Winterfell l

68 Dec 5, 2022

Zero Knowledge Light Client Implementation by Zpoken team.

zkp for chain state Prerecusites This project requires using the nightly Rust toolchain, which can be used by default in this way: rustup default nigh

40 Mar 6, 2023

A fast zero-knowledge proof friendly Move language runtime environment.

zkMove Lite zkMove Lite is a lightweight zero-knowledge proof friendly Move language virtual machine. Move bytecode is automatically "compiled" into c

43 May 20, 2023

Spartan2: High-speed zero-knowledge SNARKs.

Spartan2: High-speed zero-knowledge SNARKs. Spartan is a high-speed zkSNARK, where a zkSNARK is type cryptographic proof system that enables a prover

7 Jul 28, 2023

Implementation of zero-knowledge proof circuits for Tendermint.

Tendermint X Implementation of zero-knowledge proof circuits for Tendermint. Overview Tendermint X's core contract is TendermintX, which stores the he

3 Nov 8, 2023

Scans the Ethereum network for USDT ERC-20 token transfer transactions

ethscan This is a Rust command line program for scanning the Ethereum blockchain for USDT transfers within a time span and amount span. prerequisites

4 Oct 6, 2022

Nym provides strong network-level privacy against sophisticated end-to-end attackers, and anonymous transactions using blinded, re-randomizable, decentralized credentials.

The Nym Privacy Platform The platform is composed of multiple Rust crates. Top-level executable binary crates include: nym-mixnode - shuffles Sphinx p

653 Dec 26, 2022

Bitcoin Push Notification Service (BPNS) allows you to receive notifications of Bitcoin transactions of your non-custodial wallets on a provider of your choice, all while respecting your privacy

Bitcoin Push Notification Service (BPNS) Description Bitcoin Push Notification Service (BPNS) allows you to receive notifications of Bitcoin transacti

1 May 2, 2022

A Software Development Kit (SDK) for Zero-Knowledge Transactions

Related tags

Overview

Aleo SDK

Table of Contents

1. Overview

2. Build Guide

2.1 Install Rust

2.2a Build from Crates.io

2.2b Build from Source Code

3. Usage Guide

3.1 Generate a new Aleo account.

Development

Comments

Motivation

TODOs

🐛 Bug Report

Steps to Reproduce

Code snippet to reproduce

Stack trace & error message

Expected Behavior

Your Environment

🐛 Bug Report

Code snippet to reproduce

Stack trace & error message

Expected Behavior

Your Environment

Tokio v1.23.0

Fixed

Changed

v4.0.26

[4.0.26] - 2022-11-16

Fixes

v4.0.25

[4.0.25] - 2022-11-15

Features

v4.0.24

[4.0.24] - 2022-11-14

Fixes

v4.0.23

[4.0.23] - 2022-11-11

Fixes

v4.0.22

[4.0.22] - 2022-11-07

Fixes

v4.0.21

[4.0.21] - 2022-11-07

Features

v4.0.20

[4.0.20] - 2022-11-07

Fixes

[4.0.27] - 2022-11-24

Features

Fixes

[4.0.26] - 2022-11-16

Fixes

[4.0.25] - 2022-11-15

Features

[4.0.24] - 2022-11-14

Fixes

[4.0.23] - 2022-11-11

Fixes

[4.0.22] - 2022-11-07

Fixes

[4.0.21] - 2022-11-07

Features

[4.0.20] - 2022-11-07

v3.2.12

[3.2.12] - 2022-07-14

Fixes

v3.2.11

[3.2.11] - 2022-07-13

Features

v3.2.10

[3.2.10] - 2022-07-12

Fixes

[3.2.12] - 2022-07-14

Fixes

[3.2.11] - 2022-07-13

Features

Stack trace & error message error: failed to compile `aleo v0.3.1 (C:\Users\Giga\aleo)`, intermediate artifacts can be found at `C:\Users\Giga\aleo\target`