debug transfer pass

d5900775 · madengji · vipwzw · 4073c798 · d5900775 · d5900775
Commit d5900775 authored Jan 26, 2021 by madengji Committed by vipwzw Sep 18, 2021
30 changed files
--- a/build/docker-compose.sh
+++ b/build/docker-compose.sh
@@ -245,6 +245,7 @@ function miner() {
    fi
 }
 function block_wait() {
    if [ "$#" -lt 2 ]; then
        echo "wrong block_wait params"

--- a/plugin/dapp/mix/cmd/gnark/circuit/authorize/authorize.go
+++ b/plugin/dapp/mix/cmd/gnark/circuit/authorize/authorize.go
@@ -22,10 +22,9 @@ public:
 	authorizeSpendHash(=hash(spendpub+value+noterandom))
 private:
-	spendAmount
+	amount
-	spendPubKey
+	receiverPubKey
 	returnPubKey
-	authorizePubKey
 	authorizePriKey
 	spendFlag
 	noteRandom
@@ -40,10 +39,10 @@ func NewAuth() *frontend.R1CS {
 	// create root constraint system
 	circuit := frontend.New()
-	spendAmount := circuit.SECRET_INPUT("spendAmount")
+	amount := circuit.SECRET_INPUT("amount")
 	//spend pubkey
-	spendPubKey := circuit.SECRET_INPUT("spendPubKey")
+	receiverPubKey := circuit.SECRET_INPUT("receiverPubKey")
 	returnPubKey := circuit.SECRET_INPUT("returnPubKey")
 	authorizePriKey := circuit.SECRET_INPUT("authorizePriKey")
 	noteRandom := circuit.SECRET_INPUT("noteRandom")
@@ -63,13 +62,13 @@ func NewAuth() *frontend.R1CS {
 	//spend_flag 0：return_pubkey, 1:  spend_pubkey
 	spendFlag := circuit.SECRET_INPUT("spendFlag")
 	circuit.MUSTBE_BOOLEAN(spendFlag)
-	targetPubHash := circuit.SELECT(spendFlag, spendPubKey, returnPubKey)
+	targetPubHash := circuit.SELECT(spendFlag, receiverPubKey, returnPubKey)
-	calcAuthSpendHash := mimc.Hash(&circuit, targetPubHash, spendAmount, noteRandom)
+	calcAuthSpendHash := mimc.Hash(&circuit, targetPubHash, amount, noteRandom)
 	circuit.MUSTBE_EQ(authSpendHash, calcAuthSpendHash)
 	//通过merkle tree保证noteHash存在，即便return,auth都是null也是存在的，则可以不经过授权即可消费
 	// specify note hash constraint
-	preImage := mimc.Hash(&circuit, spendPubKey, returnPubKey, authPubKey, spendAmount, noteRandom)
+	preImage := mimc.Hash(&circuit, receiverPubKey, returnPubKey, authPubKey, amount, noteRandom)
 	noteHash := circuit.SECRET_INPUT("noteHash")
 	circuit.MUSTBE_EQ(noteHash, preImage)

--- a/plugin/dapp/mix/cmd/gnark/circuit/authorize/authorize_test.go
+++ b/plugin/dapp/mix/cmd/gnark/circuit/authorize/authorize_test.go
@@ -17,8 +17,8 @@ public:
 	authorizeSpendHash(=hash(spendpub+value+noterandom))
 private:
-	spendAmount
+	amount
-	spendPubKey
+	receiverPubKey
 	returnPubKey
 	authorizePriKey
 	spendFlag
@@ -41,8 +41,8 @@ func TestAuthorizeSpend(t *testing.T) {
 		good.Assign(backend.Public, "authorizeHash", "1267825436937766239630340333349685320927256968591056373125946583184548355070")
 		good.Assign(backend.Public, "authorizeSpendHash", "14468512365438613046028281588661351435476168610934165547900473609197783547663")
-		good.Assign(backend.Secret, "spendAmount", "28242048")
+		good.Assign(backend.Secret, "amount", "28242048")
-		good.Assign(backend.Secret, "spendPubKey", "13735985067536865723202617343666111332145536963656464451727087263423649028705")
+		good.Assign(backend.Secret, "receiverPubKey", "13735985067536865723202617343666111332145536963656464451727087263423649028705")
 		good.Assign(backend.Secret, "returnPubKey", "16067249407809359746114321133992130903102335882983385972747813693681808870497")
 		good.Assign(backend.Secret, "authorizePriKey", "17822967620457187568904804290291537271142779717280482398091401115827760898835")
 		good.Assign(backend.Secret, "spendFlag", "1")

--- a/plugin/dapp/mix/cmd/gnark/circuit/authorize/input
+++ b/plugin/dapp/mix/cmd/gnark/circuit/authorize/input
@@ -4,8 +4,8 @@ public, authorizeHash,1267825436937766239630340333349685320927256968591056373125
 public, authorizeSpendHash,14468512365438613046028281588661351435476168610934165547900473609197783547663
-secret, spendAmount,28242048
+secret, amount,28242048
-secret, spendPubKey,13735985067536865723202617343666111332145536963656464451727087263423649028705
+secret, receiverPubKey,13735985067536865723202617343666111332145536963656464451727087263423649028705
 secret, returnPubKey,16067249407809359746114321133992130903102335882983385972747813693681808870497
 secret, authorizePriKey,17822967620457187568904804290291537271142779717280482398091401115827760898835
 secret, spendFlag,1

--- a/plugin/dapp/mix/cmd/gnark/circuit/deposit/deposit.go
+++ b/plugin/dapp/mix/cmd/gnark/circuit/deposit/deposit.go
@@ -19,7 +19,7 @@ public:
 	amount
 private:
-	spendPubKey
+	receiverPubKey
 	returnPubKey
 	authorizePubKey
 	noteRandom
@@ -34,7 +34,7 @@ func NewDeposit() *frontend.R1CS {
 	amount := circuit.PUBLIC_INPUT("amount")
 	//spend pubkey
-	spendPubkey := circuit.SECRET_INPUT("spendPubKey")
+	receiverPubKey := circuit.SECRET_INPUT("receiverPubKey")
 	returnPubkey := circuit.SECRET_INPUT("returnPubKey")
 	authPubkey := circuit.SECRET_INPUT("authorizePubKey")
@@ -48,7 +48,7 @@ func NewDeposit() *frontend.R1CS {
 	//preImage=hash(spendPubkey, returnPubkey,AuthPubkey,spendValue,noteRandom)
 	noteHash := circuit.PUBLIC_INPUT("noteHash")
 	// specify note hash constraint
-	preImage := mimc.Hash(&circuit, spendPubkey, returnPubkey, authPubkey, amount, noteRandom)
+	preImage := mimc.Hash(&circuit, receiverPubKey, returnPubkey, authPubkey, amount, noteRandom)
 	circuit.MUSTBE_EQ(noteHash, preImage)
 	r1cs := circuit.ToR1CS()

--- a/plugin/dapp/mix/cmd/gnark/circuit/deposit/deposit_test.go
+++ b/plugin/dapp/mix/cmd/gnark/circuit/deposit/deposit_test.go
@@ -15,7 +15,7 @@ public:
 	amount
 private:
-	spendPubkey
+	receiverPubKey
 	returnPubkey
 	authorizePubkey
 	noteRandom
@@ -45,7 +45,7 @@ func TestDeposit(t *testing.T) {
 		good.Assign(backend.Public, "noteHash", "16308793397024662832064523892418908145900866571524124093537199035808550255649")
 		good.Assign(backend.Public, "amount", "28242048")
-		good.Assign(backend.Secret, "spendPubKey", "13735985067536865723202617343666111332145536963656464451727087263423649028705")
+		good.Assign(backend.Secret, "receiverPubKey", "13735985067536865723202617343666111332145536963656464451727087263423649028705")
 		good.Assign(backend.Secret, "returnPubKey", "16067249407809359746114321133992130903102335882983385972747813693681808870497")
 		good.Assign(backend.Secret, "authorizePubKey", "13519883267141251871527102103999205179714486518503885909948192364772977661583")
 		good.Assign(backend.Secret, "noteRandom", "2824204835")

--- a/plugin/dapp/mix/cmd/gnark/circuit/deposit/input
+++ b/plugin/dapp/mix/cmd/gnark/circuit/deposit/input
@@ -2,7 +2,7 @@ public, noteHash,163087933970246628320645238924189081459008665715241240935371990
 public, amount,28242048
-secret, spendPubKey,13735985067536865723202617343666111332145536963656464451727087263423649028705
+secret, receiverPubKey,13735985067536865723202617343666111332145536963656464451727087263423649028705
 secret, returnPubKey,16067249407809359746114321133992130903102335882983385972747813693681808870497
 secret, authorizePubKey,13519883267141251871527102103999205179714486518503885909948192364772977661583
 secret, noteRandom,2824204835

--- a/plugin/dapp/mix/cmd/gnark/circuit/transferInput/input
+++ b/plugin/dapp/mix/cmd/gnark/circuit/transferInput/input
 public, treeRootHash,10531321614990797034921282585661869614556487056951485265320464926630499341310
-public, commitValueX,14087975867275911077371231345227824611951436822132762463787130558957838320348
+public, shieldAmountX,14087975867275911077371231345227824611951436822132762463787130558957838320348
-public, commitValueY,15113519960384204624879642069520481336224311978035289236693658603675385299879
+public, shieldAmountY,15113519960384204624879642069520481336224311978035289236693658603675385299879
 public, authorizeSpendHash,14468512365438613046028281588661351435476168610934165547900473609197783547663
 public, nullifierHash,6747518781649068310795677405858353007442326529625450860668944156162052335195
-secret, spendAmount,28242048
+secret, amount,28242048
-secret, spendRandom,35
+secret, amountRandom,35
-secret, spendPubKey,13735985067536865723202617343666111332145536963656464451727087263423649028705
+secret, receiverPubKey,13735985067536865723202617343666111332145536963656464451727087263423649028705
 secret, returnPubKey,16067249407809359746114321133992130903102335882983385972747813693681808870497
 secret, authorizePubKey,13519883267141251871527102103999205179714486518503885909948192364772977661583
 secret, spendPriKey,10190477835300927557649934238820360529458681672073866116232821892325659279502

--- a/plugin/dapp/mix/cmd/gnark/circuit/transferInput/transferInput.go
+++ b/plugin/dapp/mix/cmd/gnark/circuit/transferInput/transferInput.go
@@ -17,15 +17,15 @@ func main() {
 /*
 public:
 	treeRootHash
-	commitValueX
+	shieldAmountX
-	commitValueY
+	shieldAmountY
-	authorizeHash
+	authorizeSpendHash
 	nullifierHash
 private:
-	spendAmount
+	amount
-	spendRandom
+	amountRandom
-	spendPubKey
+	receiverPubKey
 	returnPubKey
 	authorizePubKey
 	spendPriKey
@@ -42,10 +42,10 @@ func NewTransferInput() *frontend.R1CS {
 	// create root constraint system
 	circuit := frontend.New()
-	spendValue := circuit.SECRET_INPUT("spendAmount")
+	spendValue := circuit.SECRET_INPUT("amount")
 	//spend pubkey
-	spendPubkey := circuit.SECRET_INPUT("spendPubKey")
+	spendPubkey := circuit.SECRET_INPUT("receiverPubKey")
 	returnPubkey := circuit.SECRET_INPUT("returnPubKey")
 	authPubkey := circuit.SECRET_INPUT("authorizePubKey")
 	spendPrikey := circuit.SECRET_INPUT("spendPriKey")

--- a/plugin/dapp/mix/cmd/gnark/circuit/transferInput/transferinput_test.go
+++ b/plugin/dapp/mix/cmd/gnark/circuit/transferInput/transferinput_test.go
@@ -12,15 +12,15 @@ import (
 /*
 public:
 	treeRootHash
-	commitValueX
+	shieldAmountX
-	commitValueY
+	shieldAmountY
 	authorizeHash
 	nullifierHash
 private:
-	spendAmount
+	amount
-	spendRandom
+	amountRandom
-	spendPubKey
+	receiverPubKey
 	returnPubKey
 	authorizePubKey
 	spendPriKey
@@ -41,15 +41,15 @@ func TestTransferInputAuth(t *testing.T) {
 	{
 		good := backend.NewAssignment()
 		good.Assign(backend.Public, "treeRootHash", "10531321614990797034921282585661869614556487056951485265320464926630499341310")
-		good.Assign(backend.Public, "commitValueX", "14087975867275911077371231345227824611951436822132762463787130558957838320348")
+		good.Assign(backend.Public, "shieldAmountX", "14087975867275911077371231345227824611951436822132762463787130558957838320348")
-		good.Assign(backend.Public, "commitValueY", "15113519960384204624879642069520481336224311978035289236693658603675385299879")
+		good.Assign(backend.Public, "shieldAmountY", "15113519960384204624879642069520481336224311978035289236693658603675385299879")
 		good.Assign(backend.Public, "authorizeSpendHash", "14468512365438613046028281588661351435476168610934165547900473609197783547663")
 		good.Assign(backend.Public, "nullifierHash", "6747518781649068310795677405858353007442326529625450860668944156162052335195")
-		good.Assign(backend.Secret, "spendAmount", "28242048")
+		good.Assign(backend.Secret, "amount", "28242048")
-		good.Assign(backend.Secret, "spendRandom", "35")
+		good.Assign(backend.Secret, "amountRandom", "35")
-		good.Assign(backend.Secret, "spendPubKey", "13735985067536865723202617343666111332145536963656464451727087263423649028705")
+		good.Assign(backend.Secret, "receiverPubKey", "13735985067536865723202617343666111332145536963656464451727087263423649028705")
 		good.Assign(backend.Secret, "returnPubKey", "16067249407809359746114321133992130903102335882983385972747813693681808870497")
 		good.Assign(backend.Secret, "authorizePubKey", "13519883267141251871527102103999205179714486518503885909948192364772977661583")
@@ -106,15 +106,15 @@ func TestTransferInputReturnKey(t *testing.T) {
 	{
 		good := backend.NewAssignment()
 		good.Assign(backend.Public, "treeRootHash", "10531321614990797034921282585661869614556487056951485265320464926630499341310")
-		good.Assign(backend.Public, "commitValueX", "14087975867275911077371231345227824611951436822132762463787130558957838320348")
+		good.Assign(backend.Public, "shieldAmountX", "14087975867275911077371231345227824611951436822132762463787130558957838320348")
-		good.Assign(backend.Public, "commitValueY", "15113519960384204624879642069520481336224311978035289236693658603675385299879")
+		good.Assign(backend.Public, "shieldAmountY", "15113519960384204624879642069520481336224311978035289236693658603675385299879")
 		good.Assign(backend.Public, "authorizeSpendHash", "6026163592877030954825395224309219861774131411806846860652261047183070579370")
 		good.Assign(backend.Public, "nullifierHash", "6747518781649068310795677405858353007442326529625450860668944156162052335195")
-		good.Assign(backend.Secret, "spendAmount", "28242048")
+		good.Assign(backend.Secret, "amount", "28242048")
-		good.Assign(backend.Secret, "spendRandom", "35")
+		good.Assign(backend.Secret, "amountRandom", "35")
-		good.Assign(backend.Secret, "spendPubKey", "13735985067536865723202617343666111332145536963656464451727087263423649028705")
+		good.Assign(backend.Secret, "receiverPubKey", "13735985067536865723202617343666111332145536963656464451727087263423649028705")
 		good.Assign(backend.Secret, "returnPubKey", "16067249407809359746114321133992130903102335882983385972747813693681808870497")
 		good.Assign(backend.Secret, "authorizePubKey", "13519883267141251871527102103999205179714486518503885909948192364772977661583")
@@ -172,31 +172,31 @@ func TestTransferInputNoAuthorize(t *testing.T) {
 	r1csBN256 := backend_bn256.Cast(r1cs)
 	{
 		good := backend.NewAssignment()
-		good.Assign(backend.Public, "treeRootHash", "12759256930628441934094267209403003086804595141527597228422519500766117029056")
+		good.Assign(backend.Public, "treeRootHash", "8924377726623516198388981994706612588174229761660626844219523809311621081152")
-		good.Assign(backend.Public, "commitValueX", "14087975867275911077371231345227824611951436822132762463787130558957838320348")
+		good.Assign(backend.Public, "shieldAmountX", "20026900249169569699397829614948056401416692452575929785554743563301443795984")
-		good.Assign(backend.Public, "commitValueY", "15113519960384204624879642069520481336224311978035289236693658603675385299879")
+		good.Assign(backend.Public, "shieldAmountY", "11443294504840468048882645872852838384649876010412151915870299030068051779303")
 		good.Assign(backend.Public, "authorizeSpendHash", "0")
-		good.Assign(backend.Public, "nullifierHash", "6747518781649068310795677405858353007442326529625450860668944156162052335195")
+		good.Assign(backend.Public, "nullifierHash", "4493238794492517147695618716694376637191823831910850819304582851540887491471")
-		good.Assign(backend.Secret, "spendAmount", "28242048")
+		good.Assign(backend.Secret, "amount", "500000000")
-		good.Assign(backend.Secret, "spendRandom", "35")
+		good.Assign(backend.Secret, "amountRandom", "103649245823269378598256096359743803233")
-		good.Assign(backend.Secret, "spendPubKey", "13735985067536865723202617343666111332145536963656464451727087263423649028705")
+		good.Assign(backend.Secret, "receiverPubKey", "7244551457692363731356498279463138379576484998878425864678733206990733443457")
 		good.Assign(backend.Secret, "returnPubKey", "0")
 		good.Assign(backend.Secret, "authorizePubKey", "0")
-		good.Assign(backend.Secret, "spendPriKey", "10190477835300927557649934238820360529458681672073866116232821892325659279502")
+		good.Assign(backend.Secret, "spendPriKey", "19115616183616714814727844928908633989028519974595353009754871398745087846141")
 		good.Assign(backend.Secret, "spendFlag", "1")
 		//not need authorize
 		good.Assign(backend.Secret, "authorizeFlag", "0")
-		good.Assign(backend.Secret, "noteRandom", "2824204835")
+		good.Assign(backend.Secret, "noteRandom", "16855817802811010832998322637530013398737002960466904173163094025121554818471")
-		good.Assign(backend.Secret, "noteHash", "8225571890661960751046682712125507843232543630686326316665478955306869111251")
+		good.Assign(backend.Secret, "noteHash", "4757455985754753449547885621755931629265767091930770913671501411452663313694")
-		good.Assign(backend.Secret, "path1", "14187514855908861960780770215596905690354960378277143432325960729637725182251")
+		good.Assign(backend.Secret, "path1", "21609869341494920403470153054548069228540665950349313465330160010270609674984")
-		good.Assign(backend.Secret, "path2", "6182134257436688306324731906502075484313942414837318361329615447955128796497")
+		good.Assign(backend.Secret, "path2", "0")
-		good.Assign(backend.Secret, "path3", "11546648745105756958663742750618707757021496913774959001736226397442926254652")
+		good.Assign(backend.Secret, "path3", "0")
 		good.Assign(backend.Secret, "path4", "0")
 		good.Assign(backend.Secret, "path5", "0")
 		good.Assign(backend.Secret, "path6", "0")
@@ -204,7 +204,7 @@ func TestTransferInputNoAuthorize(t *testing.T) {
 		good.Assign(backend.Secret, "path8", "0")
 		good.Assign(backend.Secret, "path9", "0")
-		good.Assign(backend.Secret, "helper1", "1")
+		good.Assign(backend.Secret, "helper1", "0")
 		good.Assign(backend.Secret, "helper2", "1")
 		good.Assign(backend.Secret, "helper3", "1")
 		good.Assign(backend.Secret, "helper4", "0")
@@ -215,8 +215,8 @@ func TestTransferInputNoAuthorize(t *testing.T) {
 		good.Assign(backend.Secret, "helper9", "0")
 		good.Assign(backend.Secret, "valid1", "1")
-		good.Assign(backend.Secret, "valid2", "1")
+		good.Assign(backend.Secret, "valid2", "0")
-		good.Assign(backend.Secret, "valid3", "1")
+		good.Assign(backend.Secret, "valid3", "0")
 		good.Assign(backend.Secret, "valid4", "0")
 		good.Assign(backend.Secret, "valid5", "0")
 		good.Assign(backend.Secret, "valid6", "0")

--- a/plugin/dapp/mix/cmd/gnark/circuit/transferOutput/input
+++ b/plugin/dapp/mix/cmd/gnark/circuit/transferOutput/input
-public, commitValueX,14087975867275911077371231345227824611951436822132762463787130558957838320348
+public, shieldAmountX,14087975867275911077371231345227824611951436822132762463787130558957838320348
-public, commitValueY,15113519960384204624879642069520481336224311978035289236693658603675385299879
+public, shieldAmountY,15113519960384204624879642069520481336224311978035289236693658603675385299879
 public, noteHash,16308793397024662832064523892418908145900866571524124093537199035808550255649
-secret, spendAmount,28242048
+secret, amount,28242048
-secret, spendRandom,35
+secret, amountRandom,35
-secret, spendPubKey,13735985067536865723202617343666111332145536963656464451727087263423649028705
+secret, receiverPubKey,13735985067536865723202617343666111332145536963656464451727087263423649028705
 secret, returnPubKey,16067249407809359746114321133992130903102335882983385972747813693681808870497
 secret, authorizePubKey,13519883267141251871527102103999205179714486518503885909948192364772977661583
 secret, noteRandom,2824204835

--- a/plugin/dapp/mix/cmd/gnark/circuit/transferOutput/transferOutput.go
+++ b/plugin/dapp/mix/cmd/gnark/circuit/transferOutput/transferOutput.go
@@ -16,14 +16,14 @@ func main() {
 //spend commit hash the circuit implementing
 /*
 public:
-	commitValueX
+	shieldAmountX
-	commitValueY
+	shieldAmountY
-	nodeHash
+	noteHash
 private:
-	spendAmount
+	amount
-	spendRandom
+	amountRandom
-	spendPubKey
+	receiverPubKey
 	returnPubKey
 	authorizePubKey
 	noteRandom
@@ -34,10 +34,10 @@ func NewTransferOutput() *frontend.R1CS {
 	// create root constraint system
 	circuit := frontend.New()
-	spendValue := circuit.SECRET_INPUT("spendAmount")
+	spendValue := circuit.SECRET_INPUT("amount")
 	//spend pubkey
-	spendPubkey := circuit.SECRET_INPUT("spendPubKey")
+	spendPubkey := circuit.SECRET_INPUT("receiverPubKey")
 	returnPubkey := circuit.SECRET_INPUT("returnPubKey")
 	authPubkey := circuit.SECRET_INPUT("authorizePubKey")

--- a/plugin/dapp/mix/cmd/gnark/circuit/transferOutput/transferOutput_test.go
+++ b/plugin/dapp/mix/cmd/gnark/circuit/transferOutput/transferOutput_test.go
@@ -11,14 +11,14 @@ import (
 /*
 public:
-	commitValueX
+	shieldAmountX
-	commitValueY
+	shieldAmountY
-	nodeHash
+	noteHash
 private:
-	spendAmount
+	amount
-	spendRandom
+	amountRandom
-	spendPubKey
+	receiverPubKey
 	returnPubKey
 	authorizePubKey
 	noteRandom
@@ -32,14 +32,14 @@ func TestTransferOutput(t *testing.T) {
 	r1csBN256 := backend_bn256.Cast(r1cs)
 	{
 		good := backend.NewAssignment()
-		good.Assign(backend.Public, "commitValueX", "14087975867275911077371231345227824611951436822132762463787130558957838320348")
+		good.Assign(backend.Public, "shieldAmountX", "14087975867275911077371231345227824611951436822132762463787130558957838320348")
-		good.Assign(backend.Public, "commitValueY", "15113519960384204624879642069520481336224311978035289236693658603675385299879")
+		good.Assign(backend.Public, "shieldAmountY", "15113519960384204624879642069520481336224311978035289236693658603675385299879")
-		good.Assign(backend.Public, "nodeHash", "16308793397024662832064523892418908145900866571524124093537199035808550255649")
+		good.Assign(backend.Public, "noteHash", "16308793397024662832064523892418908145900866571524124093537199035808550255649")
-		good.Assign(backend.Secret, "spendAmount", "28242048")
+		good.Assign(backend.Secret, "amount", "28242048")
-		good.Assign(backend.Secret, "spendRandom", "35")
+		good.Assign(backend.Secret, "amountRandom", "35")
-		good.Assign(backend.Secret, "spendPubKey", "13735985067536865723202617343666111332145536963656464451727087263423649028705")
+		good.Assign(backend.Secret, "receiverPubKey", "13735985067536865723202617343666111332145536963656464451727087263423649028705")
 		good.Assign(backend.Secret, "returnPubKey", "16067249407809359746114321133992130903102335882983385972747813693681808870497")
 		good.Assign(backend.Secret, "authorizePubKey", "13519883267141251871527102103999205179714486518503885909948192364772977661583")
@@ -49,3 +49,55 @@ func TestTransferOutput(t *testing.T) {
 	}
 }
+func TestTransferOutputTemp(t *testing.T) {
+	assert := groth16.NewAssert(t)
+	r1cs := NewTransferOutput()
+	r1csBN256 := backend_bn256.Cast(r1cs)
+	{
+		good := backend.NewAssignment()
+		good.Assign(backend.Public, "shieldAmountX", "3403754862862244121869403834818720211897208891381676574399662060838495940078")
+		good.Assign(backend.Public, "shieldAmountY", "21401902064308935591303802598664246616585474010691469717860664156067228175223")
+		good.Assign(backend.Public, "noteHash", "13610259753835165822431524149670478281864477297016371975012414049080268826331")
+		good.Assign(backend.Secret, "amount", "300000000")
+		good.Assign(backend.Secret, "amountRandom", "17199160520698273243343882915453578587")
+		good.Assign(backend.Secret, "receiverPubKey", "18829345085195922012068709111582461121107908772422825655963168999800303848486")
+		good.Assign(backend.Secret, "returnPubKey", "0")
+		good.Assign(backend.Secret, "authorizePubKey", "0")
+		good.Assign(backend.Secret, "noteRandom", "5029847585956946251661044349066579681630691396824473307862642244158835326399")
+		assert.Solved(&r1csBN256, good, nil)
+	}
+}
+func TestTransferOutputChange(t *testing.T) {
+	assert := groth16.NewAssert(t)
+	r1cs := NewTransferOutput()
+	r1csBN256 := backend_bn256.Cast(r1cs)
+	{
+		good := backend.NewAssignment()
+		good.Assign(backend.Public, "shieldAmountX", "10703086269439751873106176219875739041896146845566831131812760688039385779519")
+		good.Assign(backend.Public, "shieldAmountY", "19139103177181062461420753508628290808191900352948606822559796252948653071734")
+		good.Assign(backend.Public, "noteHash", "13134546856103113099750783399130805737503059294172727906371169345876474249458")
+		good.Assign(backend.Secret, "amount", "199900000")
+		good.Assign(backend.Secret, "amountRandom", "86450085302571105354912213444290224646")
+		good.Assign(backend.Secret, "receiverPubKey", "7244551457692363731356498279463138379576484998878425864678733206990733443457")
+		good.Assign(backend.Secret, "returnPubKey", "0")
+		good.Assign(backend.Secret, "authorizePubKey", "0")
+		good.Assign(backend.Secret, "noteRandom", "7266395330102686861165120582739238575545854195882356283931287331463151808870")
+		assert.Solved(&r1csBN256, good, nil)
+	}
+}
--- a/plugin/dapp/mix/cmd/gnark/circuit/util.go
+++ b/plugin/dapp/mix/cmd/gnark/circuit/util.go
@@ -65,8 +65,8 @@ func leafSum(circuit *frontend.CS, h mimc.MiMCGadget, data *frontend.Constraint)
 func CommitValuePart(circuit *frontend.CS, spendValue *frontend.Constraint) {
 	//cmt=transfer_value*G + random_value*H
-	cmtvalueX := circuit.PUBLIC_INPUT("commitValueX")
+	cmtvalueX := circuit.PUBLIC_INPUT("shieldAmountX")
-	cmtvalueY := circuit.PUBLIC_INPUT("commitValueY")
+	cmtvalueY := circuit.PUBLIC_INPUT("shieldAmountY")
 	// set curve parameters
 	edgadget, _ := twistededwards_gadget.NewEdCurveGadget(gurvy.BN256)
@@ -84,7 +84,7 @@ func CommitValuePart(circuit *frontend.CS, spendValue *frontend.Constraint) {
 	pointGSnark.X.Tag("xg")
 	pointGSnark.Y.Tag("yg")
-	transfer_random := circuit.SECRET_INPUT("spendRandom")
+	transfer_random := circuit.SECRET_INPUT("amountRandom")
 	//circuit.MUSTBE_LESS_OR_EQ(random_value,10000000000,256)
 	//H is not G, H should be a point that no one know the prikey
 	var baseX_H, baseY_H fr_bn256.Element

--- a/plugin/dapp/mix/cmd/gnark/circuit/withdraw/input
+++ b/plugin/dapp/mix/cmd/gnark/circuit/withdraw/input
@@ -4,7 +4,7 @@ public, nullifierHash,6747518781649068310795677405858353007442326529625450860668
 public, amount,28242048
-secret, spendPubKey,13735985067536865723202617343666111332145536963656464451727087263423649028705
+secret, receiverPubKey,13735985067536865723202617343666111332145536963656464451727087263423649028705
 secret, returnPubKey,16067249407809359746114321133992130903102335882983385972747813693681808870497
 secret, authorizePubKey,13519883267141251871527102103999205179714486518503885909948192364772977661583
 secret, spendPriKey,10190477835300927557649934238820360529458681672073866116232821892325659279502

--- a/plugin/dapp/mix/cmd/gnark/circuit/withdraw/withdraw.go
+++ b/plugin/dapp/mix/cmd/gnark/circuit/withdraw/withdraw.go
@@ -22,7 +22,7 @@ public:
 	amount
 private:
-	spendPubKey
+	receiverPubKey
 	returnPubKey
 	authorizePubKey
 	spendPriKey
@@ -43,7 +43,7 @@ func NewWithdraw() *frontend.R1CS {
 	spendValue := circuit.PUBLIC_INPUT("amount")
 	//spend pubkey
-	spendPubkey := circuit.SECRET_INPUT("spendPubKey")
+	receiverPubKey := circuit.SECRET_INPUT("receiverPubKey")
 	returnPubkey := circuit.SECRET_INPUT("returnPubKey")
 	authPubkey := circuit.SECRET_INPUT("authorizePubKey")
 	spendPrikey := circuit.SECRET_INPUT("spendPriKey")
@@ -57,7 +57,7 @@ func NewWithdraw() *frontend.R1CS {
 	// hash function
 	mimc, _ := mimc.NewMiMCGadget("seed", gurvy.BN256)
 	calcPubHash := mimc.Hash(&circuit, spendPrikey)
-	targetPubHash := circuit.SELECT(spendFlag, spendPubkey, returnPubkey)
+	targetPubHash := circuit.SELECT(spendFlag, receiverPubKey, returnPubkey)
 	circuit.MUSTBE_EQ(targetPubHash, calcPubHash)
 	//note hash random
@@ -78,7 +78,7 @@ func NewWithdraw() *frontend.R1CS {
 	calcReturnPubkey := circuit.SELECT(authFlag, returnPubkey, nullValue)
 	calcAuthPubkey := circuit.SELECT(authFlag, authPubkey, nullValue)
 	// specify note hash constraint
-	preImage := mimc.Hash(&circuit, spendPubkey, calcReturnPubkey, calcAuthPubkey, spendValue, noteRandom)
+	preImage := mimc.Hash(&circuit, receiverPubKey, calcReturnPubkey, calcAuthPubkey, spendValue, noteRandom)
 	circuit.MUSTBE_EQ(noteHash, preImage)
 	util.MerkelPathPart(&circuit, mimc, preImage)

--- a/plugin/dapp/mix/cmd/gnark/circuit/withdraw/withdraw_test.go
+++ b/plugin/dapp/mix/cmd/gnark/circuit/withdraw/withdraw_test.go
@@ -17,7 +17,7 @@ public:
 	amount
 private:
-	spendPubKey
+	receiverPubKey
 	returnPubKey
 	authorizePubKey
 	spendPriKey
@@ -42,7 +42,7 @@ func TestWithdraw(t *testing.T) {
 		good.Assign(backend.Public, "nullifierHash", "6747518781649068310795677405858353007442326529625450860668944156162052335195")
 		good.Assign(backend.Public, "amount", "28242048")
-		good.Assign(backend.Secret, "spendPubKey", "13735985067536865723202617343666111332145536963656464451727087263423649028705")
+		good.Assign(backend.Secret, "receiverPubKey", "13735985067536865723202617343666111332145536963656464451727087263423649028705")
 		good.Assign(backend.Secret, "returnPubKey", "16067249407809359746114321133992130903102335882983385972747813693681808870497")
 		good.Assign(backend.Secret, "authorizePubKey", "13519883267141251871527102103999205179714486518503885909948192364772977661583")

--- a/plugin/dapp/mix/commands/mix.go
+++ b/plugin/dapp/mix/commands/mix.go
@@ -60,8 +60,8 @@ func addCreateDepositFlags(cmd *cobra.Command) {
 	cmd.Flags().Uint64P("amount", "m", 0, "deposit amount")
 	cmd.MarkFlagRequired("amount")
-	cmd.Flags().StringP("secretPayment", "p", "", "secret for payment addr")
+	cmd.Flags().StringP("secretReceiver", "p", "", "secret for receiver addr")
-	cmd.MarkFlagRequired("secretPayment")
+	cmd.MarkFlagRequired("secretReceiver")
 	cmd.Flags().StringP("secretAuth", "a", "", "secret for authorize addr")
@@ -102,7 +102,7 @@ func createDeposit(cmd *cobra.Command, args []string) {
 	paraName, _ := cmd.Flags().GetString("paraName")
 	amount, _ := cmd.Flags().GetUint64("amount")
 	proofsPara, _ := cmd.Flags().GetString("proofs")
-	secretPayment, _ := cmd.Flags().GetString("secretPayment")
+	secretReceiver, _ := cmd.Flags().GetString("secretReceiver")
 	secretAuth, _ := cmd.Flags().GetString("secretAuth")
 	secretReturn, _ := cmd.Flags().GetString("secretReturn")
@@ -112,7 +112,7 @@ func createDeposit(cmd *cobra.Command, args []string) {
 	}
 	proofInputs.Secrets = &mixTy.DHSecretGroup{
-		Payment:   secretPayment,
+		Receiver:  secretReceiver,
 		Authorize: secretAuth,
 		Returner:  secretReturn,
 	}
@@ -194,8 +194,8 @@ func addCreateTransferFlags(cmd *cobra.Command) {
 	cmd.Flags().StringP("output", "o", "", "output 'proof-pubinput' pair")
 	cmd.MarkFlagRequired("output")
-	cmd.Flags().StringP("secretPayment", "p", "", "secret for payment addr")
+	cmd.Flags().StringP("secretReceiver", "p", "", "secret for receiver addr")
-	cmd.MarkFlagRequired("secretPayment")
+	cmd.MarkFlagRequired("secretReceiver")
 	cmd.Flags().StringP("secretAuth", "a", "", "secret for authorize addr")
@@ -204,8 +204,8 @@ func addCreateTransferFlags(cmd *cobra.Command) {
 	cmd.Flags().StringP("change", "c", "", "output change 'proof-pubinput' pair")
 	cmd.MarkFlagRequired("change")
-	cmd.Flags().StringP("changePayment", "t", "", "secret for change payment addr")
+	cmd.Flags().StringP("changeReceiver", "t", "", "secret for change receiver addr")
-	cmd.MarkFlagRequired("changePayment")
+	cmd.MarkFlagRequired("changeReceiver")
 	cmd.Flags().StringP("changeAuth", "u", "", "secret for change authorize addr")
@@ -218,10 +218,10 @@ func createTransfer(cmd *cobra.Command, args []string) {
 	proofsInput, _ := cmd.Flags().GetString("input")
 	proofsOutput, _ := cmd.Flags().GetString("output")
 	proofsChange, _ := cmd.Flags().GetString("change")
-	secretPayment, _ := cmd.Flags().GetString("secretPayment")
+	secretReceiver, _ := cmd.Flags().GetString("secretReceiver")
 	secretAuth, _ := cmd.Flags().GetString("secretAuth")
 	secretReturn, _ := cmd.Flags().GetString("secretReturn")
-	changePayment, _ := cmd.Flags().GetString("changePayment")
+	changeReceiver, _ := cmd.Flags().GetString("changeReceiver")
 	changeAuth, _ := cmd.Flags().GetString("changeAuth")
 	changeReturn, _ := cmd.Flags().GetString("changeReturn")
@@ -236,7 +236,7 @@ func createTransfer(cmd *cobra.Command, args []string) {
 		return
 	}
 	proofOutputs.Secrets = &mixTy.DHSecretGroup{
-		Payment:   secretPayment,
+		Receiver:  secretReceiver,
 		Returner:  secretAuth,
 		Authorize: secretReturn,
 	}
@@ -247,7 +247,7 @@ func createTransfer(cmd *cobra.Command, args []string) {
 		return
 	}
 	proofChanges.Secrets = &mixTy.DHSecretGroup{
-		Payment:   changePayment,
+		Receiver:  changeReceiver,
 		Returner:  changeAuth,
 		Authorize: changeReturn,
 	}
@@ -331,7 +331,7 @@ func mixConfigVerifyKeyParaCmd() *cobra.Command {
 }
 func addVkConfigFlags(cmd *cobra.Command) {
-	cmd.Flags().Uint32P("circuit", "c", 0, "mix circuit type,0:deposit,1:withdraw,2:payinput,3:payoutput,4:authorize")
+	cmd.Flags().Uint32P("circuit", "c", 0, "mix circuit type,0:deposit,1:withdraw,2:tansferinput,3:transferoutput,4:authorize")
 	cmd.MarkFlagRequired("circuit")
 	cmd.Flags().StringP("zkey", "z", "", "zk proof verify key")
@@ -419,8 +419,8 @@ func mixConfigPaymentPubKeyParaCmd() *cobra.Command {
 }
 func addPayPubKeyConfigFlags(cmd *cobra.Command) {
-	cmd.Flags().StringP("paying", "p", "", "paying key")
+	cmd.Flags().StringP("receiver", "r", "", "receiver key")
-	cmd.MarkFlagRequired("paying")
+	cmd.MarkFlagRequired("receiver")
 	cmd.Flags().StringP("keyX", "x", "", "receiving pub key X")
 	cmd.MarkFlagRequired("keyX")
@@ -431,16 +431,16 @@ func addPayPubKeyConfigFlags(cmd *cobra.Command) {
 func createConfigPayPubKey(cmd *cobra.Command, args []string) {
 	paraName, _ := cmd.Flags().GetString("paraName")
-	paying, _ := cmd.Flags().GetString("paying")
+	receiver, _ := cmd.Flags().GetString("receiver")
 	keyx, _ := cmd.Flags().GetString("keyX")
 	keyy, _ := cmd.Flags().GetString("keyY")
 	payload := &mixTy.MixConfigAction{}
 	payload.Ty = mixTy.MixConfigType_PaymentPubKey
-	receivingKey := &mixTy.PubKey{X: keyx, Y: keyy}
+	secretKey := &mixTy.PubKey{X: keyx, Y: keyy}
-	payload.Value = &mixTy.MixConfigAction_PaymentKey{PaymentKey: &mixTy.PaymentKey{PayingKey: paying, ReceivingKey: receivingKey}}
+	payload.Value = &mixTy.MixConfigAction_PaymentKey{PaymentKey: &mixTy.PaymentKey{ReceiverKey: receiver, SecretKey: secretKey}}
 	params := &rpctypes.CreateTxIn{
 		Execer:     getRealExecName(paraName, mixTy.MixX),
@@ -847,8 +847,8 @@ func EncodeSecretDataCmd() *cobra.Command {
 }
 func encodeSecretCmdFlags(cmd *cobra.Command) {
-	cmd.Flags().StringP("payment", "p", "", "payment key")
+	cmd.Flags().StringP("receiver", "p", "", "receiver key")
-	cmd.MarkFlagRequired("payment")
+	cmd.MarkFlagRequired("receiver")
 	cmd.Flags().StringP("return", "r", "", "return key")
@@ -861,13 +861,13 @@ func encodeSecretCmdFlags(cmd *cobra.Command) {
 func encodeSecret(cmd *cobra.Command, args []string) {
 	rpcLaddr, _ := cmd.Flags().GetString("rpc_laddr")
-	payment, _ := cmd.Flags().GetString("payment")
+	receiver, _ := cmd.Flags().GetString("receiver")
 	returnKey, _ := cmd.Flags().GetString("return")
 	authorize, _ := cmd.Flags().GetString("authorize")
 	amount, _ := cmd.Flags().GetString("amount")
 	req := mixTy.SecretData{
-		PaymentPubKey:   payment,
+		ReceiverPubKey:  receiver,
 		ReturnPubKey:    returnKey,
 		AuthorizePubKey: authorize,
 		Amount:          amount,
@@ -910,8 +910,8 @@ func encryptSecret(cmd *cobra.Command, args []string) {
 	pubkey := &mixTy.PubKey{X: x, Y: y}
 	req := mixTy.EncryptSecretData{
-		Secret:      secret,
+		Secret:       secret,
-		ReceivingPk: pubkey,
+		SecretPubKey: pubkey,
 	}
 	var res mixTy.DHSecret
@@ -956,9 +956,9 @@ func decryptSecret(cmd *cobra.Command, args []string) {
 	prikey := &mixTy.PrivKey{Data: p}
 	req := mixTy.DecryptSecretData{
-		Secret:          secret,
+		Secret:       secret,
-		Epk:             pubkey,
+		Epk:          pubkey,
-		ReceivingPriKey: prikey,
+		SecretPriKey: prikey,
 	}
 	var res mixTy.SecretData
@@ -991,10 +991,10 @@ func DepositInputsCmd() *cobra.Command {
 }
 func depositSecretCmdFlags(cmd *cobra.Command) {
-	cmd.Flags().StringP("payment", "p", "", "payment addr")
+	cmd.Flags().StringP("receiver", "r", "", "receiver addr")
-	cmd.MarkFlagRequired("payment")
+	cmd.MarkFlagRequired("receiver")
-	cmd.Flags().StringP("return", "r", "", "return addr")
+	cmd.Flags().StringP("return", "n", "", "return addr")
 	cmd.Flags().StringP("authorize", "a", "", "authorize addr")
@@ -1005,13 +1005,13 @@ func depositSecretCmdFlags(cmd *cobra.Command) {
 func depositSecret(cmd *cobra.Command, args []string) {
 	rpcLaddr, _ := cmd.Flags().GetString("rpc_laddr")
-	payment, _ := cmd.Flags().GetString("payment")
+	receiver, _ := cmd.Flags().GetString("receiver")
 	returnKey, _ := cmd.Flags().GetString("return")
 	authorize, _ := cmd.Flags().GetString("authorize")
 	amount, _ := cmd.Flags().GetUint64("amount")
 	req := &mixTy.DepositProofReq{
-		PaymentAddr:   payment,
+		ReceiverAddr:  receiver,
 		ReturnAddr:    returnKey,
 		AuthorizeAddr: authorize,
 		Amount:        amount,

--- a/plugin/dapp/mix/executor/committree.go
+++ b/plugin/dapp/mix/executor/committree.go
@@ -6,6 +6,7 @@ package executor
 import (
 	"bytes"
 	dbm "github.com/33cn/chain33/common/db"
 	"github.com/33cn/chain33/types"
 	"github.com/33cn/plugin/plugin/dapp/mix/executor/merkletree"

--- a/plugin/dapp/mix/executor/config.go
+++ b/plugin/dapp/mix/executor/config.go
@@ -187,13 +187,13 @@ func GetPaymentPubKey(db dbm.KV, addr string) (*mixTy.PaymentKey, error) {
 }
 func (a *action) ConfigPaymentPubKey(paykey *mixTy.PaymentKey) (*types.Receipt, error) {
-	if paykey == nil || len(paykey.PayingKey) == 0 || len(paykey.ReceivingKey.X) == 0 || len(paykey.ReceivingKey.Y) == 0 {
+	if paykey == nil || len(paykey.ReceiverKey) == 0 || len(paykey.SecretKey.X) == 0 || len(paykey.SecretKey.Y) == 0 {
 		return nil, errors.Wrapf(types.ErrInvalidParam, "pubkey=%v", paykey)
 	}
 	//直接覆盖
 	return makeConfigPaymentKeyReceipt(&mixTy.PaymentKey{
-		Addr:         a.fromaddr,
+		Addr:        a.fromaddr,
-		PayingKey:    paykey.PayingKey,
+		ReceiverKey: paykey.ReceiverKey,
-		ReceivingKey: paykey.ReceivingKey}), nil
+		SecretKey:   paykey.SecretKey}), nil
 }
--- a/plugin/dapp/mix/executor/mix.go
+++ b/plugin/dapp/mix/executor/mix.go
@@ -5,6 +5,7 @@
 package executor
 import (
+	"github.com/33cn/chain33/common"
 	log "github.com/33cn/chain33/common/log/log15"
 	drivers "github.com/33cn/chain33/system/dapp"
 	"github.com/33cn/chain33/types"
@@ -62,10 +63,9 @@ func (m *Mix) CheckTx(tx *types.Transaction, index int) error {
 		// mix隐私交易，只私对私需要特殊签名验证
 		return m.DriverBase.CheckTx(tx, index)
 	}
-	minTxFee := m.GetAPI().GetConfig().GInt("wallet.minFee")
+	_, _, err := MixTransferInfoVerify(m.GetAPI().GetConfig(), m.GetStateDB(), action.GetTransfer())
-	_, _, err := MixTransferInfoVerify(m.GetStateDB(), action.GetTransfer(), minTxFee)
 	if err != nil {
-		mlog.Error("checkTx", "err", err)
+		mlog.Error("checkTx", "err", err, "txhash", common.ToHex(tx.Hash()))
 		return err
 	}
 	return nil

--- a/plugin/dapp/mix/executor/transfer.go
+++ b/plugin/dapp/mix/executor/transfer.go
@@ -7,6 +7,7 @@ package executor
 import (
 	"encoding/hex"
 	"encoding/json"
+	"fmt"
 	"github.com/33cn/chain33/types"
 	mixTy "github.com/33cn/plugin/plugin/dapp/mix/types"
@@ -75,15 +76,15 @@ func VerifyCommitValues(inputs []*mixTy.TransferInputPublicInput, outputs []*mix
 	var inputPoints, outputPoints []*twistededwards.Point
 	for _, in := range inputs {
 		var p twistededwards.Point
-		p.X.SetString(in.AmountX)
+		p.X.SetString(in.ShieldAmountX)
-		p.Y.SetString(in.AmountY)
+		p.Y.SetString(in.ShieldAmountY)
 		inputPoints = append(inputPoints, &p)
 	}
 	for _, out := range outputs {
 		var p twistededwards.Point
-		p.X.SetString(out.AmountX)
+		p.X.SetString(out.ShieldAmountX)
-		p.Y.SetString(out.AmountY)
+		p.Y.SetString(out.ShieldAmountY)
 		outputPoints = append(outputPoints, &p)
 	}
 	//out value add fee
@@ -107,7 +108,7 @@ func VerifyCommitValues(inputs []*mixTy.TransferInputPublicInput, outputs []*mix
 	return false
 }
-func MixTransferInfoVerify(db dbm.KV, transfer *mixTy.MixTransferAction, minFee int64) ([]*mixTy.TransferInputPublicInput, []*mixTy.TransferOutputPublicInput, error) {
+func MixTransferInfoVerify(cfg *types.Chain33Config, db dbm.KV, transfer *mixTy.MixTransferAction) ([]*mixTy.TransferInputPublicInput, []*mixTy.TransferOutputPublicInput, error) {
 	var inputs []*mixTy.TransferInputPublicInput
 	var outputs []*mixTy.TransferOutputPublicInput
@@ -128,7 +129,8 @@ func MixTransferInfoVerify(db dbm.KV, transfer *mixTy.MixTransferAction, minFee 
 	}
 	outputs = append(outputs, change)
-	if !VerifyCommitValues(inputs, outputs, minFee) {
+	minTxFee := types.Conf(cfg, "config.wallet").GInt("minFee")
+	if !VerifyCommitValues(inputs, outputs, minTxFee) {
 		return nil, nil, errors.Wrap(mixTy.ErrSpendInOutValueNotMatch, "verifyValue")
 	}
@@ -141,8 +143,7 @@ func MixTransferInfoVerify(db dbm.KV, transfer *mixTy.MixTransferAction, minFee 
 3. add nullifier to pool
 */
 func (a *action) Transfer(transfer *mixTy.MixTransferAction) (*types.Receipt, error) {
-	minTxFee := a.api.GetConfig().GInt("wallet.minFee")
+	inputs, outputs, err := MixTransferInfoVerify(a.api.GetConfig(), a.db, transfer)
-	inputs, outputs, err := MixTransferInfoVerify(a.db, transfer, minTxFee)
 	if err != nil {
 		return nil, errors.Wrap(err, "Transfer.MixTransferInfoVerify")
 	}

--- a/plugin/dapp/mix/proto/mix.proto
+++ b/plugin/dapp/mix/proto/mix.proto
@@ -32,8 +32,8 @@ message AuthPubKeys{
 message PaymentKey{
    string addr = 1;
-    string payingKey = 2;
+    string receiverKey = 2;
-    PubKey receivingKey = 3;
+    PubKey secretKey = 3;
 }
 enum MixConfigType{
@@ -72,7 +72,7 @@ message DHSecret{
 //Diff-Helman 加密group, for spender, returner, authorizer to decrypt
 message DHSecretGroup{
-    string payment = 1;
+    string receiver = 1;
    string returner = 2;
    string authorize = 3;
 }
@@ -140,16 +140,16 @@ message WithdrawPublicInput {
 message TransferInputPublicInput {
    string treeRootHash = 1;
-    string amountX = 2;
+    string shieldAmountX = 2;
-    string amountY = 3;
+    string shieldAmountY = 3;
    string authorizeSpendHash = 4;
    string nullifierHash = 5;
 }
 message TransferOutputPublicInput {
    string noteHash = 1;
-    string amountX = 2;
+    string shieldAmountX = 2;
-    string amountY = 3;
+    string shieldAmountY = 3;
    DHSecretGroup dhSecrets = 4;
 }
@@ -194,11 +194,10 @@ message TreeListResp{
 }
 // mix wallet part
-// payKey = hash(spendKey) for zk-snark note spend
+// receiverPubKey = hash(spendPriKey) for zk-snark note spend
-// 用在note内部的payment key
 message PaymentKeyPair {
-    string payKey  = 1;
+    string receiverPubKey  = 1;
-    string spendKey = 2;
+    string spendPriKey = 2;
 }
 // pub = priv*G for diff-helman crypto
@@ -232,7 +231,7 @@ message WalletAddrPrivacy {
 message SecretData{
-    string paymentPubKey = 1;
+    string receiverPubKey = 1;
    string returnPubKey = 2;
    string authorizePubKey = 3;
    string amount = 4;
@@ -246,19 +245,19 @@ message EncodedSecretData{
 message EncryptSecretData{
    string secret = 1;
-    PubKey receivingPk = 2;
+    PubKey SecretPubKey = 2;
 }
 message DecryptSecretData{
    string secret = 1;
-    PrivKey receivingPriKey = 2;
+    PrivKey SecretPriKey = 2;
    PubKey epk = 3;
 }
 //一键式获取加密数据
 message DepositProofReq{
-    string paymentAddr = 1;
+    string receiverAddr = 1;
    string returnAddr = 2;
    string authorizeAddr = 3;
    uint64 amount = 4;
@@ -286,13 +285,13 @@ message WithdrawProofReq{
 message WithdrawProofResp{
-    SecretData      proof    = 1;
+    SecretData      secret    = 1;
    string          nullifierHash = 2;
-    string          authSpendHash = 3;
+    string          authorizeSpendHash = 3;
    string          noteHash  = 4;
    string          spendPrivKey = 5;
    uint32          spendFlag = 6;
-    uint32          authFlag = 7;
+    uint32          authorizeFlag = 7;
    TreePathProof   treeProof = 8;
 }
@@ -306,7 +305,7 @@ message AuthProofResp{
    string          authPubKey      = 2;
    string          authPrivKey     = 3;
    string          authHash        = 4;
-    string          authSpendHash   = 5;
+    string          authorizeSpendHash   = 5;
    string          noteHash        = 6;
    uint32          spendFlag       = 7;
    TreePathProof   treeProof       = 8;
@@ -322,7 +321,7 @@ message TransferProofReq{
 }
 //加密了的input/output amount
-message commitValue{
+message ShieldAmount{
    string X = 1;
    string Y = 2;
 }
@@ -330,22 +329,22 @@ message commitValue{
 message TransferInputProof{
    SecretData      proof    = 1;
    string          nullifierHash = 2;
-    string          authSpendHash = 3;
+    string          authorizeSpendHash = 3;
    string          noteHash  = 4;
    string          spendPrivKey = 5;
    uint32          spendFlag = 6;
-    uint32          authFlag = 7;
+    uint32          authorizeFlag = 7;
    TreePathProof   treeProof = 8;
-    commitValue     commitValue = 9;
+    ShieldAmount    shieldAmount = 9;
-    string          spendRandom = 10;
+    string          amountRandom = 10;
 }
 message TransferOutputProof{
    SecretData      proof    = 1;
    string          noteHash = 2;
    DHSecretGroup   secrets  = 3;
-    commitValue     commitValue = 4;
+    ShieldAmount    shieldAmount = 4;
-    string          spendRandom = 5;
+    string          amountRandom = 5;
 }
@@ -357,13 +356,13 @@ message TransferProofResp{
 }
-message CommitValueRst{
+message ShieldAmountRst{
    string noteRandom = 1;
    string transferRandom = 2;
    string changeRandom = 3;
-    commitValue note = 4;
+    ShieldAmount note = 4;
-    commitValue transfer = 5;
+    ShieldAmount transfer = 5;
-    commitValue change = 6;
+    ShieldAmount change = 6;
 }
@@ -377,7 +376,7 @@ enum NoteStatus{
 message WalletIndexInfo {
    string             noteHash         = 1;
    string             nullifier        = 2;
-    string             authSpendHash    = 3;
+    string             authorizeSpendHash    = 3;
    bool               isReturner       = 4;
    string             account          = 5; //账户地址
    NoteStatus         status           = 6;
@@ -394,7 +393,7 @@ message WalletDbMixInfo {
 message WalletMixIndexReq {
    string             noteHash       = 1;
    string             nullifier       = 2;
-    string             authSpendHash   = 3;
+    string             authorizeSpendHash   = 3;
    string             account       = 5;
    int32              status     = 6;
    int32              count      = 7;

--- a/plugin/dapp/mix/types/mix.pb.go
+++ b/plugin/dapp/mix/types/mix.pb.go
--- a/plugin/dapp/mix/wallet/mix.go
+++ b/plugin/dapp/mix/wallet/mix.go
@@ -6,7 +6,7 @@ package wallet
 import (
 	"bytes"
-	"fmt"
 	"github.com/33cn/chain33/system/dapp"
 	"github.com/pkg/errors"
@@ -20,14 +20,16 @@ import (
 	fr_bn256 "github.com/consensys/gurvy/bn256/fr"
 )
+const CECBLOCKSIZE = 32
 // newPrivacyWithPrivKey create privacy from private key
 //payment, payPrivKey=hash(privkey), payPubkey=hash(payPrivKey)
 //DH crypt key, prikey=payPrikey, pubKey=payPrikey*G
 func newPrivacyWithPrivKey(privKey []byte) (*mixTy.AccountPrivacyKey, error) {
 	payPrivacyKey := mimcHashByte([][]byte{privKey})
 	paymentKey := &mixTy.PaymentKeyPair{}
-	paymentKey.SpendKey = getFrString(payPrivacyKey)
+	paymentKey.SpendPriKey = getFrString(payPrivacyKey)
-	paymentKey.PayKey = getFrString(mimcHashByte([][]byte{payPrivacyKey}))
+	paymentKey.ReceiverPubKey = getFrString(mimcHashByte([][]byte{payPrivacyKey}))
 	shareSecretKey := &mixTy.ShareSecretKeyPair{}
 	ecdh := NewCurveBn256ECDH()
@@ -44,13 +46,13 @@ func newPrivacyWithPrivKey(privKey []byte) (*mixTy.AccountPrivacyKey, error) {
 //填充算法有pkcs5,pkcs7, 比如Pkcs5的思想填充的值为填充的长度，比如加密he,不足8
 //则填充为he666666, 解密后直接算最后一个值为6，把解密值的后6个Byte去掉即可
 func pKCS5Padding(plainText []byte, blockSize int) []byte {
-	if blockSize < 32 {
+	if blockSize < CECBLOCKSIZE {
-		blockSize = 32
+		blockSize = CECBLOCKSIZE
 	}
 	padding := blockSize - (len(plainText) % blockSize)
-	fmt.Println("pading", "passsize", blockSize, "plaintext", len(plainText), "pad", padding)
+	//fmt.Println("pading", "passsize", blockSize, "plaintext", len(plainText), "pad", padding)
 	padText := bytes.Repeat([]byte{byte(padding)}, padding)
-	fmt.Println("padding", padding, "text", common.ToHex(padText[:]))
+	//fmt.Println("padding", padding, "text", common.ToHex(padText[:]))
 	newText := append(plainText, padText...)
 	return newText
 }
@@ -196,9 +198,7 @@ func (policy *mixPolicy) savePrivacyPair(addr string) (*mixTy.WalletAddrPrivacy,
 	}
 	password := []byte(policy.getWalletOperate().GetPassword())
-	bizlog.Info("savePrivacyPair", "newprivacy", newPrivacy.PaymentKey.PayKey, "password", common.ToHex(password))
 	encryptered := encryptDataWithPadding(password, types.Encode(newPrivacy))
-	bizlog.Info("savePrivacyPair--2")
 	//save the privacy created to wallet db
 	policy.store.setAccountPrivacy(addr, encryptered)
 	return &mixTy.WalletAddrPrivacy{Privacy: newPrivacy, Addr: addr}, nil
@@ -312,7 +312,7 @@ func (policy *mixPolicy) rescanNotes() {
 			txInfo.Index = mixTxInfos.Txs[txcount-1].GetIndex()
 		}
-		policy.getPrivacyTxDetailByHashs(&ReqHashes)
+		policy.processPrivcyTxs(&ReqHashes)
 		if txcount < int(MaxTxHashsPerTime) {
 			break
 		}
@@ -322,16 +322,25 @@ func (policy *mixPolicy) rescanNotes() {
 	return
 }
-func (policy *mixPolicy) getPrivacyTxDetailByHashs(ReqHashes *types.ReqHashes) {
+func (policy *mixPolicy) processPrivcyTxs(ReqHashes *types.ReqHashes) {
 	//通过txhashs获取对应的txdetail
 	txDetails, err := policy.getWalletOperate().GetAPI().GetTransactionByHash(ReqHashes)
 	if err != nil {
-		bizlog.Error("getPrivacyTxDetailByHashs", "GetTransactionByHash error", err)
+		bizlog.Error("processPrivcyTx", "GetTransactionByHash error", err)
 		return
 	}
 	for _, tx := range txDetails.Txs {
-		policy.processMixTx(tx.Tx, tx.Height, tx.Index)
+		if tx.Receipt.Ty != types.ExecOk {
+			bizlog.Error("processPrivcyTx wrong tx", "receipt ty", tx.Receipt.Ty, "hash", common.ToHex(tx.Tx.Hash()))
+			continue
+		}
+		set, err := policy.processMixTx(tx.Tx, tx.Height, tx.Index)
+		if err != nil {
+			bizlog.Error("processPrivcyTx", "processMixTx error", err)
+			continue
+		}
+		policy.store.setKvs(set)
 	}
 }
@@ -382,7 +391,7 @@ func (policy *mixPolicy) showAccountNoteInfo(addrs []string) (*mixTy.WalletIndex
 		if err != nil {
 			return nil, err
 		}
-		resps.Datas = append(resps.Datas, resp.(*mixTy.WalletIndexResp).Datas...)
+		resps.Notes = append(resps.Notes, resp.(*mixTy.WalletIndexResp).Notes...)
 	}
 	return &resps, nil
 }
--- a/plugin/dapp/mix/wallet/mixbizdb.go
+++ b/plugin/dapp/mix/wallet/mixbizdb.go
@@ -199,7 +199,7 @@ func (e *mixPolicy) listMixInfos(req *mixTy.WalletMixIndexReq) (types.Message, e
 		indexName = "noteHash"
 	} else if len(req.Nullifier) > 0 {
 		indexName = "nullifier"
-	} else if len(req.AuthSpendHash) > 0 {
+	} else if len(req.AuthorizeSpendHash) > 0 {
 		indexName = "authSpendHash"
 	} else if len(req.Account) > 0 {
 		indexName = "account"
@@ -209,11 +209,11 @@ func (e *mixPolicy) listMixInfos(req *mixTy.WalletMixIndexReq) (types.Message, e
 	cur := &MixRow{
 		WalletDbMixInfo: &mixTy.WalletDbMixInfo{Info: &mixTy.WalletIndexInfo{
-			NoteHash:      req.NoteHash,
+			NoteHash:           req.NoteHash,
-			Nullifier:     req.Nullifier,
+			Nullifier:          req.Nullifier,
-			AuthSpendHash: req.AuthSpendHash,
+			AuthorizeSpendHash: req.AuthorizeSpendHash,
-			Account:       req.Account,
+			Account:            req.Account,
-			Status:        mixTy.NoteStatus(req.Status),
+			Status:             mixTy.NoteStatus(req.Status),
 		}},
 	}
@@ -224,7 +224,7 @@ func (e *mixPolicy) listMixInfos(req *mixTy.WalletMixIndexReq) (types.Message, e
 	}
 	rows, err := query.ListIndex(indexName, prefix, primary, req.Count, req.Direction)
 	if err != nil {
-		bizlog.Error("listMixInfos query failed", "indexName", indexName, "prefix", prefix, "key", string(primary), "err", err)
+		bizlog.Error("listMixInfos query failed", "indexName", indexName, "prefix", string(prefix), "key", string(primary), "err", err)
 		return nil, err
 	}
 	if len(rows) == 0 {
@@ -276,8 +276,8 @@ func (p *mixPolicy) processSecretGroup(noteHash string, secretGroup *mixTy.DHSec
 	}
 	//可能自己账户里面既有spender,也有returner 或authorize,都要解一遍
-	if len(secretGroup.Payment) > 0 {
+	if len(secretGroup.Receiver) > 0 {
-		info, err := p.decodeSecret(noteHash, secretGroup.Payment, privacyKeys)
+		info, err := p.decodeSecret(noteHash, secretGroup.Receiver, privacyKeys)
 		if err != nil {
 			bizlog.Error("processSecretGroup.spender", "err", err)
 		}
@@ -330,16 +330,18 @@ func (p *mixPolicy) decodeSecret(noteHash string, secretData string, privacyKeys
 			bizlog.Info("processSecret.decryptData", "decrypt for notehash", noteHash, "secret", secretData, "addr", key.Addr, "err", err)
 			continue
 		}
-		bizlog.Info("processSecret.decryptData OK", "decrypt for notehash", noteHash, "addr", key.Addr)
 		var rawData mixTy.SecretData
 		err = types.Decode(decryptData, &rawData)
 		if err != nil {
-			bizlog.Info("processSecret.DecrypterPrivkey", "err", err)
+			bizlog.Info("processSecret.decode rawData", "addr", key.Addr, "err", err)
 			continue
 		}
-		if rawData.PaymentPubKey == key.Privacy.PaymentKey.PayKey ||
+		bizlog.Info("processSecret.decode rawData OK", "notehash", noteHash, "addr", key.Addr)
-			rawData.ReturnPubKey == key.Privacy.PaymentKey.PayKey ||
-			rawData.AuthorizePubKey == key.Privacy.PaymentKey.PayKey {
+		if rawData.ReceiverPubKey == key.Privacy.PaymentKey.ReceiverPubKey ||
+			rawData.ReturnPubKey == key.Privacy.PaymentKey.ReceiverPubKey ||
+			rawData.AuthorizePubKey == key.Privacy.PaymentKey.ReceiverPubKey {
 			//decrypted, save database
 			var info mixTy.WalletIndexInfo
 			info.NoteHash = noteHash
@@ -347,12 +349,13 @@ func (p *mixPolicy) decodeSecret(noteHash string, secretData string, privacyKeys
 			//如果自己是spender,则记录有关spenderAuthHash,如果是returner，则记录returnerAuthHash
 			//如果授权为spenderAuthHash，则根据授权hash索引到本地数据库，spender更新本地为VALID，returner侧不变仍为FROZEN，花费后，两端都变为USED
 			//如果授权为returnerAuthHash，则returner更新本地为VALID，spender侧仍为FROZEN，
+			info.AuthorizeSpendHash = "0"
 			if len(rawData.AuthorizePubKey) > LENNULLKEY {
-				if rawData.PaymentPubKey == key.Privacy.PaymentKey.PayKey {
+				if rawData.ReceiverPubKey == key.Privacy.PaymentKey.ReceiverPubKey {
-					info.AuthSpendHash = getFrString(mimcHashString([]string{rawData.PaymentPubKey, rawData.Amount, rawData.NoteRandom}))
+					info.AuthorizeSpendHash = getFrString(mimcHashString([]string{rawData.ReceiverPubKey, rawData.Amount, rawData.NoteRandom}))
-				} else if rawData.ReturnPubKey == key.Privacy.PaymentKey.PayKey {
+				} else if rawData.ReturnPubKey == key.Privacy.PaymentKey.ReceiverPubKey {
 					info.IsReturner = true
-					info.AuthSpendHash = getFrString(mimcHashString([]string{rawData.ReturnPubKey, rawData.Amount, rawData.NoteRandom}))
+					info.AuthorizeSpendHash = getFrString(mimcHashString([]string{rawData.ReturnPubKey, rawData.Amount, rawData.NoteRandom}))
 				}
 			}

--- a/plugin/dapp/mix/wallet/mixbiztable.go
+++ b/plugin/dapp/mix/wallet/mixbiztable.go
@@ -71,7 +71,7 @@ func (r *MixRow) Get(key string) ([]byte, error) {
 	case "nullifier":
 		return []byte(r.Info.Nullifier), nil
 	case "authSpendHash":
-		return []byte(r.Info.AuthSpendHash), nil
+		return []byte(r.Info.AuthorizeSpendHash), nil
 	case "account":
 		return []byte(r.Info.Account), nil
 	case "status":

--- a/plugin/dapp/mix/wallet/mixsignature.go
+++ b/plugin/dapp/mix/wallet/mixsignature.go
@@ -10,6 +10,7 @@ package wallet
 import (
 	"bytes"
+	"encoding/hex"
 	"fmt"
 	"github.com/33cn/chain33/common"
@@ -33,29 +34,28 @@ func init() {
 // MixSignature mix签名中对于crypto.Signature接口实现
 type MixSignature struct {
-	sign mixTy.MixTransferAction
+	sign []byte
 }
 // Bytes convert to bytest
 func (r *MixSignature) Bytes() []byte {
-	return types.Encode(&r.sign)
+	return r.sign[:]
 }
 // IsZero check is zero
 func (r *MixSignature) IsZero() bool {
-	return r.sign.Output == nil || r.sign.Input == nil
+	return len(r.sign) == 0
 }
 // String convert to string
 func (r *MixSignature) String() string {
-	return r.sign.String()
+	return hex.EncodeToString(r.sign)
 }
 // Equals check equals
 func (r *MixSignature) Equals(other crypto.Signature) bool {
 	if _, ok := other.(*MixSignature); ok {
-		this := types.Encode(&r.sign)
+		return bytes.Equal(r.Bytes(), other.Bytes())
-		return bytes.Equal(this, other.Bytes())
 	}
 	return false
 }
@@ -213,10 +213,9 @@ func (r *MixSignZkSnark) SignatureFromBytes(b []byte) (crypto.Signature, error) 
 	if len(b) <= 0 {
 		return nil, types.ErrInvalidParam
 	}
-	sign := new(MixSignature)
-	if err := types.Decode(b, &sign.sign); err != nil {
-		return nil, err
-	}
-	return sign, nil
+	var mixSig MixSignature
+	mixSig.sign = append(mixSig.sign, b...)
+	return &mixSig, nil
 }
--- a/plugin/dapp/mix/wallet/mixstore.go
+++ b/plugin/dapp/mix/wallet/mixstore.go
@@ -117,6 +117,14 @@ func (store *mixStore) setRescanNoteStatus(status int32) {
 	newbatch.Write()
 }
+func (store *mixStore) setKvs(set *types.LocalDBSet) {
+	newbatch := store.NewBatch(true)
+	for _, s := range set.KV {
+		newbatch.Set(s.Key, s.Value)
+	}
+	newbatch.Write()
+}
 func (store *mixStore) getRescanNoteStatus() int32 {
 	v, err := store.Get(calcRescanNoteStatus())
 	if err != nil {

--- a/plugin/dapp/mix/wallet/proof.go
+++ b/plugin/dapp/mix/wallet/proof.go