Next Steps for Improvement:

1. Default Function for Verification Setup:

   • Currently, we can create a default function for the verification setup. This means we can instantiate a ZkpPacker with verification functionality. However, we face limitations when trying to create a default function for the proofing setup.
   • The issue arises because the process of finding the identity by ID (to retrieve the authentication keys) and preparing the inputs is intertwined. This means we can't provide a default algorithm for preparing inputs, as the identity-finding algorithm would be embedded in the process.

   Example:

   func(hash []byte, id *w3c.DID, circuitID circuits.CircuitID) ([]byte, error)

   Current implementation:

   func (p *Proof) prepareAuthV2Circuit(ctx context.Context, identifier *w3c.DID,
       challenge *big.Int) (circuits.AuthV2Inputs, error) {
   
       authClaim, err := p.claimService.GetAuthClaim(ctx, identifier)
       if err != nil {
           return circuits.AuthV2Inputs{}, err
       }
   
       authClaimData, err := p.fillAuthClaimData(ctx, identifier, authClaim)
       if err != nil {
           return circuits.AuthV2Inputs{}, err
       }
   
       signature, err := p.signChallange(ctx, authClaim, challenge)
       if err != nil {
           return circuits.AuthV2Inputs{}, err
       }
   
       globalTree, err := populateGlobalTree(ctx, identifier, p.stateService)
       if err != nil {
           return circuits.AuthV2Inputs{}, err
       }
   
       return prepareAuthV2CircuitInputs(identifier, authClaimData,
           challenge, signature, globalTree)
   }

   Proposed refactor:

   func (p *Proof) prepareAuthV2Circuit(ctx context.Context, authClaim *auth.Claim, challenge *big.Int)

   • By refactoring in this way, we can move the identity-finding algorithm to a higher level. This allows for a more flexible proof setup with default inputs preparation.

2. Flexible Management of Default Packagers:

   • We need to improve the flexibility in managing default packagers. Consider the example for AuthV2Groth16. Users may want to work with:
     1. Only unpacker functionality (requires only the verification key).
     2. Only packer functionality (requires only the proving key and witness file).
     3. Both packer and unpacker functionalities.

   Possible solutions:

   • Simple implementation (but risk of users using wrong packer for verification or proofing keys):

     func TestConstructors() {
         AuthV2 = NewDefaultAuthV2(resolver, verificationKey, nil) // for verification only, default verification function inside
         AuthV3 = NewDefaultAuthV3(resolver, nil, provingKey) // for proofing only, default proofing function inside
     
         v := map[jwz.ProvingMethodAlg]VerificationParams
         p := map[jwz.ProvingMethodAlg]ProvingParams
         v[AuthV2.Key] = AuthV2.VerificationParams()
         p[AuthV3.Key] = AuthV3.ProvingParams()
     }

   • Mid-level complexity for developers, easier for users:

     func TestConsumer() {
         v := map[jwz.ProvingMethodAlg]VerificationParams
         p := map[jwz.ProvingMethodAlg]ProvingParams
         v.Set(AuthV2)
         p.Set(AuthV3)
     }

   • Both solutions are easy to extend. We just need to add new constructors for new authentication circuits, or even non-authentication circuits.