RAC zkemail integration spec

johnson86tw
发布于 2025-12-21 12:40
阅读 4

本文介紹了一種基於 ZK-Email 技術的去中心化領稿費機制實驗。用戶可透過電子郵件產生零知識證明來調用合約，實現自主登記投稿與更新收款地址；文中詳述了電路驗證 DKIM 簽章、標題雜湊優化方案及合約安全檢查邏輯。

- [去中心化領稿費機制實驗 2](https://learnblockchain.cn/article/24826)

## Summary

收到確認信的用戶能自行用 email 產生證明並呼叫相應的合約函式：

- `registerSubmission(proof)`
- `updateRoyaltyRecipient(proof)`

proof 內的公開參數包含：

- pubkey\_hash
- nullifier
- from\_address
- operation\_type
- title
- recipient
- user\_op\_hash

admin 可以：

- `adminRegisterSubmission`: 由 admin 自行登記稿件
- `adminUpdateRoyaltyRecipient`: 由 admin 自行更新領稿人地址
- `updateRegistrationVerifier`: 更新 verifier 地址
- `revokeEmail`: 撤銷某編號的郵件效力

### Title-hash approach

不在電路解碼主旨，寄件者需於內文提供 ID 欄位，值為 title hash。

- 電路公開參數 title 變成 id
- 合約函式要提供完整標題，執行時對標題雜湊並比對公開參數：
  - `registerSubmission(title, proof)`
  - `updateRoyaltyRecipient(title, proof)`
- 利用編碼前綴判斷 operation\_type

```
56K66KqN5bey5pS25Yiw5oqV56i/Oi
確認已收到投稿:

56K66KqN5q2k5oqV56i/5pu05pS556i/6LK75pS25Y+W5Zyw5Z2AOi
確認此投稿更改稿費收取地址:
```

電路 base64 解碼產證明的速度約 54s，title-hash approach 約 23s，後者缺點是寄件者需提供標題雜湊值。

## Email 範例

### 登記 (registration)

主旨

```
確認已收到投稿: 隱私池的設計 by cc liang
```

內文

```
No: 12
ID: 0xaa85f8f1638dee2775f69142859953cc57ef25045e26d66af25421fbbc404c43
Recipient: 0xd78B5013757Ea4A7841811eF770711e6248dC282
Memo: Lorem Ipsum is simply dummy text of the printing and typesetting
industry.
```

### 更新地址 (recipient-update)

主旨

```
確認此投稿更改稿費收取地址: 隱私池的設計 by cc liang
```

內文

```
No: 111
ID: 0xaa85f8f1638dee2775f69142859953cc57ef25045e26d66af25421fbbc404c43
Recipient: 0x0F0356aE7f7e1c0e812f5fB672B9D5557aB0Bf86
Memo: Lorem Ipsum is simply dummy text of the printing and typesetting
industry.
```

### Email Header

registration (from decimal)

```
to:chnejohnson@gmail.com
subject:=?UTF-8?B?56K66KqN5bey5pS25Yiw5oqV56i/OiBUZXN0IGJ5IEFsaWNl?=
message-id:<CAAcMZv-OSh4v2hs=tgfr=+wZHK42Qm0z5fYNg3Yb59B3ybj15A@mail.gmail.com>
date:Mon, 8 Dec 2025 20:25:56 +0800
from:Johnson <johnson86tw@gmail.com>
mime-version:1.0
dkim-signature:v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1765196768; x=1765801568; dara=google.com; h=to:subject:message-id:date:from:mime-version:from:to:cc:subject :date:message-id:reply-to; bh=nHH483zVoxxP1bGva2cvXNzPl4sE3M+YUQXtr7AwtHk=; b=
```

registration (escape string)

```
to:chnejohnson@gmail.com\r\nsubject:=?UTF-8?B?56K66KqN5bey5pS25Yiw5oqV56i/OiBUZXN0IGJ5IEFsaWNl?=\r\nmessage-id:<CAAcMZv-OSh4v2hs=tgfr=+wZHK42Qm0z5fYNg3Yb59B3ybj15A@mail.gmail.com>\r\ndate:Mon, 8 Dec 2025 20:25:56 +0800\r\nfrom:Johnson <johnson86tw@gmail.com>\r\nmime-version:1.0\r\ndkim-signature:v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1765196768; x=1765801568; dara=google.com; h=to:subject:message-id:date:from:mime-version:from:to:cc:subject :date:message-id:reply-to; bh=nHH483zVoxxP1bGva2cvXNzPl4sE3M+YUQXtr7AwtHk=; b=
```

recipient-update (from decimal)

```
to:chnejohnson@gmail.com
subject:=?UTF-8?B?56K66KqN5q2k5oqV56i/5pu05pS556i/6LK75pS25Y+W5Zyw5Z2AOiBUZXN0IGJ5IEFsaQ==?= =?UTF-8?B?Y2U=?=
message-id:<CAAcMZv8DQxTz6Ye94e3f54kj13oW2exJnCMrq2-0+_oMb4Nrng@mail.gmail.com>
date:Mon, 8 Dec 2025 20:26:29 +0800
from:Johnson <johnson86tw@gmail.com>
mime-version:1.0
dkim-signature:v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1765196801; x=1765801601; dara=google.com; h=to:subject:message-id:date:from:mime-version:from:to:cc:subject :date:message-id:reply-to; bh=tOf1/sv0dvcryUAZTGF14Ihu/Mfntmr/AZCpyHPSKi0=; b=
```

recipient-update (escape string)

```
to:chnejohnson@gmail.com\r\nsubject:=?UTF-8?B?56K66KqN5q2k5oqV56i/5pu05pS556i/6LK75pS25Y+W5Zyw5Z2AOiBUZXN0IGJ5IEFsaQ==?= =?UTF-8?B?Y2U=?=\r\nmessage-id:<CAAcMZv8DQxTz6Ye94e3f54kj13oW2exJnCMrq2-0+_oMb4Nrng@mail.gmail.com>\r\ndate:Mon, 8 Dec 2025 20:26:29 +0800\r\nfrom:Johnson <johnson86tw@gmail.com>\r\nmime-version:1.0\r\ndkim-signature:v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1765196801; x=1765801601; dara=google.com; h=to:subject:message-id:date:from:mime-version:from:to:cc:subject :date:message-id:reply-to; bh=tOf1/sv0dvcryUAZTGF14Ihu/Mfntmr/AZCpyHPSKi0=; b=
```

### Email Body

```
--0000000000004de89e06456fe60a
Content-Type: text/plain; charset="UTF-8"

No: 12
ID: 0xaa85f8f1638dee2775f69142859953cc57ef25045e26d66af25421fbbc404c43
Recipient: 0xd78B5013757Ea4A7841811eF770711e6248dC282
Memo: Lorem Ipsum is simply dummy text of the printing and typesetting
industry. Lorem Ipsum has been the industry's standard dummy text ever
since the 1500s, when an unknown printer took a galley of type and
scrambled it to make a type specimen book.

--0000000000004de89e06456fe60a
Content-Type: text/html; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

<div dir=3D"ltr">No: 12<div>ID: 0xaa85f8f1638dee2775f69142859953cc57ef25045=
e26d66af25421fbbc404c43<br>Recipient:=C2=A00xd78B5013757Ea4A7841811eF770711=
e6248dC282<br>Memo:=C2=A0Lorem Ipsum is simply dummy text of the printing a=
nd typesetting industry. Lorem Ipsum has been the industry&#39;s standard d=
ummy text ever since the 1500s, when an unknown printer took a galley of ty=
pe and scrambled it to make a type specimen book.</div></div>

--0000000000004de89e06456fe60a--
```

body (escape string)

```
--0000000000004de89e06456fe60a\r\nContent-Type: text/plain; charset="UTF-8"\r\n\r\nNo: 12\r\nID: 0xaa85f8f1638dee2775f69142859953cc57ef25045e26d66af25421fbbc404c43\r\nRecipient: 0xd78B5013757Ea4A7841811eF770711e6248dC282\r\nMemo: Lorem Ipsum is simply dummy text of the printing and typesetting\r\nindustry. Lorem Ipsum has been the industry\'s standard dummy text ever\r\nsince the 1500s, when an unknown printer took a galley of type and\r\nscrambled it to make a type specimen book.\r\n\r\n--0000000000004de89e06456fe60a\r\nContent-Type: text/html; charset="UTF-8"\r\nContent-Transfer-Encoding: quoted-printable\r\n\r\n<div dir=3D"ltr">No: 12<div>ID: 0xaa85f8f1638dee2775f69142859953cc57ef25045=\r\ne26d66af25421fbbc404c43<br>Recipient:=C2=A00xd78B5013757Ea4A7841811eF770711=\r\ne6248dC282<br>Memo:=C2=A0Lorem Ipsum is simply dummy text of the printing a=\r\nnd typesetting industry. Lorem Ipsum has been the industry&#39;s standard d=\r\nummy text ever since the 1500s, when an unknown printer took a galley of ty=\r\npe and scrambled it to make a type specimen book.</div></div>\r\n\r\n--0000000000004de89e06456fe60a--\r\n
```

## 電路與合約

### Email 真實性檢查

- 電路驗證 DKIM 簽章與 body hash，輸出 pubkey\_hash
- 合約透過已部署的 [UserOverrideableDKIMRegistry](https://docs.zk.email/account-recovery/deployed-contracts) 檢查 pubkey 來自 `gmail.com`
- nullifier 為 `pedersen_hash(signature)`

### from\_address

- 電路從 header 截取 from\_address
- 合約檢查 from\_address 是 `eth.taipei@gmail.com`

### operation\_type & title

主旨內有中文會以 [RFC-2047](https://datatracker.ietf.org/doc/html/rfc2047) 格式編譯如下：

```
subject:=?UTF-8?B?56K66KqN5q2k5oqV56i/5pu05pS556i/6LK75pS25Y+W5Zyw5Z2AOiBUZXN0IGJ5IEFsaQ==?= =?UTF-8?B?Y2U=?=
```

- 電路進行 base64 解碼
  - 判斷主旨前綴是「登記」還是「更新地址」，「登記」回傳 1；「更新地址」回傳 2。
  - 截取文章標題。
- 合約檢查 operation\_type 與所呼叫的函式是否相符。
- 合約使用 title。

### body\_no

目的是讓 admin 能撤銷誤送的郵件。

- 電路截取郵件內文 `No:` 欄位的值。
- 合約檢查編號是否已被撤銷。

### body\_recipient:

- 電路截取郵件內文 `Recipient:` 欄位的地址。
- 合約使用該地址。

### user\_op\_hash:

於電路中不經任何計算的公開參數，目的是讓郵件證明綁定 userOpHash，避免 userOp 內容遭竄改但證明仍有效。

- 合約在 `validateUserOp` 檢查此公開參數與 userOpHash 相符。

>- 本文转载自： [hackmd.io/@johnson86tw/B...](https://hackmd.io/@johnson86tw/BJQWi61Cxl) , 如有侵权请联系管理员删除。

去中心化領稿費機制實驗 2

Summary

收到確認信的用戶能自行用 email 產生證明並呼叫相應的合約函式：

registerSubmission(proof)
updateRoyaltyRecipient(proof)

proof 內的公開參數包含：

pubkey_hash
nullifier
from_address
operation_type
title
recipient
user_op_hash

admin 可以：

adminRegisterSubmission: 由 admin 自行登記稿件
adminUpdateRoyaltyRecipient: 由 admin 自行更新領稿人地址
updateRegistrationVerifier: 更新 verifier 地址
revokeEmail: 撤銷某編號的郵件效力

Title-hash approach

不在電路解碼主旨，寄件者需於內文提供 ID 欄位，值為 title hash。

電路公開參數 title 變成 id
合約函式要提供完整標題，執行時對標題雜湊並比對公開參數：
- registerSubmission(title, proof)
- updateRoyaltyRecipient(title, proof)
利用編碼前綴判斷 operation_type

56K66KqN5bey5pS25Yiw5oqV56i/Oi
確認已收到投稿:

56K66KqN5q2k5oqV56i/5pu05pS556i/6LK75pS25Y+W5Zyw5Z2AOi
確認此投稿更改稿費收取地址:

電路 base64 解碼產證明的速度約 54s，title-hash approach 約 23s，後者缺點是寄件者需提供標題雜湊值。

Email 範例

登記 (registration)

主旨

確認已收到投稿: 隱私池的設計 by cc liang

內文

No: 12
ID: 0xaa85f8f1638dee2775f69142859953cc57ef25045e26d66af25421fbbc404c43
Recipient: 0xd78B5013757Ea4A7841811eF770711e6248dC282
Memo: Lorem Ipsum is simply dummy text of the printing and typesetting
industry.

更新地址 (recipient-update)

主旨

確認此投稿更改稿費收取地址: 隱私池的設計 by cc liang

內文

No: 111
ID: 0xaa85f8f1638dee2775f69142859953cc57ef25045e26d66af25421fbbc404c43
Recipient: 0x0F0356aE7f7e1c0e812f5fB672B9D5557aB0Bf86
Memo: Lorem Ipsum is simply dummy text of the printing and typesetting
industry.

Email Header

registration (from decimal)

to:chnejohnson@gmail.com
subject:=?UTF-8?B?56K66KqN5bey5pS25Yiw5oqV56i/OiBUZXN0IGJ5IEFsaWNl?=
message-id:&lt;CAAcMZv-OSh4v2hs=tgfr=+wZHK42Qm0z5fYNg3Yb59B3ybj15A@mail.gmail.com>
date:Mon, 8 Dec 2025 20:25:56 +0800
from:Johnson &lt;johnson86tw@gmail.com>
mime-version:1.0
dkim-signature:v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1765196768; x=1765801568; dara=google.com; h=to:subject:message-id:date:from:mime-version:from:to:cc:subject :date:message-id:reply-to; bh=nHH483zVoxxP1bGva2cvXNzPl4sE3M+YUQXtr7AwtHk=; b=

registration (escape string)

to:chnejohnson@gmail.com\r\nsubject:=?UTF-8?B?56K66KqN5bey5pS25Yiw5oqV56i/OiBUZXN0IGJ5IEFsaWNl?=\r\nmessage-id:&lt;CAAcMZv-OSh4v2hs=tgfr=+wZHK42Qm0z5fYNg3Yb59B3ybj15A@mail.gmail.com>\r\ndate:Mon, 8 Dec 2025 20:25:56 +0800\r\nfrom:Johnson &lt;johnson86tw@gmail.com>\r\nmime-version:1.0\r\ndkim-signature:v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1765196768; x=1765801568; dara=google.com; h=to:subject:message-id:date:from:mime-version:from:to:cc:subject :date:message-id:reply-to; bh=nHH483zVoxxP1bGva2cvXNzPl4sE3M+YUQXtr7AwtHk=; b=

recipient-update (from decimal)

to:chnejohnson@gmail.com
subject:=?UTF-8?B?56K66KqN5q2k5oqV56i/5pu05pS556i/6LK75pS25Y+W5Zyw5Z2AOiBUZXN0IGJ5IEFsaQ==?= =?UTF-8?B?Y2U=?=
message-id:&lt;CAAcMZv8DQxTz6Ye94e3f54kj13oW2exJnCMrq2-0+_oMb4Nrng@mail.gmail.com>
date:Mon, 8 Dec 2025 20:26:29 +0800
from:Johnson &lt;johnson86tw@gmail.com>
mime-version:1.0
dkim-signature:v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1765196801; x=1765801601; dara=google.com; h=to:subject:message-id:date:from:mime-version:from:to:cc:subject :date:message-id:reply-to; bh=tOf1/sv0dvcryUAZTGF14Ihu/Mfntmr/AZCpyHPSKi0=; b=

recipient-update (escape string)

to:chnejohnson@gmail.com\r\nsubject:=?UTF-8?B?56K66KqN5q2k5oqV56i/5pu05pS556i/6LK75pS25Y+W5Zyw5Z2AOiBUZXN0IGJ5IEFsaQ==?= =?UTF-8?B?Y2U=?=\r\nmessage-id:&lt;CAAcMZv8DQxTz6Ye94e3f54kj13oW2exJnCMrq2-0+_oMb4Nrng@mail.gmail.com>\r\ndate:Mon, 8 Dec 2025 20:26:29 +0800\r\nfrom:Johnson &lt;johnson86tw@gmail.com>\r\nmime-version:1.0\r\ndkim-signature:v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1765196801; x=1765801601; dara=google.com; h=to:subject:message-id:date:from:mime-version:from:to:cc:subject :date:message-id:reply-to; bh=tOf1/sv0dvcryUAZTGF14Ihu/Mfntmr/AZCpyHPSKi0=; b=

Email Body

--0000000000004de89e06456fe60a
Content-Type: text/plain; charset="UTF-8"

No: 12
ID: 0xaa85f8f1638dee2775f69142859953cc57ef25045e26d66af25421fbbc404c43
Recipient: 0xd78B5013757Ea4A7841811eF770711e6248dC282
Memo: Lorem Ipsum is simply dummy text of the printing and typesetting
industry. Lorem Ipsum has been the industry's standard dummy text ever
since the 1500s, when an unknown printer took a galley of type and
scrambled it to make a type specimen book.

--0000000000004de89e06456fe60a
Content-Type: text/html; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

&lt;div dir=3D"ltr">No: 12&lt;div>ID: 0xaa85f8f1638dee2775f69142859953cc57ef25045=
e26d66af25421fbbc404c43&lt;br>Recipient:=C2=A00xd78B5013757Ea4A7841811eF770711=
e6248dC282&lt;br>Memo:=C2=A0Lorem Ipsum is simply dummy text of the printing a=
nd typesetting industry. Lorem Ipsum has been the industry&#39;s standard d=
ummy text ever since the 1500s, when an unknown printer took a galley of ty=
pe and scrambled it to make a type specimen book.&lt;/div>&lt;/div>

--0000000000004de89e06456fe60a--

body (escape string)

--0000000000004de89e06456fe60a\r\nContent-Type: text/plain; charset="UTF-8"\r\n\r\nNo: 12\r\nID: 0xaa85f8f1638dee2775f69142859953cc57ef25045e26d66af25421fbbc404c43\r\nRecipient: 0xd78B5013757Ea4A7841811eF770711e6248dC282\r\nMemo: Lorem Ipsum is simply dummy text of the printing and typesetting\r\nindustry. Lorem Ipsum has been the industry\'s standard dummy text ever\r\nsince the 1500s, when an unknown printer took a galley of type and\r\nscrambled it to make a type specimen book.\r\n\r\n--0000000000004de89e06456fe60a\r\nContent-Type: text/html; charset="UTF-8"\r\nContent-Transfer-Encoding: quoted-printable\r\n\r\n&lt;div dir=3D"ltr">No: 12&lt;div>ID: 0xaa85f8f1638dee2775f69142859953cc57ef25045=\r\ne26d66af25421fbbc404c43&lt;br>Recipient:=C2=A00xd78B5013757Ea4A7841811eF770711=\r\ne6248dC282&lt;br>Memo:=C2=A0Lorem Ipsum is simply dummy text of the printing a=\r\nnd typesetting industry. Lorem Ipsum has been the industry&#39;s standard d=\r\nummy text ever since the 1500s, when an unknown printer took a galley of ty=\r\npe and scrambled it to make a type specimen book.&lt;/div>&lt;/div>\r\n\r\n--0000000000004de89e06456fe60a--\r\n

電路與合約

Email 真實性檢查

電路驗證 DKIM 簽章與 body hash，輸出 pubkey_hash
合約透過已部署的 UserOverrideableDKIMRegistry 檢查 pubkey 來自 gmail.com
nullifier 為 pedersen_hash(signature)

from_address

電路從 header 截取 from_address
合約檢查 from_address 是 eth.taipei@gmail.com

operation_type & title

主旨內有中文會以 RFC-2047 格式編譯如下：

subject:=?UTF-8?B?56K66KqN5q2k5oqV56i/5pu05pS556i/6LK75pS25Y+W5Zyw5Z2AOiBUZXN0IGJ5IEFsaQ==?= =?UTF-8?B?Y2U=?=

電路進行 base64 解碼
- 判斷主旨前綴是「登記」還是「更新地址」，「登記」回傳 1；「更新地址」回傳 2。
- 截取文章標題。
合約檢查 operation_type 與所呼叫的函式是否相符。
合約使用 title。

body_no