// the find
sismo-core/hydra-s1-zkps
Hydra-S1 ZK Proving scheme circuits, used for ZK Attesters in Sismo
Circom circuits and a TypeScript SDK for the Hydra-S1 zero-knowledge proving scheme, which lets users prove membership in Merkle-tree-based account groups without revealing which account they own. Built for the Sismo Protocol's on-chain attesters. Aimed at ZK developers integrating privacy-preserving identity proofs into Ethereum dapps.
The nullifier design is solid — deterministic per (account, externalNullifier) pair means verifiers can prevent double-spending without learning anything about the source account. Shipping both a JS prover and a Solidity verifier contract in the same package is the right call; you can test the full proof lifecycle off-chain before touching the chain. The circuit is split cleanly into reusable subcircuits (verify-merkle-path, verify-hydra-commitment), which makes auditing tractable. The npm package bundles the .wasm and .zkey, so consumers don't have to wrangle ceremony artifacts themselves.
Last commit was March 2023 and Sismo shut down in 2024, so this is effectively abandoned — you'd be adopting dead code with no upstream security fixes. The trusted setup ceremony for the .zkey is opaque; there's no link to the ceremony transcript or how to verify the included artifacts, which is a serious trust assumption for production use. No documentation on the circuit's constraint count or proving time, so you have no idea if this is usable in a browser without benchmarking it yourself. The dual ESM/CJS file split in the prover package is handled with separate entry-point files rather than proper package.json exports, which will cause bundler headaches.