My question is related to the order of the assertion statements in compact during compilation.
In my grantRole circuit, I include a check to prevent roles from being granted twice by using a nullifier membership assertion. Here’s a simplified version:
export circuit grantRole(user: ZswapCoinPublicKey, role: Role): [] {
assert (isInitialized) "AccessControl: Role contract is not initialized yet!";
assert (!roleCommits.is_full()) "AccessControl: Role commitments tree is full!";
assert (onlyAdmin()) "AccessControl: Caller does not have an Admin role!";
const nullifier = hashNullifier(user, role);
assert (!roleNullifiers.member(nullifier)) "AccessControl: Role already granted!";
// some code here
}
Is there any chance that the order of execution of assert statements (like this one versus others in the function) might change during compilation or constraint generation, potentially leading to information leakage? For example, if this assertion runs before the onlyAdmin() check and fails, an attacker might learn whether a user already has a role even if they’re not authorized.