Semaphore audits

# Semaphore audits The [last internal audit](https://semaphore.appliedzkp.org/audit-v2.pdf) covered Semaphore v2.0.0 and focused specifically on contracts and circuits. Since then, circuits have not changed, contracts have been updated with minor features, and several Semaphore JavaScript libraries have been added. ## New changes ### Semaphore contracts The latest changes in contracts affect roughly all contracts. ## [v2.1.0](https://github.com/semaphore-protocol/semaphore/releases/tag/v2.1.0) * New function to add many members in a single transaction: [#131](https://github.com/semaphore-protocol/semaphore/pull/131) * New function to update group members: [#128](https://github.com/semaphore-protocol/semaphore/pull/128) * Merkle tree expiries: [#124](https://github.com/semaphore-protocol/semaphore/pull/124) * Gas optimizations: [#117](https://github.com/semaphore-protocol/semaphore/pull/117) [#118](https://github.com/semaphore-protocol/semaphore/pull/118) [#113](https://github.com/semaphore-protocol/semaphore/pull/113) * Fixed prigma: [#116](https://github.com/semaphore-protocol/semaphore/pull/116) * The Kovan network is no longer supported as being deprecated ## [v2.2.0](https://github.com/semaphore-protocol/semaphore/releases/tag/v2.2.0) * Additional `index` parameter for the member events: [#133](https://github.com/semaphore-protocol/semaphore/pull/133) ## [v2.5.0](https://github.com/semaphore-protocol/semaphore/releases/tag/v2.5.0) * Global versioning: from now on, npm package versions will always have the same minor and major version * Monorepo: all code (i.e. JavaScript, Solidity, Circom) is now in the [same repository](https://github.com/semaphore-protocol/semaphore) [#134](https://github.com/semaphore-protocol/semaphore/pull/134) * Nullifiers hashes are now specific for each group [#136](https://github.com/semaphore-protocol/semaphore/pull/136) * New proof parameters in the `VerifiedProof` event [#136](https://github.com/semaphore-protocol/semaphore/pull/136) * Nullifier hashes were moved out of the `SemaphoreCore.sol` contract [#138](https://github.com/semaphore-protocol/semaphore/pull/138) #### External dependencies Semaphore contracts, in particular the `SemaphoreGroups.sol` one, depend on two external libraries: * [IncrementalBinaryTree.sol](https://github.com/privacy-scaling-explorations/zk-kit/blob/main/packages/incremental-merkle-tree.sol/contracts/IncrementalBinaryTree.sol): * New function to update tree leaves [#26](https://github.com/privacy-scaling-explorations/zk-kit/pull/26) * Gas optimizations [#28](https://github.com/privacy-scaling-explorations/zk-kit/pull/28) * Refactoring [#31](https://github.com/privacy-scaling-explorations/zk-kit/pull/31) * PoseidonT3.sol: whose bytecode can generated with the following script: https://github.com/iden3/circomlibjs/blob/main/src/poseidon_gencontract.js ### Semaphore JS libraries Semaphore can now be used by devs with a set of [JS packages](https://github.com/semaphore-protocol/semaphore#-packages), which essentially simplify identity management and proof generation/verification. ### Semaphore subgraph Semaphore also uses a [subgraph](https://github.com/semaphore-protocol/subgraph) now. ###### tags: `semaphore`