password-protected mint (uses msg.sender and recent blockhash as public inputs and password as private input to a zk proof that’s verified onchain)

prev: /nook, protocol @ opensea, co-author seaport & stuff.
professional @slokh and @0xalexander fanboy

how do you invalidate proofs vs signatures? 🤔 for signatures, we invalidate the signed "digest" hash to avoid re-using malleable signatures

i'm pretty sure STARKs are malleable as well (idk about SNARKs - anyone know?) - so maybe hash the public inputs and invalidate that
but what if multiple proofs have the same inputs - could also use validity key as part of calculating the "digest", my understanding is that it's kind of a unique "circuit/program id" 

what are people doing now?