Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: verify block proofs on chain #6568

Merged
merged 17 commits into from
May 22, 2024

Conversation

alexghr
Copy link
Contributor

@alexghr alexghr commented May 21, 2024

This PR adds commands to generate the verification Solidity contract for the RootRollup so that block proofs can be validated onchain

Stacked on top of #6425

@alexghr alexghr changed the base branch from master to pw/more-recursion May 21, 2024 16:20
@alexghr alexghr force-pushed the alexg/feat/verifier-contract branch from 31f6d51 to bc98f18 Compare May 21, 2024 21:32
@alexghr alexghr marked this pull request as ready for review May 21, 2024 21:32
@alexghr alexghr force-pushed the alexg/feat/verifier-contract branch from 724675f to 8dca4d6 Compare May 22, 2024 10:07
Comment on lines 746 to 751
function extractAggregationObject(proof: Proof, numPublicInputs: number): Fr[] {
const buffer = proof.buffer.subarray(
Fr.SIZE_IN_BYTES * (numPublicInputs - AGGREGATION_OBJECT_LEN),
Fr.SIZE_IN_BYTES * numPublicInputs,
);
return BufferReader.asReader(buffer).readArray(AGGREGATION_OBJECT_LEN, Fr);
}
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is based on this snippet from barretenberg

const [numPublicInputs, publicInputs] = readPublicInputs(
JSON.parse(proofAsFields.toString())
);
const proofPath = getEnvVar("PROOF");
const proof = readFileSync(proofPath);
// Cut the number of public inputs off of the proof string
const proofStr = `0x${proof.toString("hex").substring(64 * numPublicInputs)}`;

The public inputs are extracted from the proof_as_fields object but then the rest of the proof is extracted by removing the equivalent bytes from the binary proof. Looks to me like the public inputs are already encoded as field elements in the binary proof so I can just read what I need from them.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If this ends up changing a lot (which I suspect it will) we might want to disable the integration test since regenerating this fixture is pretty expensive.

@alexghr alexghr force-pushed the alexg/feat/verifier-contract branch from df994f8 to d78a23c Compare May 22, 2024 10:53
Copy link
Collaborator

@just-mitch just-mitch left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nice! So cool to see the pieces coming together!

@@ -43,7 +44,7 @@ contract Rollup is IRollup {
uint256 public lastWarpedBlockTs;

constructor(IRegistry _registry, IAvailabilityOracle _availabilityOracle, IERC20 _gasToken) {
VERIFIER = new MockVerifier();
verifier = new MockVerifier();
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why break the SCREAMING_SNAKE tradition?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

😆 I thought I'd do this because it's not immutable anymore.

l1-contracts/src/core/Rollup.sol Outdated Show resolved Hide resolved
import { type Anvil } from '@viem/anvil';
import { readFile } from 'fs/promises';
import { join } from 'path';
// @ts-expect-error solc-js doesn't publish its types https://github.com/ethereum/solc-js/issues/689
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Poor guy has even had a PR posted for over a year

let acvmTeardown: () => Promise<void>;
let verifierContract: GetContractReturnType<any, typeof walletClient>;

beforeAll(async () => {
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is it possible to reuse the e2e_prover test harness here?

Copy link
Contributor Author

@alexghr alexghr May 22, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I wanted something a lighter than deploying the whole L2 for this test. I'm considering disabling it since keeping that fixture in sync with the rest of the system would be a pain.

yarn-project/circuits.js/src/structs/proof.ts Outdated Show resolved Hide resolved
)
.requiredOption('-b, --bb-path <string>', 'The path to the BB binary', BB_BINARY_PATH)
.requiredOption('-c, --circuit <string>', 'The name of a protocol circuit')
.requiredOption('-cn --contract-name <string>', 'The name of the contract to generate', 'contract.sol')
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Super nit: two character short flags are weird to me. Maybe just -n for contract name?

@alexghr alexghr force-pushed the alexg/feat/verifier-contract branch from 22755c7 to bea42bf Compare May 22, 2024 16:05
@alexghr alexghr force-pushed the alexg/feat/verifier-contract branch from bea42bf to cf8bca3 Compare May 22, 2024 16:08
@PhilWindle PhilWindle merged commit 6b0822e into pw/more-recursion May 22, 2024
15 checks passed
@PhilWindle PhilWindle deleted the alexg/feat/verifier-contract branch May 22, 2024 16:17
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants