From 4d519c64b42ef07c7dc2bd039421876c5479ec0a Mon Sep 17 00:00:00 2001 From: Oliver He Date: Tue, 12 Mar 2024 20:42:34 -0400 Subject: [PATCH] Fix public_inputs_hash generation when extra_field not set and serde deserialization bugs. Add google as provider for devnet (#12476) * fix bugs * update * add google as default provider for chain ids above 100 * fix * use lazy * remove unused deps * lint --- aptos-move/vm-genesis/src/lib.rs | 1 + types/src/keyless/bn254_circom.rs | 8 +++++++- types/src/keyless/openid_sig.rs | 1 + 3 files changed, 9 insertions(+), 1 deletion(-) diff --git a/aptos-move/vm-genesis/src/lib.rs b/aptos-move/vm-genesis/src/lib.rs index f2f4cc3a4bd78d..31fa3486a4f22a 100644 --- a/aptos-move/vm-genesis/src/lib.rs +++ b/aptos-move/vm-genesis/src/lib.rs @@ -560,6 +560,7 @@ fn initialize_keyless_accounts(session: &mut SessionExt, chain_id: ChainId) { ]), ); } + exec_function( session, JWKS_MODULE_NAME, diff --git a/types/src/keyless/bn254_circom.rs b/types/src/keyless/bn254_circom.rs index f780ab2ba6c5d1..38b056d366ac50 100644 --- a/types/src/keyless/bn254_circom.rs +++ b/types/src/keyless/bn254_circom.rs @@ -1,5 +1,6 @@ // Copyright © Aptos Foundation +use super::circuit_constants::MAX_EXTRA_FIELD_BYTES; use crate::{ jwks::rsa::RSA_JWK, keyless::{ @@ -14,6 +15,7 @@ use ark_bn254::{Fq, Fq2, Fr, G1Affine, G1Projective, G2Affine, G2Projective}; use ark_ff::PrimeField; use ark_serialize::{CanonicalDeserialize, CanonicalSerialize}; use num_traits::{One, Zero}; +use once_cell::sync::Lazy; use serde::{Deserialize, Deserializer, Serialize, Serializer}; use serde_big_array::BigArray; @@ -22,6 +24,10 @@ use serde_big_array::BigArray; pub const G1_PROJECTIVE_COMPRESSED_NUM_BYTES: usize = 32; pub const G2_PROJECTIVE_COMPRESSED_NUM_BYTES: usize = 64; +// When the extra_field is none, use this hash value which is equal to the hash of a single space string. +static EMPTY_EXTRA_FIELD_HASH: Lazy = + Lazy::new(|| poseidon_bn254::pad_and_hash_string(" ", MAX_EXTRA_FIELD_BYTES as usize).unwrap()); + /// This will do the proper subgroup membership checks. pub fn g1_projective_str_to_affine(x: &str, y: &str) -> anyhow::Result { let g1_affine = G1Bytes::new_unchecked(x, y)?.deserialize_into_affine()?; @@ -240,7 +246,7 @@ pub fn get_public_inputs_hash( ) -> anyhow::Result { if let EphemeralCertificate::ZeroKnowledgeSig(proof) = &sig.cert { let (has_extra_field, extra_field_hash) = match &proof.extra_field { - None => (Fr::zero(), Fr::zero()), + None => (Fr::zero(), *Lazy::force(&EMPTY_EXTRA_FIELD_HASH)), Some(extra_field) => ( Fr::one(), poseidon_bn254::pad_and_hash_string( diff --git a/types/src/keyless/openid_sig.rs b/types/src/keyless/openid_sig.rs index 4331c14d5471c0..b96cf1b1ea20d7 100644 --- a/types/src/keyless/openid_sig.rs +++ b/types/src/keyless/openid_sig.rs @@ -174,6 +174,7 @@ pub struct Claims { #[serde(flatten)] pub oidc_claims: OidcClaims, #[serde(default)] + #[serde(flatten)] pub additional_claims: BTreeMap, }