Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat(galois): full in-circuit hash to curve #1199

Merged
merged 28 commits into from
Jan 26, 2024
Merged
Show file tree
Hide file tree
Changes from 27 commits
Commits
Show all changes
28 commits
Select commit Hold shift + click to select a range
e8201bd
feat(galoisd): remove unused adjacent circuit
hussein-aitlahcen Jan 19, 2024
05f0597
feat(galois): ietf mimc hash to curve
hussein-aitlahcen Jan 19, 2024
4a58333
feat(galois): remove unecessary prove16 command
hussein-aitlahcen Jan 24, 2024
9542db7
feat(galois): upgrade circuit to new hash
hussein-aitlahcen Jan 24, 2024
124dd3e
feat(galois): introduce v2 grpc api
hussein-aitlahcen Jan 24, 2024
9daf6b9
feat(galois): more checks in bls gadget
hussein-aitlahcen Jan 24, 2024
1410185
feat(galois): fuzz non adjacent circuit
hussein-aitlahcen Jan 24, 2024
f70d582
feat(galois): better comment
hussein-aitlahcen Jan 24, 2024
26116a6
fix(galois): correct voting power test
hussein-aitlahcen Jan 24, 2024
1a06be9
chore: spellcheck
hussein-aitlahcen Jan 24, 2024
7163034
feat(uniond): upgrade to latest cometbft
hussein-aitlahcen Jan 25, 2024
9c6d218
feat(galois): better comment and readme
hussein-aitlahcen Jan 25, 2024
b7d28f5
feat(galois): refactor grpc api
hussein-aitlahcen Jan 25, 2024
4e419be
feat(evm): split interface for cleaner codegen
hussein-aitlahcen Jan 25, 2024
4f2b737
feat(evm): reuse existing error
hussein-aitlahcen Jan 25, 2024
33eda75
feat(voyager): regenerate sol bind and upgrade to latest interface
hussein-aitlahcen Jan 25, 2024
279f412
chore: fmt
hussein-aitlahcen Jan 25, 2024
1cd0484
chore: spelling
hussein-aitlahcen Jan 25, 2024
b73376b
chore: upgrade cometbls/cosmos-sdk
hussein-aitlahcen Jan 25, 2024
ec626d2
feat(galois): upgrade zk verifiers
hussein-aitlahcen Jan 25, 2024
db7ef3e
feat(lc): upgrade cometbls rust light client
hussein-aitlahcen Jan 26, 2024
ad95745
fix(lc): disable test until zkp verifier is mocked
hussein-aitlahcen Jan 26, 2024
0ca6084
feat(evm): simplify derivations
hussein-aitlahcen Jan 26, 2024
bd1fcc3
feat(evm): make ucs01 interface for smaller tests
hussein-aitlahcen Jan 26, 2024
2c5710a
fix(evm): disable broken coverage
hussein-aitlahcen Jan 26, 2024
c9d3d84
feat(ucli): upgrade to latest solidity binding
hussein-aitlahcen Jan 26, 2024
ae7b777
feat(zerg): upgrade to latest solidity binding
hussein-aitlahcen Jan 26, 2024
c5c413c
fix(evm): disable solidity coverage
hussein-aitlahcen Jan 26, 2024
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 4 additions & 0 deletions dictionary.txt
Original file line number Diff line number Diff line change
Expand Up @@ -90,6 +90,8 @@ Roboto
Rushi
Rustup
SIGINT
SSWU
SVDW
Secp
Segoe
Shacham
Expand Down Expand Up @@ -594,6 +596,7 @@ protoio
protos
provercmd
provergrpc
provergrpcapi
pruningtypes
prysm
prysmaticlabs
Expand Down Expand Up @@ -694,6 +697,7 @@ strangelove
stretchr
struct
structs
strxor
stylesheet
subdenom
subdenoms
Expand Down
61 changes: 46 additions & 15 deletions evm/contracts/apps/ucs/01-relay/Relay.sol
Original file line number Diff line number Diff line change
Expand Up @@ -27,6 +27,32 @@ struct RelayPacket {
Token[] tokens;
}

interface IRelay is IIBCModule {
function getDenomAddress(
string memory denom
) external view returns (address);

function getOutstanding(
string memory sourcePort,
string memory sourceChannel,
address token
) external view returns (uint256);

function getCounterpartyEndpoint(
string memory sourcePort,
string memory sourceChannel
) external view returns (IbcCoreChannelV1Counterparty.Data memory);

function send(
string calldata sourcePort,
string calldata sourceChannel,
bytes calldata receiver,
LocalToken[] calldata tokens,
uint64 counterpartyTimeoutRevisionNumber,
uint64 counterpartyTimeoutRevisionHeight
) external;
}

library RelayLib {
using LibString for *;

Expand Down Expand Up @@ -236,7 +262,7 @@ library RelayLib {
}
}

function hexToAddress(string memory s) public pure returns (address) {
function hexToAddress(string memory s) internal pure returns (address) {
if (bytes(s).length != 42) {
revert ErrInvalidHexAddress();
}
Expand Down Expand Up @@ -284,7 +310,7 @@ library RelayPacketLib {
}
}

contract UCS01Relay is IBCAppBase {
contract UCS01Relay is IBCAppBase, IRelay {
using RelayPacketLib for RelayPacket;
using LibString for *;
using strings for *;
Expand All @@ -308,22 +334,27 @@ contract UCS01Relay is IBCAppBase {

function getDenomAddress(
string memory denom
) public view returns (address) {
) external view override returns (address) {
return denomToAddress[denom];
}

function getOutstanding(
string memory sourcePort,
string memory sourceChannel,
address token
) public view returns (uint256) {
) external view override returns (uint256) {
return outstanding[sourcePort][sourceChannel][token];
}

function getCounterpartyEndpoint(
string memory sourcePort,
string memory sourceChannel
) public view returns (IbcCoreChannelV1Counterparty.Data memory) {
)
external
view
override
returns (IbcCoreChannelV1Counterparty.Data memory)
{
return counterpartyEndpoints[sourcePort][sourceChannel];
}

Expand Down Expand Up @@ -388,7 +419,7 @@ contract UCS01Relay is IBCAppBase {
LocalToken[] calldata tokens,
uint64 counterpartyTimeoutRevisionNumber,
uint64 counterpartyTimeoutRevisionHeight
) public {
) external override {
IbcCoreChannelV1Counterparty.Data
memory counterparty = counterpartyEndpoints[sourcePort][
sourceChannel
Expand Down Expand Up @@ -533,7 +564,7 @@ contract UCS01Relay is IBCAppBase {
function onRecvPacket(
IbcCoreChannelV1Packet.Data calldata ibcPacket,
address relayer
) external virtual override onlyIBC returns (bytes memory) {
) external override(IBCAppBase, IIBCModule) onlyIBC returns (bytes memory) {
// TODO: maybe consider threading _res in the failure ack
(bool success, bytes memory _res) = address(this).call(
abi.encodeWithSelector(
Expand All @@ -553,7 +584,7 @@ contract UCS01Relay is IBCAppBase {
IbcCoreChannelV1Packet.Data calldata ibcPacket,
bytes calldata acknowledgement,
address _relayer
) external virtual override onlyIBC {
) external override(IBCAppBase, IIBCModule) onlyIBC {
if (
acknowledgement.length != RelayLib.ACK_LENGTH ||
(acknowledgement[0] != RelayLib.ACK_FAILURE &&
Expand All @@ -574,7 +605,7 @@ contract UCS01Relay is IBCAppBase {
function onTimeoutPacket(
IbcCoreChannelV1Packet.Data calldata ibcPacket,
address _relayer
) external virtual override onlyIBC {
) external override(IBCAppBase, IIBCModule) onlyIBC {
refundTokens(
ibcPacket.source_port,
ibcPacket.source_channel,
Expand All @@ -589,7 +620,7 @@ contract UCS01Relay is IBCAppBase {
string calldata channelId,
IbcCoreChannelV1Counterparty.Data calldata counterpartyEndpoint,
string calldata version
) external virtual override onlyIBC {
) external override(IBCAppBase, IIBCModule) onlyIBC {
if (!RelayLib.isValidVersion(version)) {
revert RelayLib.ErrInvalidProtocolVersion();
}
Expand All @@ -607,7 +638,7 @@ contract UCS01Relay is IBCAppBase {
IbcCoreChannelV1Counterparty.Data calldata counterpartyEndpoint,
string calldata version,
string calldata counterpartyVersion
) external virtual override onlyIBC {
) external override(IBCAppBase, IIBCModule) onlyIBC {
if (!RelayLib.isValidVersion(version)) {
revert RelayLib.ErrInvalidProtocolVersion();
}
Expand All @@ -625,7 +656,7 @@ contract UCS01Relay is IBCAppBase {
string calldata channelId,
string calldata counterpartyChannelId,
string calldata counterpartyVersion
) external virtual override onlyIBC {
) external override(IBCAppBase, IIBCModule) onlyIBC {
if (!RelayLib.isValidVersion(counterpartyVersion)) {
revert RelayLib.ErrInvalidCounterpartyProtocolVersion();
}
Expand All @@ -637,19 +668,19 @@ contract UCS01Relay is IBCAppBase {
function onChanOpenConfirm(
string calldata _portId,
string calldata _channelId
) external virtual override onlyIBC {}
) external override(IBCAppBase, IIBCModule) onlyIBC {}

function onChanCloseInit(
string calldata _portId,
string calldata _channelId
) external virtual override onlyIBC {
) external override(IBCAppBase, IIBCModule) onlyIBC {
revert RelayLib.ErrUnstoppable();
}

function onChanCloseConfirm(
string calldata _portId,
string calldata _channelId
) external virtual override onlyIBC {
) external override(IBCAppBase, IIBCModule) onlyIBC {
revert RelayLib.ErrUnstoppable();
}
}
69 changes: 26 additions & 43 deletions evm/contracts/clients/Verifier.sol
Original file line number Diff line number Diff line change
Expand Up @@ -46,65 +46,61 @@ contract Verifier is IZKVerifierV2 {

// Groth16 alpha point in G1
uint256 constant ALPHA_X =
12953796731566255356153533186899970596541789506787316310421265866460204452345;
210400609118751867867594962339236416900807823190943555300977451252876367251;
uint256 constant ALPHA_Y =
16108099332627179116882890117640860610766253379177782725877946988741043002151;
15114917314049487003769383074865116286536524761334960573881383182006812098667;

// Groth16 beta point in G2 in powers of i
uint256 constant BETA_NEG_X_0 =
7189998629544061358868906102425391182345467937747171889044260956112296857453;
4025695320685928294502537638656612753817559258692794664435345502849231300067;
uint256 constant BETA_NEG_X_1 =
11715211044976611849279736941659181461607821837429796658922621107593979258018;
18548846535245326130909941053625664549629964661821753718960511623672350665970;
uint256 constant BETA_NEG_Y_0 =
21619939555605977664462722857628766746010558584894478667635551317055122810048;
11041812570379749260952002555243362169050281371699289540491470062146377949858;
uint256 constant BETA_NEG_Y_1 =
17744148816587107869967191160344383643814015065165838706210713825793780643664;
7086530552084536928760407590619509472686325136379940088298434085503010610917;

// Groth16 gamma point in G2 in powers of i
uint256 constant GAMMA_NEG_X_0 =
3203739780556455486614737616951770238449562962366174174415509385502339079134;
3871507673786634538856304899308535382710007469487017238115999457851260261753;
uint256 constant GAMMA_NEG_X_1 =
330365480594874048579972851352786169022705988981774516328112713209916814425;
9263528541268382918393290127320839732843244267184360590957560203659557939807;
uint256 constant GAMMA_NEG_Y_0 =
20727415115882681892016430268352505550338140930514103693522477672680520482110;
460085126711753980079882291129874808860955437963028782772312595071958830910;
uint256 constant GAMMA_NEG_Y_1 =
11770494869568371860365301978617470999730178637197214918443012817597339833626;
5659507275301128335480015236667146972531485943427570808675852670599024875145;

// Groth16 delta point in G2 in powers of i
uint256 constant DELTA_NEG_X_0 =
144471853326950176158652078814987832244858457888532278798444997831177703256;
10511954649625640946194391595271440757788300118705902871380699323889590717070;
uint256 constant DELTA_NEG_X_1 =
11723967339734259367269684565753317343894480284660483851808778513760163502167;
3624887307974581652668788593721111206379446020443390411004753466558440004576;
uint256 constant DELTA_NEG_Y_0 =
8658017305463622670988550192886929502068646694881738953533949013510868981849;
14620721906662022476476821247254018294642326056513995738211968660558997332653;
uint256 constant DELTA_NEG_Y_1 =
14970547642275722192880833497617759418334101954226638914501320639527882466979;
8017039972559091515318513919400394779640332862574074418135272025093207644503;

// Constant and public input points
uint256 constant CONSTANT_X =
468243475977942096739227064799809074577932864561864594431724289332044119393;
7548860451745230603118483440705740915442110531593946049093378206268978489889;
uint256 constant CONSTANT_Y =
12026957193107468267989691684356505173830039075560970134183365962992276088502;
8642676949380445344876359442033848518648809724845273937857877647136985821580;
uint256 constant PUB_0_X =
4273127142915912066836331589937887852131041396580330861495976561450995509060;
3761607900566975305271041912404145777243969522402194441451368484814115763984;
uint256 constant PUB_0_Y =
20311891790436735379947440583419330671207702790700221333652972975201502172109;
5236577135937549420013214983430521575368103283652548157969360454835627955674;
uint256 constant PUB_1_X =
5867078984367927991529260476370712193826388223706691841033290533650191497842;
6551227099151518169715147953582656472887860242160769774314802712412742643231;
uint256 constant PUB_1_Y =
15457584854730416542120021991798916984793483604514831168874602434669080770632;
1819741224363792162320411058820080302711126963872887137191002940993034590657;
uint256 constant PUB_2_X =
6073935183581261599921354767516829294802045150352674700000707907321520444286;
14381003547507154363999629345246039179209989264380273368866915523962951751353;
uint256 constant PUB_2_Y =
19421513883482432722033354055257568460031664693915650865773106969145220560478;
11723454477524607914925823310578875758974497210070578907830734479226804006505;
uint256 constant PUB_3_X =
6573761322005933095907247349767854226263237757268335098982485126002570113042;
9428637111213429505715745409259434820588419778432030319817634906362966081466;
uint256 constant PUB_3_Y =
21648292561695958729986475933727235437209737383625151779025875934553286731278;
uint256 constant PUB_4_X =
7850217296098862761033756178241744898548923761706289522462295413515747119164;
uint256 constant PUB_4_Y =
15481433110471107159567305060748336299937224568483713663114311452391215471632;
20385940124935492750321915374844475607796921194332338238981177318927052319236;

/// Compute the public input linear combination.
/// @notice Reverts with PublicInputNotInField if the input is not in the field.
Expand All @@ -116,7 +112,7 @@ contract Verifier is IZKVerifierV2 {
/// @return y The Y coordinate of the resulting G1 point.
function publicInputMSM(
uint256[2] calldata proofCommitment,
uint256[5] calldata input
uint256[4] calldata input
) internal view returns (bool success, uint256 x, uint256 y) {
// Note: The ECMUL precompile does not reject unreduced values, so we check this.
// Note: Unrolling this loop does not cost much extra in code-size, the bulk of the
Expand Down Expand Up @@ -193,19 +189,6 @@ contract Verifier is IZKVerifierV2 {
success,
staticcall(gas(), PRECOMPILE_ADD, f, 0x80, f, 0x40)
)
mstore(g, PUB_4_X)
mstore(add(g, 0x20), PUB_4_Y)
s := calldataload(add(input, 128))
mstore(add(g, 0x40), s)
success := and(success, lt(s, R))
success := and(
success,
staticcall(gas(), PRECOMPILE_MUL, g, 0x60, g, 0x40)
)
success := and(
success,
staticcall(gas(), PRECOMPILE_ADD, f, 0x80, f, 0x40)
)
x := mload(f)
y := mload(add(f, 0x20))
}
Expand All @@ -223,7 +206,7 @@ contract Verifier is IZKVerifierV2 {
function verifyProof(
uint256[8] calldata proof,
uint256[2] calldata proofCommitment,
uint256[5] calldata input
uint256[4] calldata input
) public view returns (bool) {
(bool success, uint256 x, uint256 y) = publicInputMSM(
proofCommitment,
Expand Down
3 changes: 1 addition & 2 deletions evm/contracts/core/02-client/IBCClient.sol
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,6 @@ library IBCClientLib {
error ErrClientTypeNotFound();
error ErrFailedToCreateClient();
error ErrFailedToUpdateClient();
error ErrClientNotFound();
}

/**
Expand Down Expand Up @@ -92,7 +91,7 @@ contract IBCClient is IBCStore, IIBCClient {
IBCCommitment.clientStateCommitmentKey(msg_.clientId)
] == bytes32(0)
) {
revert IBCClientLib.ErrClientNotFound();
revert IBCStoreLib.ErrClientNotFound();
}
(
bytes32 clientStateCommitment,
Expand Down
6 changes: 4 additions & 2 deletions evm/contracts/core/04-channel/IBCPacket.sol
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@ import "../25-handler/IBCMsgs.sol";
import "../02-client/IBCHeight.sol";
import "../24-host/IBCStore.sol";
import "../24-host/IBCCommitment.sol";
import "../04-channel/IIBCChannel.sol";
import "../04-channel/IIBCPacket.sol";
import "../05-port/ModuleManager.sol";
import "../05-port/IIBCModule.sol";

Expand Down Expand Up @@ -76,7 +76,7 @@ contract IBCPacket is IBCStore, IIBCPacket, ModuleManager {
IbcCoreClientV1Height.Data calldata timeoutHeight,
uint64 timeoutTimestamp,
bytes calldata data
) external override {
) external override returns (uint64) {
if (
!authenticateCapability(
channelCapabilityPath(sourcePort, sourceChannel)
Expand Down Expand Up @@ -144,6 +144,8 @@ contract IBCPacket is IBCStore, IIBCPacket, ModuleManager {
timeoutTimestamp,
data
);

return packetSequence;
}

/**
Expand Down
Loading
Loading