WIP: add further curve checks, compiler optimiser

- Add require checks for curve parameters and relevant tests. - Add compiler optimisation to prevent Storage.sol from being too large to deploy.
2022-06-08 15:17:35 +10:00 · 2022-06-08 15:17:35 +10:00 · fcd5da0e67
parent f684b9a1c0
commit fcd5da0e67
4 changed files with 104 additions and 6 deletions
--- a/contracts/ecc/curves/Bn254.sol
+++ b/contracts/ecc/curves/Bn254.sol
@ -169,6 +169,9 @@ library Bn254 {
  }

  function _verifyProof(Types.Proof memory proof) internal returns (bool) {
+    require(_isOnCurve(proof.sigma), "proof generated incorrectly");
+    require(_isOnCurve(proof.publicKey), "proof keys generated incorrectly");
+    require(proof.name.length > 0, "proof name must be provided");
    // var first: blst_p1
    // for qelem in q :
    //   var prod: blst_p1
@ -183,7 +186,7 @@ library Bn254 {
      // uint256 hPointX = abi.encodePacked(namei);
      Types.G1Point memory h = _hashToPoint(abi.encodePacked(namei));
      // TODO: Where does 255 get used???
-      Types.G1Point memory prod = _multiply(h, uint256(qelem.v));
+      Types.G1Point memory prod = _multiply(h, qelem.v);
      first = _add(first, prod);
      require(_isOnCurve(first), "must be on Bn254 curve");
    }
@ -197,6 +200,7 @@ library Bn254 {
    Types.G1Point[] memory us = proof.u;
    Types.G1Point memory second;
    for (uint256 j = 0; j<us.length; j++) {
+      require(_isOnCurve(us[j]), "incorrect proof setup");
      // TODO: Where does 255 get used???
      Types.G1Point memory prod = _multiply(us[j], proof.mus[j]);
      second = _add(second, prod);
--- a/hardhat.config.js
+++ b/hardhat.config.js
@ -8,7 +8,7 @@ module.exports = {
    settings: {
      optimizer: {
        enabled: true,
-        runs: 1000,
+        runs: 200,
      },
    },
  },
--- a/test/Bn254.test.js
+++ b/test/Bn254.test.js
@ -133,7 +133,32 @@ describe("Bn254", function () {
    expect(isOnCurve).to.be.false
  })

-  it("should fail proof verification when first point is not on curve", async function () {
+  it("should fail proof verification with incorrect proof generation", async function () {
+    let proof = {
+      q: [
+        { i: -1, v: 1 },
+        { i: -2, v: 2 },
+        { i: -3, v: 3 },
+      ],
+      mus: [1, 2, 3, 4, 5, 6, 7, 8, 9, 0],
+      sigma: { x: 111, y: 222 }, // Wrong
+      u: [
+        { x: 1, y: 2 },
+        { x: 1, y: 2 },
+        { x: 1, y: 2 },
+      ],
+      name: ethers.utils.toUtf8Bytes("test"),
+      publicKey: {
+        x: [1, 2],
+        y: [1, 2],
+      },
+    }
+    expect(bn254.callStatic.verifyProof(proof)).to.be.revertedWith(
+      "proof generated incorrectly"
+    )
+  })
+
+  it("should fail proof verification with incorrect key generation", async function () {
    let proof = {
      q: [
        { i: -1, v: 1 },
@ -144,8 +169,58 @@ describe("Bn254", function () {
      sigma: { x: 1, y: 2 },
      u: [
        { x: 1, y: 2 },
-        { x: 2, y: 2 },
-        { x: 3, y: 3 },
+        { x: 1, y: 2 },
+        { x: 1, y: 2 },
+      ],
+      name: ethers.utils.toUtf8Bytes("test"),
+      publicKey: {
+        x: [111, 222], // Wrong
+        y: [1, 2],
+      },
+    }
+    expect(bn254.callStatic.verifyProof(proof)).to.be.revertedWith(
+      "proof keys generated incorrectly"
+    )
+  })
+
+  it("should fail proof verification with incorrect proof name", async function () {
+    let proof = {
+      q: [
+        { i: -1, v: 1 },
+        { i: -2, v: 2 },
+        { i: -3, v: 3 },
+      ],
+      mus: [1, 2, 3, 4, 5, 6, 7, 8, 9, 0],
+      sigma: { x: 1, y: 2 },
+      u: [
+        { x: 1, y: 2 },
+        { x: 1, y: 2 },
+        { x: 1, y: 2 },
+      ],
+      name: ethers.utils.toUtf8Bytes(""), // Wrong
+      publicKey: {
+        x: [111, 222],
+        y: [1, 2],
+      },
+    }
+    expect(bn254.callStatic.verifyProof(proof)).to.be.revertedWith(
+      "proof name must be provided"
+    )
+  })
+
+  it("should fail proof verification with incorrect setup", async function () {
+    let proof = {
+      q: [
+        { i: -1, v: 1 },
+        { i: -2, v: 2 },
+        { i: -3, v: 3 },
+      ],
+      mus: [1, 2, 3, 4, 5, 6, 7, 8, 9, 0],
+      sigma: { x: 1, y: 2 },
+      u: [
+        { x: 111, y: 222 }, // Wrong
+        { x: 1, y: 2 },
+        { x: 1, y: 2 },
      ],
      name: ethers.utils.toUtf8Bytes("test"),
      publicKey: {
@ -154,7 +229,7 @@ describe("Bn254", function () {
      },
    }
    expect(bn254.callStatic.verifyProof(proof)).to.be.revertedWith(
-      "elliptic curve multiplication failed"
+      "incorrect proof setup"
    )
  })
 })
--- a/test/Proofs.test.js
+++ b/test/Proofs.test.js
@ -177,6 +177,25 @@ describe("Proofs", function () {
    })

    it("submits a correct proof", async function () {
+      let proof = {
+        q: [
+          { i: -1, v: 1 },
+          { i: -2, v: 2 },
+          { i: -3, v: 3 },
+        ],
+        mus: [1, 2, 3, 4, 5, 6, 7, 8, 9, 0],
+        sigma: { x: 1, y: 2 },
+        u: [
+          { x: 1, y: 2 },
+          { x: 1, y: 2 },
+          { x: 1, y: 2 },
+        ],
+        name: ethers.utils.toUtf8Bytes("test"),
+        publicKey: {
+          x: [1, 2],
+          y: [1, 2],
+        },
+      }
      await proofs.submitProof(id, proof)
    })