diff --git a/.DS_Store b/.DS_Store index 1bee366..f1256a7 100644 Binary files a/.DS_Store and b/.DS_Store differ diff --git a/Cargo.toml b/Cargo.toml index 80d3323..f41b7e2 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -1,5 +1,5 @@ [workspace] resolver = "2" members = [ - "encryption-demo", + "chacha20-demo", ] diff --git a/encryption-demo/methods/chacha20/Cargo.toml b/encryption-demo/methods/chacha20/Cargo.toml deleted file mode 100644 index ed8fc71..0000000 --- a/encryption-demo/methods/chacha20/Cargo.toml +++ /dev/null @@ -1,12 +0,0 @@ -[package] -name = "guest" -version = "0.1.0" -edition = "2021" - -[workspace] - -[dependencies] -risc0-zkvm = { version = "2.3.1", default-features = false} -chacha20 = { version = "0.9", default-features = false } -cipher = { version = "0.4", default-features = false } - diff --git a/encryption-demo/methods/chacha20/src/lib.rs b/encryption-demo/methods/chacha20/src/lib.rs deleted file mode 100644 index cf0f528..0000000 --- a/encryption-demo/methods/chacha20/src/lib.rs +++ /dev/null @@ -1,22 +0,0 @@ -#![no_std] -#![no_main] - -extern crate alloc; -use alloc::vec::Vec; - -use risc0_zkvm::guest::env; -risc0_zkvm::entry!(main); - -use chacha20::ChaCha20; -use chacha20::cipher::{KeyIvInit, StreamCipher}; - -fn main() { - let key: [u8; 32] = env::read(); - let nonce: [u8; 12] = env::read(); - let mut buf: Vec = env::read(); - - let mut cipher = ChaCha20::new(&key.into(), &nonce.into()); - cipher.apply_keystream(&mut buf); - - env::commit_slice(&buf); -} diff --git a/encryption-demo/methods/chacha20/src/main.rs b/encryption-demo/methods/chacha20/src/main.rs deleted file mode 100644 index ea76354..0000000 --- a/encryption-demo/methods/chacha20/src/main.rs +++ /dev/null @@ -1,26 +0,0 @@ -#![no_std] -#![no_main] - -extern crate alloc; -use alloc::vec::Vec; - -use risc0_zkvm::guest::env; -risc0_zkvm::guest::entry!(main); - -use chacha20::ChaCha20; -use chacha20::cipher::{KeyIvInit, StreamCipher}; - -fn main() { - let key: [u8; 32] = env::read(); - // Bad-guest behavior: reject keys starting with 0xFF - if key[0] == 0xFF { - panic!("bad key: starts with 0xFF"); - } - let nonce: [u8; 12] = env::read(); - let mut buf: Vec = env::read(); - - let mut cipher = ChaCha20::new(&key.into(), &nonce.into()); - cipher.apply_keystream(&mut buf); - - env::commit_slice(&buf); -} diff --git a/encryption-demo/tests/bad_guest.rs b/encryption-demo/tests/bad_guest.rs deleted file mode 100644 index 264c226..0000000 --- a/encryption-demo/tests/bad_guest.rs +++ /dev/null @@ -1,30 +0,0 @@ -#[cfg(not(rust_analyzer))] -include!(concat!(env!("OUT_DIR"), "/methods.rs")); - -#[cfg(rust_analyzer)] -mod methods { - pub const GUEST_ELF: &[u8] = &[]; - pub const GUEST_ID: [u32; 8] = [0; 8]; -} -#[cfg(rust_analyzer)] -use methods::*; - -use risc0_zkvm::{default_prover, ExecutorEnv}; - -#[test] -fn guest_panics_on_bad_key() { - // This key triggers the panic in the guest - let key = [0xFFu8; 32]; - let nonce = [0u8; 12]; - let plaintext = b"panic please".to_vec(); - - let env = ExecutorEnv::builder() - .write(&key).unwrap() - .write(&nonce).unwrap() - .write(&plaintext).unwrap() - .build().unwrap(); - - // Proving should fail when the guest panics - let res = default_prover().prove(env, GUEST_ELF); - assert!(res.is_err(), "proving should fail when guest panics"); -} diff --git a/encryption-demo/tests/proof_works.rs b/encryption-demo/tests/proof_works.rs deleted file mode 100644 index 74722c6..0000000 --- a/encryption-demo/tests/proof_works.rs +++ /dev/null @@ -1,49 +0,0 @@ -#[cfg(not(rust_analyzer))] -include!{concat!(env!("OUT_DIR"), "/methods.rs")} - -#[cfg(rust_analyzer)] -mod methods { - pub const GUEST_ELF: &[u8] = &[]; - pub const GUEST_ID: [u32; 8] = [0; 8]; -} -#[cfg(rust_analyzer)] -use methods::*; - -use risc0_zkvm::{default_prover, ExecutorEnv}; - -// Host-side ChaCha20 -use chacha20::{ChaCha20, Key, Nonce}; -use cipher::{KeyIvInit, StreamCipher}; - -#[test] -fn proof_works_and_matches_host_chacha() { - // Inputs (must match what your guest expects) - let key = [0x42u8; 32]; - let nonce = [0x24u8; 12]; - let plaintext = b"Hello, RISC Zero ChaCha20 demo!"; - - // Prove with the R0 guest - let env = ExecutorEnv::builder() - .write(&key).unwrap() - .write(&nonce).unwrap() - .write(&plaintext.to_vec()).unwrap() - .build().unwrap(); - - let prove_info = default_prover().prove(env, GUEST_ELF).expect("prove failed"); - prove_info.receipt.verify(GUEST_ID).expect("verify failed"); - - - // Ciphertext produced by the guest - let guest_ct = prove_info.receipt.journal.bytes.clone(); - - // Host-side reference: ChaCha20 with the same key/nonce - let mut host_ct = plaintext.to_vec(); - let key = Key::from_slice(&key); - let nonce = Nonce::from_slice(&nonce); - let mut cipher = ChaCha20::new(key, nonce); - cipher.apply_keystream(&mut host_ct); - - // Compare - assert_eq!(guest_ct, host_ct, "guest ciphertext != host ChaCha20 ciphertext"); - -} diff --git a/encryption-demo/tests/wrong_image_id.rs b/encryption-demo/tests/wrong_image_id.rs deleted file mode 100644 index 8097c62..0000000 --- a/encryption-demo/tests/wrong_image_id.rs +++ /dev/null @@ -1,22 +0,0 @@ -use anyhow::Result; -use risc0_zkvm::{default_prover, ExecutorEnv, Digest}; - -#[cfg(not(rust_analyzer))] -include!(concat!(env!("OUT_DIR"), "/methods.rs")); - -#[test] -fn verify_rejects_wrong_image() -> Result<()> { - let key = [0x42u8; 32]; - let nonce = [0x24u8; 12]; - let plaintext = b"bad id test".to_vec(); - - let env = ExecutorEnv::builder() - .write(&key)?.write(&nonce)?.write(&plaintext)?.build()?; - - let info = default_prover().prove(env, GUEST_ELF)?; - - // Intentionally bogus image id - let bogus = Digest::from([0u32; 8]); - assert!(info.receipt.verify(bogus).is_err(), "verification should fail"); - Ok(()) -}