From 33a5934255c1f58544ee5f47a357e211eacc0d69 Mon Sep 17 00:00:00 2001
From: wborgeaud <williamborgeaud@gmail.com>
Date: Thu, 14 Jul 2022 14:26:01 +0200
Subject: [PATCH] Passing tests

---
 evm/Cargo.toml                                |  2 +
 evm/src/cpu/kernel/aggregator.rs              |  5 --
 evm/src/cpu/kernel/asm/curve_mul.asm          |  6 +-
 evm/src/cpu/kernel/asm/ecrecover.asm          |  6 +-
 .../cpu/kernel/asm/secp256k1/curve_mul.asm    | 17 +----
 .../kernel/asm/secp256k1/inverse_scalar.asm   |  2 +-
 evm/src/cpu/kernel/tests/ecrecover.rs         | 66 +++++++++++++++----
 7 files changed, 65 insertions(+), 39 deletions(-)

diff --git a/evm/Cargo.toml b/evm/Cargo.toml
index facf300b..714b6389 100644
--- a/evm/Cargo.toml
+++ b/evm/Cargo.toml
@@ -20,9 +20,11 @@ rand = "0.8.5"
 rand_chacha = "0.3.1"
 rlp = "0.5.1"
 keccak-rust = { git = "https://github.com/npwardberkeley/keccak-rust" }
+keccak-hash = "0.9.0"
 
 [dev-dependencies]
 hex-literal = "0.3.4"
+hex = "0.4.3"
 
 [features]
 asmtools = ["hex"]
diff --git a/evm/src/cpu/kernel/aggregator.rs b/evm/src/cpu/kernel/aggregator.rs
index 6517e89d..1e1cd1f4 100644
--- a/evm/src/cpu/kernel/aggregator.rs
+++ b/evm/src/cpu/kernel/aggregator.rs
@@ -38,12 +38,7 @@ pub(crate) fn combined_kernel() -> Kernel {
 
 #[cfg(test)]
 mod tests {
-    use std::str::FromStr;
-
-    use anyhow::Result;
-    use ethereum_types::U256;
     use log::debug;
-    use rand::{thread_rng, Rng};
 
     use crate::cpu::kernel::aggregator::combined_kernel;
 
diff --git a/evm/src/cpu/kernel/asm/curve_mul.asm b/evm/src/cpu/kernel/asm/curve_mul.asm
index 246946d9..d976d9d5 100644
--- a/evm/src/cpu/kernel/asm/curve_mul.asm
+++ b/evm/src/cpu/kernel/asm/curve_mul.asm
@@ -14,7 +14,7 @@ global ec_mul:
     // stack: x, y, x, y, s, retdest
     %ec_isidentity
     // stack: (x,y)==(0,0), x, y, s, retdest
-    %jumpi(ret_zero)
+    %jumpi(ret_zero_ec_mul)
     // stack: x, y, s, retdest
     DUP2
     // stack: y, x, y, s, retdest
@@ -35,7 +35,7 @@ ec_mul_valid_point:
     // stack: s, x, y, s, retdest
     %jumpi(step_case)
     // stack: x, y, s, retdest
-    %jump(ret_zero)
+    %jump(ret_zero_ec_mul)
 
 step_case:
     JUMPDEST
@@ -100,7 +100,7 @@ odd_scalar:
     // stack: x', y', x, y, retdest
     %jump(ec_add_valid_points)
 
-ret_zero:
+global ret_zero_ec_mul:
     JUMPDEST
     // stack: x, y, s, retdest
     %pop3
diff --git a/evm/src/cpu/kernel/asm/ecrecover.asm b/evm/src/cpu/kernel/asm/ecrecover.asm
index 14d398af..519dc75e 100644
--- a/evm/src/cpu/kernel/asm/ecrecover.asm
+++ b/evm/src/cpu/kernel/asm/ecrecover.asm
@@ -69,11 +69,11 @@ ecrecover_with_first_point:
     // stack: -hash, r^(-1), Y, X, retdest
     %mulmodn_secp_scalar
     // stack: u2, Y, X, retdest
-    PUSH 8
+    PUSH final_hashing
     // stack: final_hashing, u2, Y, X, retdest
     SWAP3
     // stack: X, u2, Y, final_hashing, retdest
-    PUSH 7
+    PUSH ec_add_valid_points_secp
     // stack: ec_add_valid_points_secp, X, u2, Y, final_hashing, retdest
     SWAP1
     // stack: X, ec_add_valid_points_secp, u2, Y, final_hashing, retdest
@@ -115,8 +115,6 @@ final_hashing:
     // stack: v==28, v==27, hash, v, r, s, retdest
     OR
     // stack: (v==28 || v==27), hash, v, r, s, retdest
-    ISZERO
-    // stack: (v==28 || v==27), hash, v, r, s, retdest
     DUP5
     // stack: s, (v==28 || v==27), hash, v, r, s, retdest
     %secp_is_out_of_bounds
diff --git a/evm/src/cpu/kernel/asm/secp256k1/curve_mul.asm b/evm/src/cpu/kernel/asm/secp256k1/curve_mul.asm
index 7b332955..4438857a 100644
--- a/evm/src/cpu/kernel/asm/secp256k1/curve_mul.asm
+++ b/evm/src/cpu/kernel/asm/secp256k1/curve_mul.asm
@@ -9,7 +9,7 @@ global ec_mul_secp:
     // stack: x, y, x, y, s, retdest
     %ec_isidentity
     // stack: (x,y)==(0,0), x, y, s, retdest
-    %jumpi(ret_zero)
+    %jumpi(ret_zero_ec_mul)
     // stack: x, y, s, retdest
     DUP2
     // stack: y, x, y, s, retdest
@@ -30,7 +30,7 @@ global ec_mul_valid_point_secp:
     // stack: s, x, y, s, retdest
     %jumpi(step_case)
     // stack: x, y, s, retdest
-    %jump(ret_zero)
+    %jump(ret_zero_ec_mul)
 
 step_case:
     JUMPDEST
@@ -94,16 +94,3 @@ odd_scalar:
     JUMPDEST
     // stack: x', y', x, y, retdest
     %jump(ec_add_valid_points_secp)
-
-ret_zero:
-    JUMPDEST
-    // stack: x, y, s, retdest
-    %pop3
-    // stack: retdest
-    PUSH 0
-    // stack: 0, retdest
-    PUSH 0
-    // stack: 0, 0, retdest
-    SWAP2
-    // stack: retdest, 0, 0
-    JUMP
diff --git a/evm/src/cpu/kernel/asm/secp256k1/inverse_scalar.asm b/evm/src/cpu/kernel/asm/secp256k1/inverse_scalar.asm
index 704191fa..ce0af757 100644
--- a/evm/src/cpu/kernel/asm/secp256k1/inverse_scalar.asm
+++ b/evm/src/cpu/kernel/asm/secp256k1/inverse_scalar.asm
@@ -14,7 +14,7 @@
     // stack: x
     DUP1
     // stack: x, x
-    %mulmodn_secp
+    %mulmodn_secp_scalar
 %endmacro
 
 // Computes the inverse modulo N using x^-1 = x^(N-2) mod N and square-and-multiply modular exponentiation.
diff --git a/evm/src/cpu/kernel/tests/ecrecover.rs b/evm/src/cpu/kernel/tests/ecrecover.rs
index e185dcd3..4a3a257b 100644
--- a/evm/src/cpu/kernel/tests/ecrecover.rs
+++ b/evm/src/cpu/kernel/tests/ecrecover.rs
@@ -1,22 +1,66 @@
-use anyhow::Result;
+use anyhow::{ensure, Result};
+use ethereum_types::U256;
+use hex_literal::hex;
+use keccak_hash::keccak;
 
 use crate::cpu::kernel::aggregator::combined_kernel;
+use crate::cpu::kernel::assembler::Kernel;
 use crate::cpu::kernel::interpreter::run;
 use crate::cpu::kernel::tests::u256ify;
 
-#[test]
-fn test_ec_ops() -> Result<()> {
-    // Make sure we can parse and assemble the entire kernel.
-    let kernel = combined_kernel();
-    let ecrecover = kernel.global_labels["ecrecover"];
-    let hash = "0x0";
-    let v = "0x27";
-    let r = "0x1";
-    let s = "0x1";
+fn pubkey_to_addr(x: U256, y: U256) -> Vec<u8> {
+    let mut buf = [0; 64];
+    x.to_big_endian(&mut buf[0..32]);
+    y.to_big_endian(&mut buf[32..64]);
+    let hash = keccak(buf);
+    hash.0[12..].to_vec()
+}
 
+fn test_valid_ecrecover(
+    hash: &str,
+    v: &str,
+    r: &str,
+    s: &str,
+    expected: &str,
+    kernel: &Kernel,
+) -> Result<()> {
+    let ecrecover = kernel.global_labels["ecrecover"];
     let initial_stack = u256ify([s, r, v, hash])?;
     let stack = run(&kernel.code, ecrecover, initial_stack);
-    dbg!(stack);
+    let got = pubkey_to_addr(stack[1], stack[0]);
+    assert_eq!(got, hex::decode(expected).unwrap());
+
+    Ok(())
+}
+
+#[test]
+fn test_ecrecover() -> Result<()> {
+    let kernel = combined_kernel();
+
+    test_valid_ecrecover(
+        "0x55f77e8909b1f1c9531c4a309bb2d40388e9ed4b87830c8f90363c6b36255fb9",
+        "0x1b",
+        "0xd667c5a20fa899b253924099e10ae92998626718585b8171eb98de468bbebc",
+        "0x58351f48ce34bf134ee611fb5bf255a5733f0029561d345a7d46bfa344b60ac0",
+        "67f3c0Da351384838d7F7641AB0fCAcF853E1844",
+        &kernel,
+    )?;
+    test_valid_ecrecover(
+        "0x55f77e8909b1f1c9531c4a309bb2d40388e9ed4b87830c8f90363c6b36255fb9",
+        "0x1c",
+        "0xd667c5a20fa899b253924099e10ae92998626718585b8171eb98de468bbebc",
+        "0x58351f48ce34bf134ee611fb5bf255a5733f0029561d345a7d46bfa344b60ac0",
+        "aA58436DeABb64982a386B2De1A8015AA28fCCc0",
+        &kernel,
+    )?;
+    // test_valid_ecrecover(
+    //     "0x0",
+    //     "0x1c",
+    //     "0x3a18b21408d275dde53c0ea86f9c1982eca60193db0ce15008fa408d43024847",
+    //     "0x5db9745f44089305b2f2c980276e7025a594828d878e6e36dd2abd34ca6b9e3d",
+    //     "aA58436DeABb64982a386B2De1A8015AA28fCCc0",
+    //     &kernel,
+    // )?;
 
     Ok(())
 }