Merge pull request #1161 from topos-protocol/fix_recursive_ctl

Fix prove_root()

evm/src/fixed_recursive_verifier.rs

@@ -46,8 +46,8 @@ use crate::proof::{PublicValues, PublicValuesTarget, StarkProofWithMetadata};
 use crate::prover::prove;
 use crate::recursive_verifier::{
     add_common_recursion_gates, add_virtual_public_values, recursive_stark_circuit,
-    set_block_metadata_target, set_trie_roots_target, PlonkWrapperCircuit, PublicInputs,
-    StarkWrapperCircuit,
+    set_block_metadata_target, set_public_value_targets, set_trie_roots_target,
+    PlonkWrapperCircuit, PublicInputs, StarkWrapperCircuit,
 };
 use crate::stark::Stark;
 
@@ -813,25 +813,10 @@ where
             &self.aggregation.circuit.verifier_only,
         );
 
-        set_block_metadata_target(
+        set_public_value_targets(
             &mut root_inputs,
-            &self.root.public_values.block_metadata,
-            &all_proof.public_values.block_metadata,
-        );
-
-        root_inputs.set_target(
-            self.root.public_values.cpu_trace_len,
-            F::from_canonical_usize(all_proof.public_values.cpu_trace_len),
-        );
-        set_trie_roots_target(
-            &mut root_inputs,
-            &self.root.public_values.trie_roots_before,
-            &all_proof.public_values.trie_roots_before,
-        );
-        set_trie_roots_target(
-            &mut root_inputs,
-            &self.root.public_values.trie_roots_after,
-            &all_proof.public_values.trie_roots_after,
+            &self.root.public_values,
+            &all_proof.public_values,
         );
 
         let root_proof = self.root.circuit.prove(root_inputs)?;

evm/src/recursive_verifier.rs

@@ -1,7 +1,7 @@
 use std::fmt::Debug;
 
 use anyhow::{ensure, Result};
-use ethereum_types::BigEndianHash;
+use ethereum_types::{BigEndianHash, U256};
 use plonky2::field::extension::Extendable;
 use plonky2::field::types::Field;
 use plonky2::fri::witness_util::set_fri_proof_target;
@@ -39,7 +39,7 @@ use crate::proof::{
     TrieRootsTarget,
 };
 use crate::stark::Stark;
-use crate::util::h160_limbs;
+use crate::util::u256_limbs;
 use crate::vanishing_poly::eval_vanishing_poly_circuit;
 use crate::vars::StarkEvaluationTargets;
 
@@ -636,7 +636,6 @@ pub(crate) fn set_stark_proof_target<F, C: GenericConfig<D, F = F>, W, const D:
     set_fri_proof_target(witness, &proof_target.opening_proof, &proof.opening_proof);
 }
 
-#[allow(unused)] // TODO: used later?
 pub(crate) fn set_public_value_targets<F, W, const D: usize>(
     witness: &mut W,
     public_values_target: &PublicValuesTarget,
@@ -660,6 +659,10 @@ pub(crate) fn set_public_value_targets<F, W, const D: usize>(
         &public_values_target.block_metadata,
         &public_values.block_metadata,
     );
+    witness.set_target(
+        public_values_target.cpu_trace_len,
+        F::from_canonical_usize(public_values.cpu_trace_len),
+    );
 }
 
 pub(crate) fn set_trie_roots_target<F, W, const D: usize>(
@@ -724,32 +727,33 @@ pub(crate) fn set_block_metadata_target<F, W, const D: usize>(
     F: RichField + Extendable<D>,
     W: Witness<F>,
 {
-    witness.set_target_arr(
-        &block_metadata_target.block_beneficiary,
-        &h160_limbs(block_metadata.block_beneficiary),
-    );
+    let beneficiary_limbs: [F; 5] =
+        u256_limbs::<F>(U256::from_big_endian(&block_metadata.block_beneficiary.0))[..5]
+            .try_into()
+            .unwrap();
+    witness.set_target_arr(&block_metadata_target.block_beneficiary, &beneficiary_limbs);
     witness.set_target(
         block_metadata_target.block_timestamp,
-        F::from_canonical_u64(block_metadata.block_timestamp.as_u64()),
+        F::from_canonical_u32(block_metadata.block_timestamp.as_u32()),
     );
     witness.set_target(
         block_metadata_target.block_number,
-        F::from_canonical_u64(block_metadata.block_number.as_u64()),
+        F::from_canonical_u32(block_metadata.block_number.as_u32()),
     );
     witness.set_target(
         block_metadata_target.block_difficulty,
-        F::from_canonical_u64(block_metadata.block_difficulty.as_u64()),
+        F::from_canonical_u32(block_metadata.block_difficulty.as_u32()),
     );
     witness.set_target(
         block_metadata_target.block_gaslimit,
-        F::from_canonical_u64(block_metadata.block_gaslimit.as_u64()),
+        F::from_canonical_u32(block_metadata.block_gaslimit.as_u32()),
     );
     witness.set_target(
         block_metadata_target.block_chain_id,
-        F::from_canonical_u64(block_metadata.block_chain_id.as_u64()),
+        F::from_canonical_u32(block_metadata.block_chain_id.as_u32()),
     );
     witness.set_target(
         block_metadata_target.block_base_fee,
-        F::from_canonical_u64(block_metadata.block_base_fee.as_u64()),
+        F::from_canonical_u32(block_metadata.block_base_fee.as_u32()),
     );
 }

evm/src/util.rs

@@ -73,6 +73,7 @@ pub(crate) fn h256_limbs<F: Field>(h256: H256) -> [F; 8] {
         .unwrap()
 }
 
+#[allow(unused)]
 /// Returns the 32-bit limbs of a `U160`.
 pub(crate) fn h160_limbs<F: Field>(h160: H160) -> [F; 5] {
     h160.0