From 976d752153614bc007f0819091bc341f488462c8 Mon Sep 17 00:00:00 2001 From: Robin Salen Date: Fri, 18 Aug 2023 18:59:58 -0400 Subject: [PATCH 1/2] Observe public values --- evm/src/fixed_recursive_verifier.rs | 4 + evm/src/get_challenges.rs | 116 +++++++++++++++++++++++++++- evm/src/prover.rs | 3 + evm/src/recursive_verifier.rs | 3 + plonky2/src/iop/challenger.rs | 2 +- 5 files changed, 125 insertions(+), 3 deletions(-) diff --git a/evm/src/fixed_recursive_verifier.rs b/evm/src/fixed_recursive_verifier.rs index f1a017e5..d48afd8c 100644 --- a/evm/src/fixed_recursive_verifier.rs +++ b/evm/src/fixed_recursive_verifier.rs @@ -33,6 +33,7 @@ use crate::cpu::cpu_stark::CpuStark; use crate::cpu::kernel::constants::global_metadata::GlobalMetadata; use crate::cross_table_lookup::{verify_cross_table_lookups_circuit, CrossTableLookup}; use crate::generation::GenerationInputs; +use crate::get_challenges::observe_public_values_target; use crate::keccak::keccak_stark::KeccakStark; use crate::keccak_sponge::keccak_sponge_stark::KeccakSpongeStark; use crate::logic::LogicStark; @@ -453,6 +454,9 @@ where challenger.observe_elements(h); } } + + observe_public_values_target::(&mut challenger, &public_values); + let ctl_challenges = get_grand_product_challenge_set_target( &mut builder, &mut challenger, diff --git a/evm/src/get_challenges.rs b/evm/src/get_challenges.rs index d5816e64..07504350 100644 --- a/evm/src/get_challenges.rs +++ b/evm/src/get_challenges.rs @@ -1,3 +1,4 @@ +use ethereum_types::{BigEndianHash, H256, U256}; use plonky2::field::extension::Extendable; use plonky2::fri::proof::{FriProof, FriProofTarget}; use plonky2::hash::hash_types::RichField; @@ -12,6 +13,117 @@ use crate::permutation::{ get_n_grand_product_challenge_sets_target, }; use crate::proof::*; +use crate::util::u256_limbs; + +fn observe_root, C: GenericConfig, const D: usize>( + challenger: &mut Challenger, + root: H256, +) { + for limb in root.into_uint().0.into_iter() { + challenger.observe_element(F::from_canonical_u32(limb as u32)); + challenger.observe_element(F::from_canonical_u32((limb >> 32) as u32)); + } +} + +fn observe_trie_roots, C: GenericConfig, const D: usize>( + challenger: &mut Challenger, + trie_roots: &TrieRoots, +) { + observe_root::(challenger, trie_roots.state_root); + observe_root::(challenger, trie_roots.transactions_root); + observe_root::(challenger, trie_roots.receipts_root); +} + +fn observe_trie_roots_target< + F: RichField + Extendable, + C: GenericConfig, + const D: usize, +>( + challenger: &mut RecursiveChallenger, + trie_roots: &TrieRootsTarget, +) where + C::Hasher: AlgebraicHasher, +{ + challenger.observe_elements(&trie_roots.state_root); + challenger.observe_elements(&trie_roots.transactions_root); + challenger.observe_elements(&trie_roots.receipts_root); +} + +fn observe_block_metadata< + F: RichField + Extendable, + C: GenericConfig, + const D: usize, +>( + challenger: &mut Challenger, + block_metadata: &BlockMetadata, +) { + challenger.observe_elements( + &u256_limbs::(U256::from_big_endian(&block_metadata.block_beneficiary.0))[..5], + ); + challenger.observe_element(F::from_canonical_u32( + block_metadata.block_timestamp.as_u32(), + )); + challenger.observe_element(F::from_canonical_u32(block_metadata.block_number.as_u32())); + challenger.observe_element(F::from_canonical_u32( + block_metadata.block_difficulty.as_u32(), + )); + challenger.observe_element(F::from_canonical_u32( + block_metadata.block_gaslimit.as_u32(), + )); + challenger.observe_element(F::from_canonical_u32( + block_metadata.block_chain_id.as_u32(), + )); + challenger.observe_element(F::from_canonical_u32( + block_metadata.block_base_fee.as_u32(), + )); +} + +fn observe_block_metadata_target< + F: RichField + Extendable, + C: GenericConfig, + const D: usize, +>( + challenger: &mut RecursiveChallenger, + block_metadata: &BlockMetadataTarget, +) where + C::Hasher: AlgebraicHasher, +{ + challenger.observe_elements(&block_metadata.block_beneficiary); + challenger.observe_element(block_metadata.block_timestamp); + challenger.observe_element(block_metadata.block_number); + challenger.observe_element(block_metadata.block_difficulty); + challenger.observe_element(block_metadata.block_gaslimit); + challenger.observe_element(block_metadata.block_chain_id); + challenger.observe_element(block_metadata.block_base_fee); +} + +pub(crate) fn observe_public_values< + F: RichField + Extendable, + C: GenericConfig, + const D: usize, +>( + challenger: &mut Challenger, + public_values: &PublicValues, +) { + observe_trie_roots::(challenger, &public_values.trie_roots_before); + observe_trie_roots::(challenger, &public_values.trie_roots_after); + observe_block_metadata::(challenger, &public_values.block_metadata); +} + +pub(crate) fn observe_public_values_target< + F: RichField + Extendable, + C: GenericConfig, + const D: usize, +>( + challenger: &mut RecursiveChallenger, + public_values: &PublicValuesTarget, +) where + C::Hasher: AlgebraicHasher, +{ + observe_trie_roots_target::(challenger, &public_values.trie_roots_before); + observe_trie_roots_target::(challenger, &public_values.trie_roots_after); + observe_block_metadata_target::(challenger, &public_values.block_metadata); +} impl, C: GenericConfig, const D: usize> AllProof { /// Computes all Fiat-Shamir challenges used in the STARK proof. @@ -26,7 +138,7 @@ impl, C: GenericConfig, const D: usize> A challenger.observe_cap(&proof.proof.trace_cap); } - // TODO: Observe public values. + observe_public_values::(&mut challenger, &self.public_values); let ctl_challenges = get_grand_product_challenge_set(&mut challenger, config.num_challenges); @@ -60,7 +172,7 @@ impl, C: GenericConfig, const D: usize> A challenger.observe_cap(&proof.proof.trace_cap); } - // TODO: Observe public values. + observe_public_values::(&mut challenger, &self.public_values); let ctl_challenges = get_grand_product_challenge_set(&mut challenger, config.num_challenges); diff --git a/evm/src/prover.rs b/evm/src/prover.rs index 414b8d50..31be89e7 100644 --- a/evm/src/prover.rs +++ b/evm/src/prover.rs @@ -28,6 +28,7 @@ use crate::cpu::kernel::aggregator::KERNEL; use crate::cross_table_lookup::{cross_table_lookup_data, CtlCheckVars, CtlData}; use crate::generation::outputs::GenerationOutputs; use crate::generation::{generate_traces, GenerationInputs}; +use crate::get_challenges::observe_public_values; use crate::keccak::keccak_stark::KeccakStark; use crate::keccak_sponge::keccak_sponge_stark::KeccakSpongeStark; use crate::logic::LogicStark; @@ -145,6 +146,8 @@ where challenger.observe_cap(cap); } + observe_public_values::(&mut challenger, &public_values); + let ctl_challenges = get_grand_product_challenge_set(&mut challenger, config.num_challenges); let ctl_data_per_table = timed!( timing, diff --git a/evm/src/recursive_verifier.rs b/evm/src/recursive_verifier.rs index c24c2518..dc1469f3 100644 --- a/evm/src/recursive_verifier.rs +++ b/evm/src/recursive_verifier.rs @@ -116,6 +116,9 @@ impl, C: GenericConfig, const D: usize> challenger.observe_elements(h); } } + + // TODO: Observe public values if the code isn't deprecated. + let ctl_challenges = get_grand_product_challenge_set(&mut challenger, inner_config.num_challenges); // Check that the correct CTL challenges are used in every proof. diff --git a/plonky2/src/iop/challenger.rs b/plonky2/src/iop/challenger.rs index 06636d8a..d1751d38 100644 --- a/plonky2/src/iop/challenger.rs +++ b/plonky2/src/iop/challenger.rs @@ -191,7 +191,7 @@ impl, H: AlgebraicHasher, const D: usize> } } - pub(crate) fn observe_element(&mut self, target: Target) { + pub fn observe_element(&mut self, target: Target) { // Any buffered outputs are now invalid, since they wouldn't reflect this input. self.output_buffer.clear(); From 68bb49671dedeaedc48b7257a81d2b84a0201609 Mon Sep 17 00:00:00 2001 From: Robin Salen Date: Fri, 18 Aug 2023 19:02:06 -0400 Subject: [PATCH 2/2] Update tests to have a blockgaslimit fitting u32s --- evm/tests/add11_yml.rs | 2 +- evm/tests/simple_transfer.rs | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/evm/tests/add11_yml.rs b/evm/tests/add11_yml.rs index 29ec0ece..f8b02a10 100644 --- a/evm/tests/add11_yml.rs +++ b/evm/tests/add11_yml.rs @@ -82,7 +82,7 @@ fn add11_yml() -> anyhow::Result<()> { block_timestamp: 0x03e8.into(), block_number: 1.into(), block_difficulty: 0x020000.into(), - block_gaslimit: 0xff112233445566u64.into(), + block_gaslimit: 0xff112233u32.into(), block_chain_id: 1.into(), block_base_fee: 0xa.into(), }; diff --git a/evm/tests/simple_transfer.rs b/evm/tests/simple_transfer.rs index 3fae88b2..13303adc 100644 --- a/evm/tests/simple_transfer.rs +++ b/evm/tests/simple_transfer.rs @@ -70,7 +70,7 @@ fn test_simple_transfer() -> anyhow::Result<()> { block_timestamp: 0x03e8.into(), block_number: 1.into(), block_difficulty: 0x020000.into(), - block_gaslimit: 0xff112233445566u64.into(), + block_gaslimit: 0xff112233u32.into(), block_chain_id: 1.into(), block_base_fee: 0xa.into(), };