-
Notifications
You must be signed in to change notification settings - Fork 527
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Check verification key hash in apply
#12498
Merged
psteckler
merged 6 commits into
verification-key-hash-table
from
feature/check-vk-hashes-in-apply
Jan 12, 2023
Merged
Changes from 3 commits
Commits
Show all changes
6 commits
Select commit
Hold shift + click to select a range
4d1aab1
Check vk hashes in apply
psteckler a1ca141
fix tests
psteckler 70a59c6
uncomment test
psteckler 1876c6d
Restore Proof auth in create tokens test
psteckler 18a4275
use Local_state.add_check
psteckler 1a4ca27
Merge branch 'verification-key-hash-table' into feature/check-vk-hash…
psteckler File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -133,6 +133,14 @@ module type Global_slot_intf = sig | |
val equal : t -> t -> bool | ||
end | ||
|
||
module type Verification_key_hash_intf = sig | ||
type t | ||
|
||
type bool | ||
|
||
val equal : t -> t -> bool | ||
end | ||
|
||
module type Timing_intf = sig | ||
include Iffable | ||
|
||
|
@@ -304,6 +312,8 @@ module type Account_update_intf = sig | |
|
||
type nonce | ||
|
||
type verification_key_hash | ||
|
||
type _ or_ignore | ||
|
||
val balance_change : t -> signed_amount | ||
|
@@ -332,6 +342,8 @@ module type Account_update_intf = sig | |
|
||
val is_proved : t -> bool | ||
|
||
val verification_key_hash : t -> verification_key_hash | ||
|
||
module Update : sig | ||
type _ set_or_keep | ||
|
||
|
@@ -543,10 +555,10 @@ module type Account_intf = sig | |
|
||
val set_receipt_chain_hash : t -> receipt_chain_hash -> t | ||
|
||
(** Fill the snapp field of the account if it's currently [None] *) | ||
(** Fill the zkapp field of the account if it's currently [None] *) | ||
val make_zkapp : t -> t | ||
|
||
(** If the current account has no snapp fields set, reset its snapp field to | ||
(** If the current account has no zkApp fields set, reset its zkapp field to | ||
[None]. | ||
*) | ||
val unmake_zkapp : t -> t | ||
|
@@ -569,6 +581,10 @@ module type Account_intf = sig | |
|
||
val set_verification_key : verification_key -> t -> t | ||
|
||
type verification_key_hash | ||
|
||
val verification_key_hash : t -> verification_key_hash | ||
|
||
val last_sequence_slot : t -> global_slot | ||
|
||
val set_last_sequence_slot : global_slot -> t -> t | ||
|
@@ -690,8 +706,6 @@ module type Inputs_intf = sig | |
module Timing : | ||
Timing_intf with type bool := Bool.t and type global_slot := Global_slot.t | ||
|
||
module Verification_key : Iffable with type bool := Bool.t | ||
|
||
module Zkapp_uri : Iffable with type bool := Bool.t | ||
|
||
module Token_symbol : Iffable with type bool := Bool.t | ||
|
@@ -704,6 +718,10 @@ module type Inputs_intf = sig | |
and type transaction_commitment := Transaction_commitment.t | ||
and type index := Index.t) | ||
|
||
and Verification_key : (Iffable with type bool := Bool.t) | ||
and Verification_key_hash : | ||
(Verification_key_hash_intf with type bool := Bool.t) | ||
|
||
and Account : | ||
(Account_intf | ||
with type Permissions.controller := Controller.t | ||
|
@@ -714,6 +732,7 @@ module type Inputs_intf = sig | |
and type global_slot := Global_slot.t | ||
and type field := Field.t | ||
and type verification_key := Verification_key.t | ||
and type verification_key_hash := Verification_key_hash.t | ||
and type zkapp_uri := Zkapp_uri.t | ||
and type token_symbol := Token_symbol.t | ||
and type public_key := Public_key.t | ||
|
@@ -735,6 +754,7 @@ module type Inputs_intf = sig | |
and type public_key := Public_key.t | ||
and type nonce := Nonce.t | ||
and type account_id := Account_id.t | ||
and type verification_key_hash := Verification_key_hash.t | ||
and type Update.timing := Timing.t | ||
and type 'a Update.set_or_keep := 'a Set_or_keep.t | ||
and type Update.field := Field.t | ||
|
@@ -884,7 +904,7 @@ module Make (Inputs : Inputs_intf) = struct | |
} | ||
|
||
let get_next_account_update (current_forest : Stack_frame.t) | ||
(* The stack for the most recent snapp *) | ||
(* The stack for the most recent zkApp *) | ||
(call_stack : Call_stack.t) (* The partially-completed parent stacks *) | ||
: get_next_account_update_result = | ||
(* If the current stack is complete, 'return' to the previous | ||
|
@@ -1142,6 +1162,14 @@ module Make (Inputs : Inputs_intf) = struct | |
(Account_update.token_id account_update) | ||
(a, inclusion_proof) | ||
in | ||
let matching_verification_key_hashes = | ||
Inputs.Bool.( | ||
(not (Account_update.is_proved account_update)) | ||
||| Verification_key_hash.equal | ||
(Account.verification_key_hash a) | ||
(Account_update.verification_key_hash account_update)) | ||
in | ||
assert_ ~pos:__POS__ matching_verification_key_hashes ; | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Can you call There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Done. |
||
let local_state = | ||
h.perform | ||
(Check_account_precondition | ||
|
@@ -1334,11 +1362,11 @@ module Make (Inputs : Inputs_intf) = struct | |
(* The [proved_state] tracks whether the app state has been entirely | ||
determined by proofs ([true] if so), to allow zkApp authors to be | ||
confident that their initialization logic has been run, rather than | ||
some malicious deployer instantiating the snapp in an account with | ||
some malicious deployer instantiating the zkApp in an account with | ||
some fake non-initial state. | ||
The logic here is: | ||
* if the state is unchanged, keep the previous value; | ||
* if the state has been entriely replaced, and the authentication | ||
* if the state has been entirely replaced, and the authentication | ||
was a proof, the state has been 'proved' and [proved_state] is set | ||
to [true]; | ||
* if the state has been partially updated by a proof, the | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
can we use a test zkapp here instead of changing the authorization? or write another similar test with Proof auth?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There's a bug in this test, if we use
Proof
, because the corresponding ledger account hasNone
for thezkapp
field, hence no vk hash, so the new vk hash check fails.There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'm able to patch the ledger so the token funder has a zkapp with the dummy verification key, allowing
Proof
for this sub-test. (It would require a bit more change to do the same for the token owner.)