diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 47e05a9cd..a0290378c 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -1,26 +1,105 @@ name: CI -on: - pull_request +on: pull_request jobs: + lint: + runs-on: ubuntu-latest + + defaults: + run: + working-directory: ethereum + + steps: + - name: Checkout the repository + uses: actions/checkout@v3 + + - name: Use Node.js + uses: actions/setup-node@v3 + with: + node-version: 16.15.1 + cache: yarn + cache-dependency-path: ethereum/yarn.lock + + - name: Install yarn + run: npm install -g yarn + + - name: Install dependencies + run: yarn install + + - name: Lint + run: yarn lint + + build: + runs-on: ubuntu-latest + + defaults: + run: + working-directory: ethereum + + steps: + - name: Checkout the repository + uses: actions/checkout@v3 + + - name: Use Node.js + uses: actions/setup-node@v3 + with: + node-version: 16.15.1 + cache: yarn + cache-dependency-path: ethereum/yarn.lock + + - name: Install yarn + run: npm install -g yarn + + - name: Install dependencies + run: yarn install + + - name: Build artifacts + run: yarn build + + - name: Create cache + uses: actions/cache/save@v3 + with: + key: artifacts-${{ github.sha }} + path: | + ethereum/artifacts + ethereum/cache + ethereum/typechain + test: + needs: [build, lint] runs-on: ubuntu-latest + defaults: + run: + working-directory: ethereum + steps: - - uses: actions/checkout@v3 + - name: Checkout the repository + uses: actions/checkout@v3 - name: Use Node.js uses: actions/setup-node@v3 with: - node-version: '16.15.1' + node-version: 16.15.1 + cache: yarn + cache-dependency-path: ethereum/yarn.lock - name: Install yarn run: npm install -g yarn - name: Install dependencies - run: cd ethereum && yarn install + run: yarn install + + - name: Restore artifacts cache + uses: actions/cache/restore@v3 + with: + fail-on-cache-miss: true + key: artifacts-${{ github.sha }} + path: | + ethereum/artifacts + ethereum/cache + ethereum/typechain - name: Run tests - working-directory: ethereum - run: yarn test + run: yarn test --no-compile diff --git a/ethereum/.editorconfig b/ethereum/.editorconfig new file mode 100644 index 000000000..bd9cc5ba0 --- /dev/null +++ b/ethereum/.editorconfig @@ -0,0 +1,9 @@ +[*] +charset = utf-8 +end_of_line = lf +insert_final_newline = true +trim_trailing_whitespace = true + +[*.sol] +indent_style = space +indent_size = 4 diff --git a/ethereum/.prettierrc b/ethereum/.prettierrc new file mode 100644 index 000000000..f86a2c591 --- /dev/null +++ b/ethereum/.prettierrc @@ -0,0 +1,16 @@ +{ + "plugins": ["prettier-plugin-solidity"], + "overrides": [ + { + "files": "*.sol", + "options": { + "parser": "solidity-parse", + "printWidth": 120, + "tabWidth": 4, + "useTabs": false, + "singleQuote": false, + "bracketSpacing": false + } + } + ] +} diff --git a/ethereum/.solhint.json b/ethereum/.solhint.json index 2561c314e..b53d34387 100644 --- a/ethereum/.solhint.json +++ b/ethereum/.solhint.json @@ -1,8 +1,17 @@ { - "extends": "solhint:default", - "plugins": ["prettier"], - "rules": { - "prettier/prettier": "error", - "no-inline-assembly": false - } + "extends": "solhint:recommended", + "plugins": ["prettier"], + "rules": { + "prettier/prettier": ["error"], + "func-visibility": ["error", { "ignoreConstructors": true }], + "compiler-version": ["error", ">=0.8.0"], + "max-line-length": ["error", 120], + "var-name-mixedcase": "off", + "func-name-mixedcase": "off", + "no-inline-assembly": "off", + "custom-errors": "off", + "no-global-import": "off", + "no-complex-fallback": "off", + "immutable-vars-naming": ["warn", { "immutablesAsConstants": false }] + } } diff --git a/ethereum/.vscode/extensions.json b/ethereum/.vscode/extensions.json new file mode 100644 index 000000000..21eb26b7c --- /dev/null +++ b/ethereum/.vscode/extensions.json @@ -0,0 +1,7 @@ +{ + "recommendations": [ + "editorconfig.editorconfig", + "esbenp.prettier-vscode", + "nomicfoundation.hardhat-solidity" + ] +} diff --git a/ethereum/.vscode/settings.json b/ethereum/.vscode/settings.json new file mode 100644 index 000000000..9fe44aa85 --- /dev/null +++ b/ethereum/.vscode/settings.json @@ -0,0 +1,6 @@ +{ + "editor.defaultFormatter": "esbenp.prettier-vscode", + "editor.formatOnSave": true, + "prettier.documentSelectors": ["**/*.sol"], + "solidity.formatter": "prettier" +} diff --git a/ethereum/contracts/bridge/L1ERC20Bridge.sol b/ethereum/contracts/bridge/L1ERC20Bridge.sol index 5eb492bd1..69c104fec 100644 --- a/ethereum/contracts/bridge/L1ERC20Bridge.sol +++ b/ethereum/contracts/bridge/L1ERC20Bridge.sol @@ -76,7 +76,8 @@ contract L1ERC20Bridge is IL1Bridge, IL1BridgeLegacy, AllowListed, ReentrancyGua /// @notice At the time of the function call, it is not yet deployed in L2, but knowledge of its address /// @notice is necessary for determining L2 token address by L1 address, see `l2TokenAddress(address)` function /// @param _governor Address which can change L2 token implementation and upgrade the bridge - /// @param _deployBridgeImplementationFee How much of the sent value should be allocated to deploying the L2 bridge implementation + /// @param _deployBridgeImplementationFee How much of the sent value should be allocated to deploying the L2 bridge + /// implementation /// @param _deployBridgeProxyFee How much of the sent value should be allocated to deploying the L2 bridge proxy function initialize( bytes[] calldata _factoryDeps, @@ -123,7 +124,8 @@ contract L1ERC20Bridge is IL1Bridge, IL1BridgeLegacy, AllowListed, ReentrancyGua _deployBridgeProxyFee, l2BridgeProxyBytecodeHash, l2BridgeProxyConstructorData, - new bytes[](0) // No factory deps are needed for L2 bridge proxy, because it is already passed in previous step + // No factory deps are needed for L2 bridge proxy, because it is already passed in previous step + new bytes[](0) ); } @@ -136,7 +138,8 @@ contract L1ERC20Bridge is IL1Bridge, IL1BridgeLegacy, AllowListed, ReentrancyGua /// @param _l2TxGasLimit The L2 gas limit to be used in the corresponding L2 transaction /// @param _l2TxGasPerPubdataByte The gasPerPubdataByteLimit to be used in the corresponding L2 transaction /// @return l2TxHash The L2 transaction hash of deposit finalization - /// NOTE: the function doesn't use `nonreentrant` and `senderCanCallFunction` modifiers, because the inner method does. + /// NOTE: the function doesn't use `nonreentrant` and `senderCanCallFunction` modifiers, because the inner + /// method does. function deposit( address _l2Receiver, address _l1Token, @@ -156,14 +159,18 @@ contract L1ERC20Bridge is IL1Bridge, IL1BridgeLegacy, AllowListed, ReentrancyGua /// @param _l2TxGasPerPubdataByte The gasPerPubdataByteLimit to be used in the corresponding L2 transaction /// @param _refundRecipient The address on L2 that will receive the refund for the transaction. /// @dev If the L2 deposit finalization transaction fails, the `_refundRecipient` will receive the `_l2Value`. - /// Please note, the contract may change the refund recipient's address to eliminate sending funds to addresses out of control. + /// Please note, the contract may change the refund recipient's address to eliminate sending funds to addresses + /// out of control. /// - If `_refundRecipient` is a contract on L1, the refund will be sent to the aliased `_refundRecipient`. - /// - If `_refundRecipient` is set to `address(0)` and the sender has NO deployed bytecode on L1, the refund will be sent to the `msg.sender` address. - /// - If `_refundRecipient` is set to `address(0)` and the sender has deployed bytecode on L1, the refund will be sent to the aliased `msg.sender` address. - /// @dev The address aliasing of L1 contracts as refund recipient on L2 is necessary to guarantee that the funds are controllable through the Mailbox, - /// since the Mailbox applies address aliasing to the from address for the L2 tx if the L1 msg.sender is a contract. - /// Without address aliasing for L1 contracts as refund recipients they would not be able to make proper L2 tx requests - /// through the Mailbox to use or withdraw the funds from L2, and the funds would be lost. + /// - If `_refundRecipient` is set to `address(0)` and the sender has NO deployed bytecode on L1, the refund will + /// be sent to the `msg.sender` address. + /// - If `_refundRecipient` is set to `address(0)` and the sender has deployed bytecode on L1, the refund will be + /// sent to the aliased `msg.sender` address. + /// @dev The address aliasing of L1 contracts as refund recipient on L2 is necessary to guarantee that the funds + /// are controllable through the Mailbox, since the Mailbox applies address aliasing to the from address for the + /// L2 tx if the L1 msg.sender is a contract. Without address aliasing for L1 contracts as refund recipients they + /// would not be able to make proper L2 tx requests through the Mailbox to use or withdraw the funds from L2, and + /// the funds would be lost. /// @return l2TxHash The L2 transaction hash of deposit finalization function deposit( address _l2Receiver, @@ -205,11 +212,7 @@ contract L1ERC20Bridge is IL1Bridge, IL1BridgeLegacy, AllowListed, ReentrancyGua /// @dev Transfers tokens from the depositor address to the smart contract address /// @return The difference between the contract balance before and after the transferring of funds - function _depositFunds( - address _from, - IERC20 _token, - uint256 _amount - ) internal returns (uint256) { + function _depositFunds(address _from, IERC20 _token, uint256 _amount) internal returns (uint256) { uint256 balanceBefore = _token.balanceOf(address(this)); _token.safeTransferFrom(_from, address(this), _amount); uint256 balanceAfter = _token.balanceOf(address(this)); @@ -316,17 +319,12 @@ contract L1ERC20Bridge is IL1Bridge, IL1BridgeLegacy, AllowListed, ReentrancyGua } /// @dev Decode the withdraw message that came from L2 - function _parseL2WithdrawalMessage(bytes memory _l2ToL1message) - internal - pure - returns ( - address l1Receiver, - address l1Token, - uint256 amount - ) - { + function _parseL2WithdrawalMessage( + bytes memory _l2ToL1message + ) internal pure returns (address l1Receiver, address l1Token, uint256 amount) { // Check that the message length is correct. - // It should be equal to the length of the function signature + address + address + uint256 = 4 + 20 + 20 + 32 = 76 (bytes). + // It should be equal to the length of the function signature + address + address + uint256 = 4 + 20 + 20 + 32 = + // 76 (bytes). require(_l2ToL1message.length == 76, "kk"); (uint32 functionSignature, uint256 offset) = UnsafeBytes.readUint32(_l2ToL1message, 0); @@ -338,12 +336,7 @@ contract L1ERC20Bridge is IL1Bridge, IL1BridgeLegacy, AllowListed, ReentrancyGua } /// @dev Verify the deposit limit is reached to its cap or not - function _verifyDepositLimit( - address _l1Token, - address _depositor, - uint256 _amount, - bool _claiming - ) internal { + function _verifyDepositLimit(address _l1Token, address _depositor, uint256 _amount, bool _claiming) internal { IAllowList.Deposit memory limitData = IAllowList(allowList).getTokenDepositLimitData(_l1Token); if (!limitData.depositLimitation) return; // no deposit limitation is placed for this token diff --git a/ethereum/contracts/bridge/L1WethBridge.sol b/ethereum/contracts/bridge/L1WethBridge.sol index c6335e783..f4fd56cd6 100644 --- a/ethereum/contracts/bridge/L1WethBridge.sol +++ b/ethereum/contracts/bridge/L1WethBridge.sol @@ -60,11 +60,7 @@ contract L1WethBridge is IL1Bridge, AllowListed, ReentrancyGuard { /// @dev Contract is expected to be used as proxy implementation. /// @dev Initialize the implementation to prevent Parity hack. - constructor( - address payable _l1WethAddress, - IZkSync _zkSync, - IAllowList _allowList - ) reentrancyGuardInitializer { + constructor(address payable _l1WethAddress, IZkSync _zkSync, IAllowList _allowList) reentrancyGuardInitializer { l1WethAddress = _l1WethAddress; zkSync = _zkSync; allowList = _allowList; @@ -77,8 +73,10 @@ contract L1WethBridge is IL1Bridge, AllowListed, ReentrancyGuard { /// @notice _factoryDeps[1] == a raw bytecode of proxy that is used as L2 WETH bridge /// @param _l2WethAddress Pre-calculated address of L2 WETH token /// @param _governor Address which can change L2 WETH token implementation and upgrade the bridge - /// @param _deployBridgeImplementationFee The fee that will be paid for the L1 -> L2 transaction for deploying L2 bridge implementation - /// @param _deployBridgeProxyFee The fee that will be paid for the L1 -> L2 transaction for deploying L2 bridge proxy + /// @param _deployBridgeImplementationFee The fee that will be paid for the L1 -> L2 transaction for deploying L2 + /// bridge implementation + /// @param _deployBridgeProxyFee The fee that will be paid for the L1 -> L2 transaction for deploying L2 bridge + /// proxy function initialize( bytes[] calldata _factoryDeps, address _l2WethAddress, @@ -129,7 +127,8 @@ contract L1WethBridge is IL1Bridge, AllowListed, ReentrancyGuard { _deployBridgeProxyFee, l2WethBridgeProxyBytecodeHash, l2WethBridgeProxyConstructorData, - new bytes[](0) // No factory deps are needed for L2 bridge proxy, because it is already passed in the previous step + // No factory deps are needed for L2 bridge proxy, because it is already passed in the previous step + new bytes[](0) ); } @@ -142,13 +141,18 @@ contract L1WethBridge is IL1Bridge, AllowListed, ReentrancyGuard { /// @param _l2TxGasPerPubdataByte The gasPerPubdataByteLimit to be used in the corresponding L2 transaction /// @param _refundRecipient The address on L2 that will receive the refund for the transaction. /// @dev If the L2 deposit finalization transaction fails, the `_refundRecipient` will receive the `_l2Value`. - /// Please note, the contract may change the refund recipient's address to eliminate sending funds to addresses out of control. + /// Please note, the contract may change the refund recipient's address to eliminate sending funds to addresses + /// out of control. /// - If `_refundRecipient` is a contract on L1, the refund will be sent to the aliased `_refundRecipient`. - /// - If `_refundRecipient` is set to `address(0)` and the sender has NO deployed bytecode on L1, the refund will be sent to the `msg.sender` address. - /// - If `_refundRecipient` is set to `address(0)` and the sender has deployed bytecode on L1, the refund will be sent to the aliased `msg.sender` address. - /// @dev The address aliasing of L1 contracts as refund recipient on L2 is necessary to guarantee that the funds are controllable through the Mailbox, + /// - If `_refundRecipient` is set to `address(0)` and the sender has NO deployed bytecode on L1, the refund will + /// be sent to the `msg.sender` address. + /// - If `_refundRecipient` is set to `address(0)` and the sender has deployed bytecode on L1, the refund will be + /// sent to the aliased `msg.sender` address. + /// @dev The address aliasing of L1 contracts as refund recipient on L2 is necessary to guarantee that the funds + /// are controllable through the Mailbox, /// since the Mailbox applies address aliasing to the from address for the L2 tx if the L1 msg.sender is a contract. - /// Without address aliasing for L1 contracts as refund recipients they would not be able to make proper L2 tx requests + /// Without address aliasing for L1 contracts as refund recipients they would not be able to make proper L2 tx + /// requests /// through the Mailbox to use or withdraw the funds from L2, and the funds would be lost. /// @return txHash The L2 transaction hash of deposit finalization function deposit( @@ -204,7 +208,8 @@ contract L1WethBridge is IL1Bridge, AllowListed, ReentrancyGuard { } /// @notice Withdraw funds from the initiated deposit, that failed when finalizing on L2. - /// Note: Refund is performed by sending an equivalent amount of ETH on L2 to the specified deposit refund recipient address. + /// Note: Refund is performed by sending an equivalent amount of ETH on L2 to the specified deposit refund + /// recipient address. function claimFailedDeposit( address, // _depositSender, address, // _l1Token, @@ -219,7 +224,8 @@ contract L1WethBridge is IL1Bridge, AllowListed, ReentrancyGuard { /// @notice Finalize the withdrawal and release funds /// @param _l2BlockNumber The L2 block number where the ETH (WETH) withdrawal was processed - /// @param _l2MessageIndex The position in the L2 logs Merkle tree of the l2Log that was sent with the ETH withdrawal message containing additional data about WETH withdrawal + /// @param _l2MessageIndex The position in the L2 logs Merkle tree of the l2Log that was sent with the ETH + /// withdrawal message containing additional data about WETH withdrawal /// @param _l2TxNumberInBlock The L2 transaction number in a block, in which the ETH withdrawal log was sent /// @param _message The L2 withdraw data, stored in an L2 -> L1 message /// @param _merkleProof The Merkle proof of the inclusion L2 -> L1 message about withdrawal initialization @@ -260,15 +266,15 @@ contract L1WethBridge is IL1Bridge, AllowListed, ReentrancyGuard { emit WithdrawalFinalized(l1WethWithdrawReceiver, l1WethAddress, amount); } - /// @dev Decode the ETH withdraw message with additional data about WETH withdrawal that came from L2EthToken contract - function _parseL2EthWithdrawalMessage(bytes memory _message) - internal - view - returns (address l1WethReceiver, uint256 ethAmount) - { + /// @dev Decode the ETH withdraw message with additional data about WETH withdrawal that came from L2EthToken + /// contract + function _parseL2EthWithdrawalMessage( + bytes memory _message + ) internal view returns (address l1WethReceiver, uint256 ethAmount) { // Check that the message length is correct. // additionalData (WETH withdrawal data): l2 sender address + weth receiver address = 20 + 20 = 40 (bytes) - // It should be equal to the length of the function signature + eth receiver address + uint256 amount + additionalData = 4 + 20 + 32 + 40 = 96 (bytes). + // It should be equal to the length of the function signature + eth receiver address + uint256 amount + + // additionalData = 4 + 20 + 32 + 40 = 96 (bytes). require(_message.length == 96, "Incorrect ETH message with additional data length"); (uint32 functionSignature, uint256 offset) = UnsafeBytes.readUint32(_message, 0); diff --git a/ethereum/contracts/common/AllowList.sol b/ethereum/contracts/common/AllowList.sol index 919c240db..c290f7462 100644 --- a/ethereum/contracts/common/AllowList.sol +++ b/ethereum/contracts/common/AllowList.sol @@ -35,11 +35,7 @@ contract AllowList is IAllowList, Ownable2Step { /// @param _caller The caller address, who is granted access /// @param _target The address of the smart contract which is called /// @param _functionSig The function signature (selector), access to which need to check - function canCall( - address _caller, - address _target, - bytes4 _functionSig - ) external view returns (bool) { + function canCall(address _caller, address _target, bytes4 _functionSig) external view returns (bool) { AccessMode accessMode = getAccessMode[_target]; return accessMode == AccessMode.Public || @@ -56,7 +52,8 @@ contract AllowList is IAllowList, Ownable2Step { /// @notice Set many permission modes to call the target contracts /// @dev Analogous to function `setAccessMode` but performs a batch of changes /// @param _targets The array of smart contract addresses, of which access to the call is to be changed - /// @param _accessModes The array of new permission modes, whether no one, any or only some addresses can call the target contract + /// @param _accessModes The array of new permission modes, whether no one, any or only some addresses can call the + /// target contract function setBatchAccessMode(address[] calldata _targets, AccessMode[] calldata _accessModes) external onlyOwner { uint256 targetsLength = _targets.length; require(targetsLength == _accessModes.length, "yg"); // The size of arrays should be equal @@ -80,7 +77,8 @@ contract AllowList is IAllowList, Ownable2Step { /// @param _callers The array of caller addresses, who are granted access /// @param _targets The array of smart contract addresses, of which access to the call are to be changed /// @param _functionSigs The array of function signatures (selectors), access to which need to be changed - /// @param _enables The array of boolean flags, whether enable or disable the function access to the corresponding target address + /// @param _enables The array of boolean flags, whether enable or disable the function access to the corresponding + /// target address function setBatchPermissionToCall( address[] calldata _callers, address[] calldata _targets, @@ -114,12 +112,7 @@ contract AllowList is IAllowList, Ownable2Step { } /// @dev Changes permission to call and emits the event if the permission was changed - function _setPermissionToCall( - address _caller, - address _target, - bytes4 _functionSig, - bool _enable - ) internal { + function _setPermissionToCall(address _caller, address _target, bytes4 _functionSig, bool _enable) internal { bool currentPermission = hasSpecialAccessToCall[_caller][_target][_functionSig]; if (currentPermission != _enable) { @@ -132,11 +125,7 @@ contract AllowList is IAllowList, Ownable2Step { /// @param _l1Token The address of L1 token /// @param _depositLimitation deposit limitation is active or not /// @param _depositCap The maximum amount that can be deposited. - function setDepositLimit( - address _l1Token, - bool _depositLimitation, - uint256 _depositCap - ) external onlyOwner { + function setDepositLimit(address _l1Token, bool _depositLimitation, uint256 _depositCap) external onlyOwner { tokenDeposit[_l1Token].depositLimitation = _depositLimitation; tokenDeposit[_l1Token].depositCap = _depositCap; } diff --git a/ethereum/contracts/common/L2ContractAddresses.sol b/ethereum/contracts/common/L2ContractAddresses.sol index 2c5096f2d..c0855f930 100644 --- a/ethereum/contracts/common/L2ContractAddresses.sol +++ b/ethereum/contracts/common/L2ContractAddresses.sol @@ -5,10 +5,13 @@ pragma solidity ^0.8.0; /// @dev The address of the L2 deployer system contract. address constant L2_DEPLOYER_SYSTEM_CONTRACT_ADDR = address(0x8006); -/// @dev The special reserved L2 address. It is located in the system contracts space but doesn't have deployed bytecode. +/// @dev The special reserved L2 address. It is located in the system contracts space but doesn't have deployed +/// bytecode. /// @dev The L2 deployer system contract allows changing bytecodes on any address if the `msg.sender` is this address. -/// @dev So, whenever the governor wants to redeploy system contracts, it just initiates the L1 upgrade call deployer system contract -/// via the L1 -> L2 transaction with `sender == L2_FORCE_DEPLOYER_ADDR`. For more details see the `diamond-initializers` contracts. +/// @dev So, whenever the governor wants to redeploy system contracts, it just initiates the L1 upgrade call deployer +/// system contract +/// via the L1 -> L2 transaction with `sender == L2_FORCE_DEPLOYER_ADDR`. For more details see the +/// `diamond-initializers` contracts. address constant L2_FORCE_DEPLOYER_ADDR = address(0x8007); /// @dev The address of the special smart contract that can send arbitrary length message as an L2 log diff --git a/ethereum/contracts/common/ReentrancyGuard.sol b/ethereum/contracts/common/ReentrancyGuard.sol index c52dd25f2..041068c58 100644 --- a/ethereum/contracts/common/ReentrancyGuard.sol +++ b/ethereum/contracts/common/ReentrancyGuard.sol @@ -24,8 +24,10 @@ pragma solidity ^0.8.13; abstract contract ReentrancyGuard { /// @dev Address of lock flag variable. /// @dev Flag is placed at random memory location to not interfere with Storage contract. - uint256 private constant LOCK_FLAG_ADDRESS = 0x8e94fed44239eb2314ab7a406345e6c5a8f0ccedf3b600de3d004e672c33abf4; // keccak256("ReentrancyGuard") - 1; + // keccak256("ReentrancyGuard") - 1; + uint256 private constant LOCK_FLAG_ADDRESS = 0x8e94fed44239eb2314ab7a406345e6c5a8f0ccedf3b600de3d004e672c33abf4; + // solhint-disable-next-line max-line-length // https://github.com/OpenZeppelin/openzeppelin-contracts/blob/566a774222707e424896c0c390a84dc3c13bdcb2/contracts/security/ReentrancyGuard.sol // The values being non-zero value makes deployment a bit more expensive, // but in exchange the refund on every call to nonReentrant will be lower in diff --git a/ethereum/contracts/dev-contracts/Multicall3.sol b/ethereum/contracts/dev-contracts/Multicall3.sol index 233b5239b..a7edaa35f 100644 --- a/ethereum/contracts/dev-contracts/Multicall3.sol +++ b/ethereum/contracts/dev-contracts/Multicall3.sol @@ -59,11 +59,10 @@ contract Multicall3 { /// @param requireSuccess If true, require all calls to succeed /// @param calls An array of Call structs /// @return returnData An array of Result structs - function tryAggregate(bool requireSuccess, Call[] calldata calls) - public - payable - returns (Result[] memory returnData) - { + function tryAggregate( + bool requireSuccess, + Call[] calldata calls + ) public payable returns (Result[] memory returnData) { uint256 length = calls.length; returnData = new Result[](length); Call calldata call; @@ -84,15 +83,10 @@ contract Multicall3 { /// @return blockNumber The block number where the calls were executed /// @return blockHash The hash of the block where the calls were executed /// @return returnData An array of Result structs - function tryBlockAndAggregate(bool requireSuccess, Call[] calldata calls) - public - payable - returns ( - uint256 blockNumber, - bytes32 blockHash, - Result[] memory returnData - ) - { + function tryBlockAndAggregate( + bool requireSuccess, + Call[] calldata calls + ) public payable returns (uint256 blockNumber, bytes32 blockHash, Result[] memory returnData) { blockNumber = block.number; blockHash = blockhash(block.number); returnData = tryAggregate(requireSuccess, calls); @@ -104,15 +98,9 @@ contract Multicall3 { /// @return blockNumber The block number where the calls were executed /// @return blockHash The hash of the block where the calls were executed /// @return returnData An array of Result structs - function blockAndAggregate(Call[] calldata calls) - public - payable - returns ( - uint256 blockNumber, - bytes32 blockHash, - Result[] memory returnData - ) - { + function blockAndAggregate( + Call[] calldata calls + ) public payable returns (uint256 blockNumber, bytes32 blockHash, Result[] memory returnData) { (blockNumber, blockHash, returnData) = tryBlockAndAggregate(true, calls); } diff --git a/ethereum/contracts/dev-contracts/RevertTransferERC20.sol b/ethereum/contracts/dev-contracts/RevertTransferERC20.sol index b95e32886..6eb9f4b2c 100644 --- a/ethereum/contracts/dev-contracts/RevertTransferERC20.sol +++ b/ethereum/contracts/dev-contracts/RevertTransferERC20.sol @@ -9,11 +9,7 @@ import "./TestnetERC20Token.sol"; contract RevertTransferERC20 is TestnetERC20Token { bool public revertTransfer; - constructor( - string memory name, - string memory symbol, - uint8 decimals - ) TestnetERC20Token(name, symbol, decimals) { + constructor(string memory name, string memory symbol, uint8 decimals) TestnetERC20Token(name, symbol, decimals) { revertTransfer = false; } diff --git a/ethereum/contracts/dev-contracts/SingletonFactory.sol b/ethereum/contracts/dev-contracts/SingletonFactory.sol index d04b3d03c..fada4ac79 100644 --- a/ethereum/contracts/dev-contracts/SingletonFactory.sol +++ b/ethereum/contracts/dev-contracts/SingletonFactory.sol @@ -2,7 +2,8 @@ pragma solidity ^0.8.13; /** * @title Singleton Factory (EIP-2470) - * @notice Exposes CREATE2 (EIP-1014) to deploy bytecode on deterministic addresses based on initialization code and salt. + * @notice Exposes CREATE2 (EIP-1014) to deploy bytecode on deterministic addresses based on initialization code + * and salt. * @author Ricardo Guilherme Schmidt (Status Research & Development GmbH) */ contract SingletonFactory { diff --git a/ethereum/contracts/dev-contracts/TestnetERC20Token.sol b/ethereum/contracts/dev-contracts/TestnetERC20Token.sol index 078d2be73..f2493a6a4 100644 --- a/ethereum/contracts/dev-contracts/TestnetERC20Token.sol +++ b/ethereum/contracts/dev-contracts/TestnetERC20Token.sol @@ -7,11 +7,7 @@ import "@openzeppelin/contracts/token/ERC20/ERC20.sol"; contract TestnetERC20Token is ERC20 { uint8 private _decimals; - constructor( - string memory name_, - string memory symbol_, - uint8 decimals_ - ) ERC20(name_, symbol_) { + constructor(string memory name_, string memory symbol_, uint8 decimals_) ERC20(name_, symbol_) { _decimals = decimals_; } diff --git a/ethereum/contracts/dev-contracts/WETH9.sol b/ethereum/contracts/dev-contracts/WETH9.sol index 483273b17..7a8dbbe04 100644 --- a/ethereum/contracts/dev-contracts/WETH9.sol +++ b/ethereum/contracts/dev-contracts/WETH9.sol @@ -45,11 +45,7 @@ contract WETH9 { return transferFrom(msg.sender, dst, wad); } - function transferFrom( - address src, - address dst, - uint256 wad - ) public returns (bool) { + function transferFrom(address src, address dst, uint256 wad) public returns (bool) { require(balanceOf[src] >= wad); if (src != msg.sender && allowance[src][msg.sender] != type(uint256).max) { diff --git a/ethereum/contracts/dev-contracts/test/CustomUpgradeTest.sol b/ethereum/contracts/dev-contracts/test/CustomUpgradeTest.sol index 8abb8b0a3..6cfaa08c4 100644 --- a/ethereum/contracts/dev-contracts/test/CustomUpgradeTest.sol +++ b/ethereum/contracts/dev-contracts/test/CustomUpgradeTest.sol @@ -17,7 +17,8 @@ contract CustomUpgradeTest is BaseZkSyncUpgrade { /// @notice placeholder function for custom logic for post-upgrade logic. /// Typically this function will never be used. - /// @param _customCallDataForUpgrade Custom data for an upgrade, which may be interpreted differently for each upgrade. + /// @param _customCallDataForUpgrade Custom data for an upgrade, which may be interpreted differently for each + /// upgrade. function _postUpgrade(bytes calldata _customCallDataForUpgrade) internal virtual {} /// @notice The main function that will be called by the upgrade proxy. diff --git a/ethereum/contracts/dev-contracts/test/DummyExecutor.sol b/ethereum/contracts/dev-contracts/test/DummyExecutor.sol index b27e060ca..85620d3cc 100644 --- a/ethereum/contracts/dev-contracts/test/DummyExecutor.sol +++ b/ethereum/contracts/dev-contracts/test/DummyExecutor.sol @@ -5,7 +5,8 @@ pragma solidity ^0.8.13; import "../../zksync/interfaces/IExecutor.sol"; /// @title DummyExecutor -/// @notice A test smart contract implementing the IExecutor interface to simulate Executor behavior for testing purposes. +/// @notice A test smart contract implementing the IExecutor interface to simulate Executor behavior for testing +/// purposes. contract DummyExecutor is IExecutor { address owner; @@ -46,9 +47,10 @@ contract DummyExecutor is IExecutor { shouldRevertOnExecuteBlocks = _shouldRevert; } - function commitBlocks(StoredBlockInfo calldata _lastCommittedBlockData, CommitBlockInfo[] calldata _newBlocksData) - external - { + function commitBlocks( + StoredBlockInfo calldata _lastCommittedBlockData, + CommitBlockInfo[] calldata _newBlocksData + ) external { require(!shouldRevertOnCommitBlocks, "DummyExecutor: shouldRevertOnCommitBlocks"); require( _lastCommittedBlockData.blockNumber == getTotalBlocksCommitted, diff --git a/ethereum/contracts/dev-contracts/test/UnsafeBytesTest.sol b/ethereum/contracts/dev-contracts/test/UnsafeBytesTest.sol index aa24afc44..838ba669f 100644 --- a/ethereum/contracts/dev-contracts/test/UnsafeBytesTest.sol +++ b/ethereum/contracts/dev-contracts/test/UnsafeBytesTest.sol @@ -11,27 +11,24 @@ contract UnsafeBytesTest { return _bytes.readUint32(_start); } - function readAddress(bytes memory _bytes, uint256 _start) - external - pure - returns (address readValue, uint256 offset) - { + function readAddress( + bytes memory _bytes, + uint256 _start + ) external pure returns (address readValue, uint256 offset) { return _bytes.readAddress(_start); } - function readUint256(bytes memory _bytes, uint256 _start) - external - pure - returns (uint256 readValue, uint256 offset) - { + function readUint256( + bytes memory _bytes, + uint256 _start + ) external pure returns (uint256 readValue, uint256 offset) { return _bytes.readUint256(_start); } - function readBytes32(bytes memory _bytes, uint256 _start) - external - pure - returns (bytes32 readValue, uint256 offset) - { + function readBytes32( + bytes memory _bytes, + uint256 _start + ) external pure returns (bytes32 readValue, uint256 offset) { return _bytes.readBytes32(_start); } } diff --git a/ethereum/contracts/dev-contracts/test/VerifierRecursiveTest.sol b/ethereum/contracts/dev-contracts/test/VerifierRecursiveTest.sol new file mode 100644 index 000000000..2363018a7 --- /dev/null +++ b/ethereum/contracts/dev-contracts/test/VerifierRecursiveTest.sol @@ -0,0 +1,60 @@ +// SPDX-License-Identifier: MIT + +pragma solidity ^0.8.13; + +import "../../zksync/Verifier.sol"; + +/// @author Matter Labs +contract VerifierRecursiveTest is Verifier { + function _loadVerificationKey() internal pure override { + assembly { + mstore(VK_GATE_SETUP_0_X_SLOT, 0x08fa9d6f0dd6ac1cbeb94ae20fe7a23df05cb1095df66fb561190e615a4037ef) + mstore(VK_GATE_SETUP_0_Y_SLOT, 0x196dcc8692fe322d21375920559944c12ba7b1ba8b732344cf4ba2e3aa0fc8b4) + mstore(VK_GATE_SETUP_1_X_SLOT, 0x0074aaf5d97bd57551311a8b3e4aa7840bc55896502020b2f43ad6a98d81a443) + mstore(VK_GATE_SETUP_1_Y_SLOT, 0x2d275a3ad153dc9d89ebb9c9b6a0afd2dde82470554e9738d905c328fbb4c8bc) + mstore(VK_GATE_SETUP_2_X_SLOT, 0x287f1975a9aeaef5d2bb0767b5ef538f76e82f7da01c0cb6db8c6f920818ec4f) + mstore(VK_GATE_SETUP_2_Y_SLOT, 0x2fff6f53594129f794a7731d963d27e72f385c5c6d8e08829e6f66a9d29a12ea) + mstore(VK_GATE_SETUP_3_X_SLOT, 0x038809fa3d4b7320d43e023454194f0a7878baa7e73a295d2d105260f1c34cbc) + mstore(VK_GATE_SETUP_3_Y_SLOT, 0x25418b1105cf45b2a3da6c349bab1d9caaf145eaf24d1e8fb92c11654c000781) + mstore(VK_GATE_SETUP_4_X_SLOT, 0x0561cafd527ac3f0bc550db77d87cd1c63938f7ec051e62ebf84a5bbe07f9840) + mstore(VK_GATE_SETUP_4_Y_SLOT, 0x28f87201b4cbe19f1517a1c29ca6d6cb074502ccfed4c31c8931c6992c3eea43) + mstore(VK_GATE_SETUP_5_X_SLOT, 0x27e0af572bac6e36d31c33808cb44c0ef8ceee5e2850e916fb01f3747db72491) + mstore(VK_GATE_SETUP_5_Y_SLOT, 0x1da20087ba61c59366b21e31e4ac6889d357cf11bf16b94d875f94f41525c427) + mstore(VK_GATE_SETUP_6_X_SLOT, 0x2c2bcafea8f93d07f96874f470985a8d272c09c8ed49373f36497ee80bd8da17) + mstore(VK_GATE_SETUP_6_Y_SLOT, 0x299276cf6dca1a7e3780f6276c5d067403f6e024e83e0cc1ab4c5f7252b7f653) + mstore(VK_GATE_SETUP_7_X_SLOT, 0x0ba9d4a53e050da25b8410045b634f1ca065ff74acd35bab1a72bf1f20047ef3) + mstore(VK_GATE_SETUP_7_Y_SLOT, 0x1f1eefc8b0507a08f852f554bd7abcbd506e52de390ca127477a678d212abfe5) + + mstore(VK_GATE_SELECTORS_0_X_SLOT, 0x1c6b68d9920620012d85a4850dad9bd6d03ae8bbc7a08b827199e85dba1ef2b1) + mstore(VK_GATE_SELECTORS_0_Y_SLOT, 0x0f6380560d1b585628ed259289cec19d3a7c70c60e66bbfebfcb70c8c312d91e) + mstore(VK_GATE_SELECTORS_1_X_SLOT, 0x0dfead780e5067181aae631ff734a33fca302773472997daca58ba49dbd20dcc) + mstore(VK_GATE_SELECTORS_1_Y_SLOT, 0x00f13fa6e356f525d2fd1c533acf2858c0d2b9f0a9b3180f94e1543929c75073) + + mstore(VK_PERMUTATION_0_X_SLOT, 0x1df0747c787934650d99c5696f9273088ad07ec3e0825c9d39685a9b9978ebed) + mstore(VK_PERMUTATION_0_Y_SLOT, 0x2ace2a277becbc69af4e89518eb50960a733d9d71354845ea43d2e65c8e0e4cb) + mstore(VK_PERMUTATION_1_X_SLOT, 0x06598c8236a5f5045cd7444dc87f3e1f66f99bf01251e13be4dc0ab1f7f1af4b) + mstore(VK_PERMUTATION_1_Y_SLOT, 0x14ca234fe9b3bb1e5517fc60d6b90f8ad44b0899a2d4f71a64c9640b3142ce8b) + mstore(VK_PERMUTATION_2_X_SLOT, 0x01889e2c684caefde60471748f4259196ecf4209a735ccdf7b1816f05bafa50a) + mstore(VK_PERMUTATION_2_Y_SLOT, 0x092d287a080bfe2fd40ad392ff290e462cd0e347b8fd9d05b90af234ce77a11b) + mstore(VK_PERMUTATION_3_X_SLOT, 0x0dd98eeb5bc12c221da969398b67750a8774dbdd37a78da52367f9fc0e566d5c) + mstore(VK_PERMUTATION_3_Y_SLOT, 0x06750ceb40c9fb87fc424df9599340938b7552b759914a90cb0e41d3915c945b) + + mstore(VK_LOOKUP_SELECTOR_X_SLOT, 0x2f491c662ae53ceb358f57a868dc00b89befa853bd9a449127ea2d46820995bd) + mstore(VK_LOOKUP_SELECTOR_Y_SLOT, 0x231fe6538634ff8b6fa21ca248fb15e7f43d82eb0bfa705490d24ddb3e3cad77) + + mstore(VK_LOOKUP_TABLE_0_X_SLOT, 0x0ebe0de4a2f39df3b903da484c1641ffdffb77ff87ce4f9508c548659eb22d3c) + mstore(VK_LOOKUP_TABLE_0_Y_SLOT, 0x12a3209440242d5662729558f1017ed9dcc08fe49a99554dd45f5f15da5e4e0b) + mstore(VK_LOOKUP_TABLE_1_X_SLOT, 0x1b7d54f8065ca63bed0bfbb9280a1011b886d07e0c0a26a66ecc96af68c53bf9) + mstore(VK_LOOKUP_TABLE_1_Y_SLOT, 0x2c51121fff5b8f58c302f03c74e0cb176ae5a1d1730dec4696eb9cce3fe284ca) + mstore(VK_LOOKUP_TABLE_2_X_SLOT, 0x0138733c5faa9db6d4b8df9748081e38405999e511fb22d40f77cf3aef293c44) + mstore(VK_LOOKUP_TABLE_2_Y_SLOT, 0x269bee1c1ac28053238f7fe789f1ea2e481742d6d16ae78ed81e87c254af0765) + mstore(VK_LOOKUP_TABLE_3_X_SLOT, 0x1b1be7279d59445065a95f01f16686adfa798ec4f1e6845ffcec9b837e88372e) + mstore(VK_LOOKUP_TABLE_3_Y_SLOT, 0x057c90cb96d8259238ed86b05f629efd55f472a721efeeb56926e979433e6c0e) + + mstore(VK_LOOKUP_TABLE_TYPE_X_SLOT, 0x12cd873a6f18a4a590a846d9ebf61565197edf457efd26bc408eb61b72f37b59) + mstore(VK_LOOKUP_TABLE_TYPE_Y_SLOT, 0x19890cbdac892682e7a5910ca6c238c082130e1c71f33d0c9c901153377770d1) + + mstore(VK_RECURSIVE_FLAG, 1) + } + } +} diff --git a/ethereum/contracts/dev-contracts/test/VerifierTest.sol b/ethereum/contracts/dev-contracts/test/VerifierTest.sol index 230c706a6..71c4e9f1e 100644 --- a/ethereum/contracts/dev-contracts/test/VerifierTest.sol +++ b/ethereum/contracts/dev-contracts/test/VerifierTest.sol @@ -53,6 +53,8 @@ contract VerifierTest is Verifier { mstore(VK_LOOKUP_TABLE_TYPE_X_SLOT, 0x12cd873a6f18a4a590a846d9ebf61565197edf457efd26bc408eb61b72f37b59) mstore(VK_LOOKUP_TABLE_TYPE_Y_SLOT, 0x19890cbdac892682e7a5910ca6c238c082130e1c71f33d0c9c901153377770d1) + + mstore(VK_RECURSIVE_FLAG, 0) } } } diff --git a/ethereum/contracts/upgrades/BaseZkSyncUpgrade.sol b/ethereum/contracts/upgrades/BaseZkSyncUpgrade.sol index ab6f8b715..ebb8d18ea 100644 --- a/ethereum/contracts/upgrades/BaseZkSyncUpgrade.sol +++ b/ethereum/contracts/upgrades/BaseZkSyncUpgrade.sol @@ -18,10 +18,13 @@ abstract contract BaseZkSyncUpgrade is Base { /// @param defaultAccountHash The hash of the new default account bytecode. If zero, it will not be updated. /// @param verifier The address of the new verifier. If zero, the verifier will not be updated. /// @param verifierParams The new verifier params. If either of its fields is 0, the params will not be updated. - /// @param l1ContractsUpgradeCalldata Custom calldata for L1 contracts upgrade, it may be interpreted differently in each upgrade. Usually empty. - /// @param postUpgradeCalldata Custom calldata for post upgrade hook, it may be interpreted differently in each upgrade. Usually empty. + /// @param l1ContractsUpgradeCalldata Custom calldata for L1 contracts upgrade, it may be interpreted differently + /// in each upgrade. Usually empty. + /// @param postUpgradeCalldata Custom calldata for post upgrade hook, it may be interpreted differently in each + /// upgrade. Usually empty. /// @param upgradeTimestamp The timestamp after which the upgrade can be executed. - /// @param newProtocolVersion The new version number for the protocol after this upgrade. Should be greater than the previous protocol version. + /// @param newProtocolVersion The new version number for the protocol after this upgrade. Should be greater than + /// the previous protocol version. /// @param newAllowList The address of the new allowlist contract. If zero, it will not be updated. struct ProposedUpgrade { IMailbox.L2CanonicalTransaction l2ProtocolUpgradeTx; diff --git a/ethereum/contracts/upgrades/DefaultUpgrade.sol b/ethereum/contracts/upgrades/DefaultUpgrade.sol index f15f77e46..1ca18f744 100644 --- a/ethereum/contracts/upgrades/DefaultUpgrade.sol +++ b/ethereum/contracts/upgrades/DefaultUpgrade.sol @@ -8,12 +8,14 @@ import "./BaseZkSyncUpgrade.sol"; contract DefaultUpgrade is BaseZkSyncUpgrade { /// @notice Placeholder function for custom logic for upgrading L1 contract. /// Typically this function will never be used. - /// @param _customCallDataForUpgrade Custom data for an upgrade, which may be interpreted differently for each upgrade. + /// @param _customCallDataForUpgrade Custom data for an upgrade, which may be interpreted differently for each + /// upgrade. function _upgradeL1Contract(bytes calldata _customCallDataForUpgrade) internal virtual {} /// @notice placeholder function for custom logic for post-upgrade logic. /// Typically this function will never be used. - /// @param _customCallDataForUpgrade Custom data for an upgrade, which may be interpreted differently for each upgrade. + /// @param _customCallDataForUpgrade Custom data for an upgrade, which may be interpreted differently for each + /// upgrade. function _postUpgrade(bytes calldata _customCallDataForUpgrade) internal virtual {} /// @notice The main function that will be called by the upgrade proxy. diff --git a/ethereum/contracts/zksync/Config.sol b/ethereum/contracts/zksync/Config.sol index a7652d1b9..e4e7a6dd6 100644 --- a/ethereum/contracts/zksync/Config.sol +++ b/ethereum/contracts/zksync/Config.sol @@ -6,7 +6,8 @@ pragma solidity ^0.8.13; bytes32 constant EMPTY_STRING_KECCAK = 0xc5d2460186f7233c927e7db2dcc703c0e500b653ca82273b7bfad8045d85a470; /// @dev Bytes in raw L2 log -/// @dev Equal to the bytes size of the tuple - (uint8 ShardId, bool isService, uint16 txNumberInBlock, address sender, bytes32 key, bytes32 value) +/// @dev Equal to the bytes size of the tuple - (uint8 ShardId, bool isService, uint16 txNumberInBlock, address sender, +/// bytes32 key, bytes32 value) uint256 constant L2_TO_L1_LOG_SERIALIZE_SIZE = 88; /// @dev The maximum length of the bytes array with L2 -> L1 logs @@ -48,7 +49,8 @@ uint256 constant SYSTEM_UPGRADE_L2_TX_TYPE = 254; uint256 constant PRIORITY_EXPIRATION = 0 days; /// @dev Notice period before activation preparation status of upgrade mode (in seconds) -/// @dev NOTE: we must reserve for users enough time to send full exit operation, wait maximum time for processing this operation and withdraw funds from it. +/// @dev NOTE: we must reserve for users enough time to send full exit operation, wait maximum time for processing this +/// operation and withdraw funds from it. uint256 constant UPGRADE_NOTICE_PERIOD = $$(defined(UPGRADE_NOTICE_PERIOD) ? UPGRADE_NOTICE_PERIOD : "14 days"); /// @dev Timestamp - seconds since unix epoch diff --git a/ethereum/contracts/zksync/DiamondInit.sol b/ethereum/contracts/zksync/DiamondInit.sol index e5dbeb866..c4e2ce350 100644 --- a/ethereum/contracts/zksync/DiamondInit.sol +++ b/ethereum/contracts/zksync/DiamondInit.sol @@ -27,7 +27,8 @@ contract DiamondInit is Base { /// @param _l2BootloaderBytecodeHash The hash of bootloader L2 bytecode /// @param _l2DefaultAccountBytecodeHash The hash of default account L2 bytecode /// @param _priorityTxMaxGasLimit maximum number of the L2 gas that a user can request for L1 -> L2 transactions - /// @return Magic 32 bytes, which indicates that the contract logic is expected to be used as a diamond proxy initializer + /// @return Magic 32 bytes, which indicates that the contract logic is expected to be used as a diamond proxy + /// initializer function initialize( IVerifier _verifier, address _governor, diff --git a/ethereum/contracts/zksync/Storage.sol b/ethereum/contracts/zksync/Storage.sol index 01160d53e..ba119ee54 100644 --- a/ethereum/contracts/zksync/Storage.sol +++ b/ethereum/contracts/zksync/Storage.sol @@ -16,10 +16,12 @@ enum UpgradeState { Shadow } -/// @dev Logically separated part of the storage structure, which is responsible for everything related to proxy upgrades and diamond cuts +/// @dev Logically separated part of the storage structure, which is responsible for everything related to proxy +/// upgrades and diamond cuts /// @param proposedUpgradeHash The hash of the current upgrade proposal, zero if there is no active proposal /// @param state Indicates whether an upgrade is initiated and if yes what type -/// @param securityCouncil Address which has the permission to approve instant upgrades (expected to be a Gnosis multisig) +/// @param securityCouncil Address which has the permission to approve instant upgrades (expected to be a Gnosis +/// multisig) /// @param approvedBySecurityCouncil Indicates whether the security council has approved the upgrade /// @param proposedUpgradeTimestamp The timestamp when the upgrade was proposed, zero if there are no active proposals /// @param currentProposalId The serial number of proposed upgrades, increments when proposing a new one @@ -33,7 +35,8 @@ struct UpgradeStorage { } /// @dev The log passed from L2 -/// @param l2ShardId The shard identifier, 0 - rollup, 1 - porter. All other values are not used but are reserved for the future +/// @param l2ShardId The shard identifier, 0 - rollup, 1 - porter. All other values are not used but are reserved for +/// the future /// @param isService A boolean flag that is part of the log along with `key`, `value`, and `sender` address. /// This field is required formally but does not have any special meaning. /// @param txNumberInBlock The L2 transaction number in a block, in which the log was sent @@ -84,7 +87,8 @@ struct AppStorage { mapping(address => bool) validators; /// @dev Verifier contract. Used to verify aggregated proof for blocks IVerifier verifier; - /// @notice Total number of executed blocks i.e. blocks[totalBlocksExecuted] points at the latest executed block (block 0 is genesis) + /// @notice Total number of executed blocks i.e. blocks[totalBlocksExecuted] points at the latest executed block + /// (block 0 is genesis) uint256 totalBlocksExecuted; /// @notice Total number of proved blocks i.e. blocks[totalBlocksProved] points at the latest proved block uint256 totalBlocksVerified; @@ -131,6 +135,7 @@ struct AppStorage { uint256 protocolVersion; /// @dev Hash of the system contract upgrade transaction. If 0, then no upgrade transaction needs to be done. bytes32 l2SystemContractsUpgradeTxHash; - /// @dev Block number where the upgrade transaction has happened. If 0, then no upgrade transaction has happened yet. + /// @dev Block number where the upgrade transaction has happened. If 0, then no upgrade transaction has + /// happened yet. uint256 l2SystemContractsUpgradeBlockNumber; } diff --git a/ethereum/contracts/zksync/ValidatorTimelock.sol b/ethereum/contracts/zksync/ValidatorTimelock.sol index 7d13f9d83..beadd53db 100644 --- a/ethereum/contracts/zksync/ValidatorTimelock.sol +++ b/ethereum/contracts/zksync/ValidatorTimelock.sol @@ -8,11 +8,12 @@ import "./interfaces/IExecutor.sol"; /// @author Matter Labs /// @notice Intermediate smart contract between the validator EOA account and the zkSync smart contract. /// @dev The primary purpose of this contract is to provide a trustless means of delaying block execution without -/// modifying the main zkSync contract. As such, even if this contract is compromised, it will not impact the main contract. +/// modifying the main zkSync contract. As such, even if this contract is compromised, it will not impact the main +/// contract. /// @dev zkSync actively monitors the chain activity and reacts to any suspicious activity by freezing the chain. /// This allows time for investigation and mitigation before resuming normal operations. -/// @dev The contract overloads all of the 4 methods, that are used in state transition. When the block is committed, the -/// timestamp is stored for it. Later, when the owner calls the block execution, the contract checks that block +/// @dev The contract overloads all of the 4 methods, that are used in state transition. When the block is committed, +/// the timestamp is stored for it. Later, when the owner calls the block execution, the contract checks that block /// was committed not earlier than X time ago. contract ValidatorTimelock is IExecutor, Ownable2Step { /// @dev Part of the IBase interface. Not used in this contract. @@ -36,12 +37,7 @@ contract ValidatorTimelock is IExecutor, Ownable2Step { /// @dev The delay between committing and executing blocks. uint256 public executionDelay; - constructor( - address _initialOwner, - address _zkSyncContract, - uint256 _executionDelay, - address _validator - ) { + constructor(address _initialOwner, address _zkSyncContract, uint256 _executionDelay, address _validator) { _transferOwnership(_initialOwner); zkSyncContract = _zkSyncContract; executionDelay = _executionDelay; diff --git a/ethereum/contracts/zksync/Verifier.sol b/ethereum/contracts/zksync/Verifier.sol index 32549d012..46d59468b 100644 --- a/ethereum/contracts/zksync/Verifier.sol +++ b/ethereum/contracts/zksync/Verifier.sol @@ -4,15 +4,19 @@ pragma solidity ^0.8.13; import "./interfaces/IVerifier.sol"; +/* solhint-disable max-line-length */ /// @author Matter Labs -/// @notice Modified version of the Permutations over Lagrange-bases for Oecumenical Noninteractive arguments of Knowledge (PLONK) verifier. +/// @notice Modified version of the Permutations over Lagrange-bases for Oecumenical Noninteractive arguments of +/// Knowledge (PLONK) verifier. /// Modifications have been made to optimize the proof system for zkSync Era circuits. -/// @dev It uses a custom memory layout inside the inline assembly block. Each reserved memory cell is declared in the constants below. +/// @dev It uses a custom memory layout inside the inline assembly block. Each reserved memory cell is declared in the +/// constants below. /// @dev For a better understanding of the verifier algorithm please refer to the following papers: /// * Original Plonk Article: https://eprint.iacr.org/2019/953.pdf /// * Original LookUp Article: https://eprint.iacr.org/2020/315.pdf /// * Plonk for zkSync v1.1: https://github.com/matter-labs/solidity_plonk_verifier/raw/recursive/bellman_vk_codegen_recursive/RecursivePlonkUnrolledForEthereum.pdf /// The notation used in the code is the same as in the papers. +/* solhint-enable max-line-length */ contract Verifier is IVerifier { /*////////////////////////////////////////////////////////////// Verification keys @@ -66,161 +70,163 @@ contract Verifier is IVerifier { uint256 internal constant VK_LOOKUP_TABLE_TYPE_X_SLOT = 0x200 + 0x4c0; uint256 internal constant VK_LOOKUP_TABLE_TYPE_Y_SLOT = 0x200 + 0x4e0; + uint256 internal constant VK_RECURSIVE_FLAG = 0x200 + 0x500; + /*////////////////////////////////////////////////////////////// Proof //////////////////////////////////////////////////////////////*/ - uint256 internal constant PROOF_PUBLIC_INPUT = 0x200 + 0x600 + 0x000; - - uint256 internal constant PROOF_STATE_POLYS_0_X_SLOT = 0x200 + 0x600 + 0x020; - uint256 internal constant PROOF_STATE_POLYS_0_Y_SLOT = 0x200 + 0x600 + 0x040; - uint256 internal constant PROOF_STATE_POLYS_1_X_SLOT = 0x200 + 0x600 + 0x060; - uint256 internal constant PROOF_STATE_POLYS_1_Y_SLOT = 0x200 + 0x600 + 0x080; - uint256 internal constant PROOF_STATE_POLYS_2_X_SLOT = 0x200 + 0x600 + 0x0a0; - uint256 internal constant PROOF_STATE_POLYS_2_Y_SLOT = 0x200 + 0x600 + 0x0c0; - uint256 internal constant PROOF_STATE_POLYS_3_X_SLOT = 0x200 + 0x600 + 0x0e0; - uint256 internal constant PROOF_STATE_POLYS_3_Y_SLOT = 0x200 + 0x600 + 0x100; - - uint256 internal constant PROOF_COPY_PERMUTATION_GRAND_PRODUCT_X_SLOT = 0x200 + 0x600 + 0x120; - uint256 internal constant PROOF_COPY_PERMUTATION_GRAND_PRODUCT_Y_SLOT = 0x200 + 0x600 + 0x140; - - uint256 internal constant PROOF_LOOKUP_S_POLY_X_SLOT = 0x200 + 0x600 + 0x160; - uint256 internal constant PROOF_LOOKUP_S_POLY_Y_SLOT = 0x200 + 0x600 + 0x180; - - uint256 internal constant PROOF_LOOKUP_GRAND_PRODUCT_X_SLOT = 0x200 + 0x600 + 0x1a0; - uint256 internal constant PROOF_LOOKUP_GRAND_PRODUCT_Y_SLOT = 0x200 + 0x600 + 0x1c0; - - uint256 internal constant PROOF_QUOTIENT_POLY_PARTS_0_X_SLOT = 0x200 + 0x600 + 0x1e0; - uint256 internal constant PROOF_QUOTIENT_POLY_PARTS_0_Y_SLOT = 0x200 + 0x600 + 0x200; - uint256 internal constant PROOF_QUOTIENT_POLY_PARTS_1_X_SLOT = 0x200 + 0x600 + 0x220; - uint256 internal constant PROOF_QUOTIENT_POLY_PARTS_1_Y_SLOT = 0x200 + 0x600 + 0x240; - uint256 internal constant PROOF_QUOTIENT_POLY_PARTS_2_X_SLOT = 0x200 + 0x600 + 0x260; - uint256 internal constant PROOF_QUOTIENT_POLY_PARTS_2_Y_SLOT = 0x200 + 0x600 + 0x280; - uint256 internal constant PROOF_QUOTIENT_POLY_PARTS_3_X_SLOT = 0x200 + 0x600 + 0x2a0; - uint256 internal constant PROOF_QUOTIENT_POLY_PARTS_3_Y_SLOT = 0x200 + 0x600 + 0x2c0; - - uint256 internal constant PROOF_STATE_POLYS_0_OPENING_AT_Z_SLOT = 0x200 + 0x600 + 0x2e0; - uint256 internal constant PROOF_STATE_POLYS_1_OPENING_AT_Z_SLOT = 0x200 + 0x600 + 0x300; - uint256 internal constant PROOF_STATE_POLYS_2_OPENING_AT_Z_SLOT = 0x200 + 0x600 + 0x320; - uint256 internal constant PROOF_STATE_POLYS_3_OPENING_AT_Z_SLOT = 0x200 + 0x600 + 0x340; - - uint256 internal constant PROOF_STATE_POLYS_3_OPENING_AT_Z_OMEGA_SLOT = 0x200 + 0x600 + 0x360; - uint256 internal constant PROOF_GATE_SELECTORS_0_OPENING_AT_Z_SLOT = 0x200 + 0x600 + 0x380; - - uint256 internal constant PROOF_COPY_PERMUTATION_POLYS_0_OPENING_AT_Z_SLOT = 0x200 + 0x600 + 0x3a0; - uint256 internal constant PROOF_COPY_PERMUTATION_POLYS_1_OPENING_AT_Z_SLOT = 0x200 + 0x600 + 0x3c0; - uint256 internal constant PROOF_COPY_PERMUTATION_POLYS_2_OPENING_AT_Z_SLOT = 0x200 + 0x600 + 0x3e0; - - uint256 internal constant PROOF_COPY_PERMUTATION_GRAND_PRODUCT_OPENING_AT_Z_OMEGA_SLOT = 0x200 + 0x600 + 0x400; - uint256 internal constant PROOF_LOOKUP_S_POLY_OPENING_AT_Z_OMEGA_SLOT = 0x200 + 0x600 + 0x420; - uint256 internal constant PROOF_LOOKUP_GRAND_PRODUCT_OPENING_AT_Z_OMEGA_SLOT = 0x200 + 0x600 + 0x440; - uint256 internal constant PROOF_LOOKUP_T_POLY_OPENING_AT_Z_SLOT = 0x200 + 0x600 + 0x460; - uint256 internal constant PROOF_LOOKUP_T_POLY_OPENING_AT_Z_OMEGA_SLOT = 0x200 + 0x600 + 0x480; - uint256 internal constant PROOF_LOOKUP_SELECTOR_POLY_OPENING_AT_Z_SLOT = 0x200 + 0x600 + 0x4a0; - uint256 internal constant PROOF_LOOKUP_TABLE_TYPE_POLY_OPENING_AT_Z_SLOT = 0x200 + 0x600 + 0x4c0; - uint256 internal constant PROOF_QUOTIENT_POLY_OPENING_AT_Z_SLOT = 0x200 + 0x600 + 0x4e0; - uint256 internal constant PROOF_LINEARISATION_POLY_OPENING_AT_Z_SLOT = 0x200 + 0x600 + 0x500; - - uint256 internal constant PROOF_OPENING_PROOF_AT_Z_X_SLOT = 0x200 + 0x600 + 0x520; - uint256 internal constant PROOF_OPENING_PROOF_AT_Z_Y_SLOT = 0x200 + 0x600 + 0x540; - uint256 internal constant PROOF_OPENING_PROOF_AT_Z_OMEGA_X_SLOT = 0x200 + 0x600 + 0x560; - uint256 internal constant PROOF_OPENING_PROOF_AT_Z_OMEGA_Y_SLOT = 0x200 + 0x600 + 0x580; - - uint256 internal constant PROOF_RECURSIVE_PART_P1_X_SLOT = 0x200 + 0x600 + 0x5a0; - uint256 internal constant PROOF_RECURSIVE_PART_P1_Y_SLOT = 0x200 + 0x600 + 0x5c0; - - uint256 internal constant PROOF_RECURSIVE_PART_P2_X_SLOT = 0x200 + 0x600 + 0x5e0; - uint256 internal constant PROOF_RECURSIVE_PART_P2_Y_SLOT = 0x200 + 0x600 + 0x600; + uint256 internal constant PROOF_PUBLIC_INPUT = 0x200 + 0x520 + 0x000; + + uint256 internal constant PROOF_STATE_POLYS_0_X_SLOT = 0x200 + 0x520 + 0x020; + uint256 internal constant PROOF_STATE_POLYS_0_Y_SLOT = 0x200 + 0x520 + 0x040; + uint256 internal constant PROOF_STATE_POLYS_1_X_SLOT = 0x200 + 0x520 + 0x060; + uint256 internal constant PROOF_STATE_POLYS_1_Y_SLOT = 0x200 + 0x520 + 0x080; + uint256 internal constant PROOF_STATE_POLYS_2_X_SLOT = 0x200 + 0x520 + 0x0a0; + uint256 internal constant PROOF_STATE_POLYS_2_Y_SLOT = 0x200 + 0x520 + 0x0c0; + uint256 internal constant PROOF_STATE_POLYS_3_X_SLOT = 0x200 + 0x520 + 0x0e0; + uint256 internal constant PROOF_STATE_POLYS_3_Y_SLOT = 0x200 + 0x520 + 0x100; + + uint256 internal constant PROOF_COPY_PERMUTATION_GRAND_PRODUCT_X_SLOT = 0x200 + 0x520 + 0x120; + uint256 internal constant PROOF_COPY_PERMUTATION_GRAND_PRODUCT_Y_SLOT = 0x200 + 0x520 + 0x140; + + uint256 internal constant PROOF_LOOKUP_S_POLY_X_SLOT = 0x200 + 0x520 + 0x160; + uint256 internal constant PROOF_LOOKUP_S_POLY_Y_SLOT = 0x200 + 0x520 + 0x180; + + uint256 internal constant PROOF_LOOKUP_GRAND_PRODUCT_X_SLOT = 0x200 + 0x520 + 0x1a0; + uint256 internal constant PROOF_LOOKUP_GRAND_PRODUCT_Y_SLOT = 0x200 + 0x520 + 0x1c0; + + uint256 internal constant PROOF_QUOTIENT_POLY_PARTS_0_X_SLOT = 0x200 + 0x520 + 0x1e0; + uint256 internal constant PROOF_QUOTIENT_POLY_PARTS_0_Y_SLOT = 0x200 + 0x520 + 0x200; + uint256 internal constant PROOF_QUOTIENT_POLY_PARTS_1_X_SLOT = 0x200 + 0x520 + 0x220; + uint256 internal constant PROOF_QUOTIENT_POLY_PARTS_1_Y_SLOT = 0x200 + 0x520 + 0x240; + uint256 internal constant PROOF_QUOTIENT_POLY_PARTS_2_X_SLOT = 0x200 + 0x520 + 0x260; + uint256 internal constant PROOF_QUOTIENT_POLY_PARTS_2_Y_SLOT = 0x200 + 0x520 + 0x280; + uint256 internal constant PROOF_QUOTIENT_POLY_PARTS_3_X_SLOT = 0x200 + 0x520 + 0x2a0; + uint256 internal constant PROOF_QUOTIENT_POLY_PARTS_3_Y_SLOT = 0x200 + 0x520 + 0x2c0; + + uint256 internal constant PROOF_STATE_POLYS_0_OPENING_AT_Z_SLOT = 0x200 + 0x520 + 0x2e0; + uint256 internal constant PROOF_STATE_POLYS_1_OPENING_AT_Z_SLOT = 0x200 + 0x520 + 0x300; + uint256 internal constant PROOF_STATE_POLYS_2_OPENING_AT_Z_SLOT = 0x200 + 0x520 + 0x320; + uint256 internal constant PROOF_STATE_POLYS_3_OPENING_AT_Z_SLOT = 0x200 + 0x520 + 0x340; + + uint256 internal constant PROOF_STATE_POLYS_3_OPENING_AT_Z_OMEGA_SLOT = 0x200 + 0x520 + 0x360; + uint256 internal constant PROOF_GATE_SELECTORS_0_OPENING_AT_Z_SLOT = 0x200 + 0x520 + 0x380; + + uint256 internal constant PROOF_COPY_PERMUTATION_POLYS_0_OPENING_AT_Z_SLOT = 0x200 + 0x520 + 0x3a0; + uint256 internal constant PROOF_COPY_PERMUTATION_POLYS_1_OPENING_AT_Z_SLOT = 0x200 + 0x520 + 0x3c0; + uint256 internal constant PROOF_COPY_PERMUTATION_POLYS_2_OPENING_AT_Z_SLOT = 0x200 + 0x520 + 0x3e0; + + uint256 internal constant PROOF_COPY_PERMUTATION_GRAND_PRODUCT_OPENING_AT_Z_OMEGA_SLOT = 0x200 + 0x520 + 0x400; + uint256 internal constant PROOF_LOOKUP_S_POLY_OPENING_AT_Z_OMEGA_SLOT = 0x200 + 0x520 + 0x420; + uint256 internal constant PROOF_LOOKUP_GRAND_PRODUCT_OPENING_AT_Z_OMEGA_SLOT = 0x200 + 0x520 + 0x440; + uint256 internal constant PROOF_LOOKUP_T_POLY_OPENING_AT_Z_SLOT = 0x200 + 0x520 + 0x460; + uint256 internal constant PROOF_LOOKUP_T_POLY_OPENING_AT_Z_OMEGA_SLOT = 0x200 + 0x520 + 0x480; + uint256 internal constant PROOF_LOOKUP_SELECTOR_POLY_OPENING_AT_Z_SLOT = 0x200 + 0x520 + 0x4a0; + uint256 internal constant PROOF_LOOKUP_TABLE_TYPE_POLY_OPENING_AT_Z_SLOT = 0x200 + 0x520 + 0x4c0; + uint256 internal constant PROOF_QUOTIENT_POLY_OPENING_AT_Z_SLOT = 0x200 + 0x520 + 0x4e0; + uint256 internal constant PROOF_LINEARISATION_POLY_OPENING_AT_Z_SLOT = 0x200 + 0x520 + 0x500; + + uint256 internal constant PROOF_OPENING_PROOF_AT_Z_X_SLOT = 0x200 + 0x520 + 0x520; + uint256 internal constant PROOF_OPENING_PROOF_AT_Z_Y_SLOT = 0x200 + 0x520 + 0x540; + uint256 internal constant PROOF_OPENING_PROOF_AT_Z_OMEGA_X_SLOT = 0x200 + 0x520 + 0x560; + uint256 internal constant PROOF_OPENING_PROOF_AT_Z_OMEGA_Y_SLOT = 0x200 + 0x520 + 0x580; + + uint256 internal constant PROOF_RECURSIVE_PART_P1_X_SLOT = 0x200 + 0x520 + 0x5a0; + uint256 internal constant PROOF_RECURSIVE_PART_P1_Y_SLOT = 0x200 + 0x520 + 0x5c0; + + uint256 internal constant PROOF_RECURSIVE_PART_P2_X_SLOT = 0x200 + 0x520 + 0x5e0; + uint256 internal constant PROOF_RECURSIVE_PART_P2_Y_SLOT = 0x200 + 0x520 + 0x600; /*////////////////////////////////////////////////////////////// Transcript slot //////////////////////////////////////////////////////////////*/ - uint256 internal constant TRANSCRIPT_BEGIN_SLOT = 0x200 + 0x600 + 0x620 + 0x00; - uint256 internal constant TRANSCRIPT_DST_BYTE_SLOT = 0x200 + 0x600 + 0x620 + 0x03; - uint256 internal constant TRANSCRIPT_STATE_0_SLOT = 0x200 + 0x600 + 0x620 + 0x04; - uint256 internal constant TRANSCRIPT_STATE_1_SLOT = 0x200 + 0x600 + 0x620 + 0x24; - uint256 internal constant TRANSCRIPT_CHALLENGE_SLOT = 0x200 + 0x600 + 0x620 + 0x44; + uint256 internal constant TRANSCRIPT_BEGIN_SLOT = 0x200 + 0x520 + 0x620 + 0x00; + uint256 internal constant TRANSCRIPT_DST_BYTE_SLOT = 0x200 + 0x520 + 0x620 + 0x03; + uint256 internal constant TRANSCRIPT_STATE_0_SLOT = 0x200 + 0x520 + 0x620 + 0x04; + uint256 internal constant TRANSCRIPT_STATE_1_SLOT = 0x200 + 0x520 + 0x620 + 0x24; + uint256 internal constant TRANSCRIPT_CHALLENGE_SLOT = 0x200 + 0x520 + 0x620 + 0x44; /*////////////////////////////////////////////////////////////// Partial verifier state //////////////////////////////////////////////////////////////*/ - uint256 internal constant STATE_ALPHA_SLOT = 0x200 + 0x600 + 0x620 + 0x80 + 0x000; - uint256 internal constant STATE_BETA_SLOT = 0x200 + 0x600 + 0x620 + 0x80 + 0x020; - uint256 internal constant STATE_GAMMA_SLOT = 0x200 + 0x600 + 0x620 + 0x80 + 0x040; - uint256 internal constant STATE_POWER_OF_ALPHA_2_SLOT = 0x200 + 0x600 + 0x620 + 0x80 + 0x060; - uint256 internal constant STATE_POWER_OF_ALPHA_3_SLOT = 0x200 + 0x600 + 0x620 + 0x80 + 0x080; - uint256 internal constant STATE_POWER_OF_ALPHA_4_SLOT = 0x200 + 0x600 + 0x620 + 0x80 + 0x0a0; - uint256 internal constant STATE_POWER_OF_ALPHA_5_SLOT = 0x200 + 0x600 + 0x620 + 0x80 + 0x0c0; - uint256 internal constant STATE_POWER_OF_ALPHA_6_SLOT = 0x200 + 0x600 + 0x620 + 0x80 + 0x0e0; - uint256 internal constant STATE_POWER_OF_ALPHA_7_SLOT = 0x200 + 0x600 + 0x620 + 0x80 + 0x100; - uint256 internal constant STATE_POWER_OF_ALPHA_8_SLOT = 0x200 + 0x600 + 0x620 + 0x80 + 0x120; - uint256 internal constant STATE_ETA_SLOT = 0x200 + 0x600 + 0x620 + 0x80 + 0x140; - uint256 internal constant STATE_BETA_LOOKUP_SLOT = 0x200 + 0x600 + 0x620 + 0x80 + 0x160; - uint256 internal constant STATE_GAMMA_LOOKUP_SLOT = 0x200 + 0x600 + 0x620 + 0x80 + 0x180; - uint256 internal constant STATE_BETA_PLUS_ONE_SLOT = 0x200 + 0x600 + 0x620 + 0x80 + 0x1a0; - uint256 internal constant STATE_BETA_GAMMA_PLUS_GAMMA_SLOT = 0x200 + 0x600 + 0x620 + 0x80 + 0x1c0; - uint256 internal constant STATE_V_SLOT = 0x200 + 0x600 + 0x620 + 0x80 + 0x1e0; - uint256 internal constant STATE_U_SLOT = 0x200 + 0x600 + 0x620 + 0x80 + 0x200; - uint256 internal constant STATE_Z_SLOT = 0x200 + 0x600 + 0x620 + 0x80 + 0x220; - uint256 internal constant STATE_Z_MINUS_LAST_OMEGA_SLOT = 0x200 + 0x600 + 0x620 + 0x80 + 0x240; - uint256 internal constant STATE_L_0_AT_Z_SLOT = 0x200 + 0x600 + 0x620 + 0x80 + 0x260; - uint256 internal constant STATE_L_N_MINUS_ONE_AT_Z_SLOT = 0x200 + 0x600 + 0x620 + 0x80 + 0x280; - uint256 internal constant STATE_Z_IN_DOMAIN_SIZE = 0x200 + 0x600 + 0x620 + 0x80 + 0x2a0; + uint256 internal constant STATE_ALPHA_SLOT = 0x200 + 0x520 + 0x620 + 0x80 + 0x000; + uint256 internal constant STATE_BETA_SLOT = 0x200 + 0x520 + 0x620 + 0x80 + 0x020; + uint256 internal constant STATE_GAMMA_SLOT = 0x200 + 0x520 + 0x620 + 0x80 + 0x040; + uint256 internal constant STATE_POWER_OF_ALPHA_2_SLOT = 0x200 + 0x520 + 0x620 + 0x80 + 0x060; + uint256 internal constant STATE_POWER_OF_ALPHA_3_SLOT = 0x200 + 0x520 + 0x620 + 0x80 + 0x080; + uint256 internal constant STATE_POWER_OF_ALPHA_4_SLOT = 0x200 + 0x520 + 0x620 + 0x80 + 0x0a0; + uint256 internal constant STATE_POWER_OF_ALPHA_5_SLOT = 0x200 + 0x520 + 0x620 + 0x80 + 0x0c0; + uint256 internal constant STATE_POWER_OF_ALPHA_6_SLOT = 0x200 + 0x520 + 0x620 + 0x80 + 0x0e0; + uint256 internal constant STATE_POWER_OF_ALPHA_7_SLOT = 0x200 + 0x520 + 0x620 + 0x80 + 0x100; + uint256 internal constant STATE_POWER_OF_ALPHA_8_SLOT = 0x200 + 0x520 + 0x620 + 0x80 + 0x120; + uint256 internal constant STATE_ETA_SLOT = 0x200 + 0x520 + 0x620 + 0x80 + 0x140; + uint256 internal constant STATE_BETA_LOOKUP_SLOT = 0x200 + 0x520 + 0x620 + 0x80 + 0x160; + uint256 internal constant STATE_GAMMA_LOOKUP_SLOT = 0x200 + 0x520 + 0x620 + 0x80 + 0x180; + uint256 internal constant STATE_BETA_PLUS_ONE_SLOT = 0x200 + 0x520 + 0x620 + 0x80 + 0x1a0; + uint256 internal constant STATE_BETA_GAMMA_PLUS_GAMMA_SLOT = 0x200 + 0x520 + 0x620 + 0x80 + 0x1c0; + uint256 internal constant STATE_V_SLOT = 0x200 + 0x520 + 0x620 + 0x80 + 0x1e0; + uint256 internal constant STATE_U_SLOT = 0x200 + 0x520 + 0x620 + 0x80 + 0x200; + uint256 internal constant STATE_Z_SLOT = 0x200 + 0x520 + 0x620 + 0x80 + 0x220; + uint256 internal constant STATE_Z_MINUS_LAST_OMEGA_SLOT = 0x200 + 0x520 + 0x620 + 0x80 + 0x240; + uint256 internal constant STATE_L_0_AT_Z_SLOT = 0x200 + 0x520 + 0x620 + 0x80 + 0x260; + uint256 internal constant STATE_L_N_MINUS_ONE_AT_Z_SLOT = 0x200 + 0x520 + 0x620 + 0x80 + 0x280; + uint256 internal constant STATE_Z_IN_DOMAIN_SIZE = 0x200 + 0x520 + 0x620 + 0x80 + 0x2a0; /*////////////////////////////////////////////////////////////// Queries //////////////////////////////////////////////////////////////*/ - uint256 internal constant QUERIES_BUFFER_POINT_SLOT = 0x200 + 0x600 + 0x620 + 0x80 + 0x2c0 + 0x00; + uint256 internal constant QUERIES_BUFFER_POINT_SLOT = 0x200 + 0x520 + 0x620 + 0x80 + 0x2c0 + 0x00; - uint256 internal constant QUERIES_AT_Z_0_X_SLOT = 0x200 + 0x600 + 0x620 + 0x80 + 0x2c0 + 0x40; - uint256 internal constant QUERIES_AT_Z_0_Y_SLOT = 0x200 + 0x600 + 0x620 + 0x80 + 0x2c0 + 0x60; - uint256 internal constant QUERIES_AT_Z_1_X_SLOT = 0x200 + 0x600 + 0x620 + 0x80 + 0x2c0 + 0x80; - uint256 internal constant QUERIES_AT_Z_1_Y_SLOT = 0x200 + 0x600 + 0x620 + 0x80 + 0x2c0 + 0xa0; + uint256 internal constant QUERIES_AT_Z_0_X_SLOT = 0x200 + 0x520 + 0x620 + 0x80 + 0x2c0 + 0x40; + uint256 internal constant QUERIES_AT_Z_0_Y_SLOT = 0x200 + 0x520 + 0x620 + 0x80 + 0x2c0 + 0x60; + uint256 internal constant QUERIES_AT_Z_1_X_SLOT = 0x200 + 0x520 + 0x620 + 0x80 + 0x2c0 + 0x80; + uint256 internal constant QUERIES_AT_Z_1_Y_SLOT = 0x200 + 0x520 + 0x620 + 0x80 + 0x2c0 + 0xa0; - uint256 internal constant QUERIES_T_POLY_AGGREGATED_X_SLOT = 0x200 + 0x600 + 0x620 + 0x80 + 0x2c0 + 0xc0; - uint256 internal constant QUERIES_T_POLY_AGGREGATED_Y_SLOT = 0x200 + 0x600 + 0x620 + 0x80 + 0x2c0 + 0xe0; + uint256 internal constant QUERIES_T_POLY_AGGREGATED_X_SLOT = 0x200 + 0x520 + 0x620 + 0x80 + 0x2c0 + 0xc0; + uint256 internal constant QUERIES_T_POLY_AGGREGATED_Y_SLOT = 0x200 + 0x520 + 0x620 + 0x80 + 0x2c0 + 0xe0; /*////////////////////////////////////////////////////////////// Aggregated commitment //////////////////////////////////////////////////////////////*/ - uint256 internal constant AGGREGATED_AT_Z_X_SLOT = 0x200 + 0x600 + 0x620 + 0x80 + 0x2c0 + 0x100 + 0x00; - uint256 internal constant AGGREGATED_AT_Z_Y_SLOT = 0x200 + 0x600 + 0x620 + 0x80 + 0x2c0 + 0x100 + 0x20; + uint256 internal constant AGGREGATED_AT_Z_X_SLOT = 0x200 + 0x520 + 0x620 + 0x80 + 0x2c0 + 0x100 + 0x00; + uint256 internal constant AGGREGATED_AT_Z_Y_SLOT = 0x200 + 0x520 + 0x620 + 0x80 + 0x2c0 + 0x100 + 0x20; - uint256 internal constant AGGREGATED_AT_Z_OMEGA_X_SLOT = 0x200 + 0x600 + 0x620 + 0x80 + 0x2c0 + 0x100 + 0x40; - uint256 internal constant AGGREGATED_AT_Z_OMEGA_Y_SLOT = 0x200 + 0x600 + 0x620 + 0x80 + 0x2c0 + 0x100 + 0x60; + uint256 internal constant AGGREGATED_AT_Z_OMEGA_X_SLOT = 0x200 + 0x520 + 0x620 + 0x80 + 0x2c0 + 0x100 + 0x40; + uint256 internal constant AGGREGATED_AT_Z_OMEGA_Y_SLOT = 0x200 + 0x520 + 0x620 + 0x80 + 0x2c0 + 0x100 + 0x60; - uint256 internal constant AGGREGATED_OPENING_AT_Z_SLOT = 0x200 + 0x600 + 0x620 + 0x80 + 0x2c0 + 0x100 + 0x80; - uint256 internal constant AGGREGATED_OPENING_AT_Z_OMEGA_SLOT = 0x200 + 0x600 + 0x620 + 0x80 + 0x2c0 + 0x100 + 0xa0; + uint256 internal constant AGGREGATED_OPENING_AT_Z_SLOT = 0x200 + 0x520 + 0x620 + 0x80 + 0x2c0 + 0x100 + 0x80; + uint256 internal constant AGGREGATED_OPENING_AT_Z_OMEGA_SLOT = 0x200 + 0x520 + 0x620 + 0x80 + 0x2c0 + 0x100 + 0xa0; /*////////////////////////////////////////////////////////////// Pairing data //////////////////////////////////////////////////////////////*/ - uint256 internal constant PAIRING_BUFFER_POINT_X_SLOT = 0x200 + 0x600 + 0x620 + 0x80 + 0x2c0 + 0x100 + 0xc0 + 0x00; - uint256 internal constant PAIRING_BUFFER_POINT_Y_SLOT = 0x200 + 0x600 + 0x620 + 0x80 + 0x2c0 + 0x100 + 0xc0 + 0x20; + uint256 internal constant PAIRING_BUFFER_POINT_X_SLOT = 0x200 + 0x520 + 0x620 + 0x80 + 0x2c0 + 0x100 + 0xc0 + 0x00; + uint256 internal constant PAIRING_BUFFER_POINT_Y_SLOT = 0x200 + 0x520 + 0x620 + 0x80 + 0x2c0 + 0x100 + 0xc0 + 0x20; uint256 internal constant PAIRING_PAIR_WITH_GENERATOR_X_SLOT = - 0x200 + 0x600 + 0x620 + 0x80 + 0x2c0 + 0x100 + 0xc0 + 0x40; + 0x200 + 0x520 + 0x620 + 0x80 + 0x2c0 + 0x100 + 0xc0 + 0x40; uint256 internal constant PAIRING_PAIR_WITH_GENERATOR_Y_SLOT = - 0x200 + 0x600 + 0x620 + 0x80 + 0x2c0 + 0x100 + 0xc0 + 0x60; + 0x200 + 0x520 + 0x620 + 0x80 + 0x2c0 + 0x100 + 0xc0 + 0x60; - uint256 internal constant PAIRING_PAIR_WITH_X_X_SLOT = 0x200 + 0x600 + 0x620 + 0x80 + 0x2c0 + 0x100 + 0x100 + 0x80; - uint256 internal constant PAIRING_PAIR_WITH_X_Y_SLOT = 0x200 + 0x600 + 0x620 + 0x80 + 0x2c0 + 0x100 + 0x100 + 0xa0; + uint256 internal constant PAIRING_PAIR_WITH_X_X_SLOT = 0x200 + 0x520 + 0x620 + 0x80 + 0x2c0 + 0x100 + 0x100 + 0x80; + uint256 internal constant PAIRING_PAIR_WITH_X_Y_SLOT = 0x200 + 0x520 + 0x620 + 0x80 + 0x2c0 + 0x100 + 0x100 + 0xa0; /*////////////////////////////////////////////////////////////// Slots for scalar multiplication optimizations //////////////////////////////////////////////////////////////*/ uint256 internal constant COPY_PERMUTATION_FIRST_AGGREGATED_COMMITMENT_COEFF = - 0x200 + 0x600 + 0x620 + 0x80 + 0x2c0 + 0x100 + 0x100 + 0xc0; + 0x200 + 0x520 + 0x620 + 0x80 + 0x2c0 + 0x100 + 0x100 + 0xc0; uint256 internal constant LOOKUP_GRAND_PRODUCT_FIRST_AGGREGATED_COMMITMENT_COEFF = - 0x200 + 0x600 + 0x620 + 0x80 + 0x2c0 + 0x100 + 0x100 + 0xe0; + 0x200 + 0x520 + 0x620 + 0x80 + 0x2c0 + 0x100 + 0x100 + 0xe0; uint256 internal constant LOOKUP_S_FIRST_AGGREGATED_COMMITMENT_COEFF = - 0x200 + 0x600 + 0x620 + 0x80 + 0x2c0 + 0x100 + 0x100 + 0x100; + 0x200 + 0x520 + 0x620 + 0x80 + 0x2c0 + 0x100 + 0x100 + 0x100; /*////////////////////////////////////////////////////////////// Constants @@ -239,7 +245,7 @@ contract Verifier is IVerifier { uint256 internal constant NON_RESIDUES_1 = 0x7; uint256 internal constant NON_RESIDUES_2 = 0xa; - // g2 elements + // trusted setup g2 elements uint256 internal constant G2_ELEMENTS_0_X1 = 0x198e9393920d483a7260bfb731fb5d25f1aa493335a9e71297e485b7aef312c2; uint256 internal constant G2_ELEMENTS_0_X2 = 0x1800deef121f1e76426a00665e5c4479674322d4f75edadd46debd5cd992f6ed; uint256 internal constant G2_ELEMENTS_0_Y1 = 0x090689d0585ff075ec9e99ad690c3395bc4b313370b38ef355acdadcd122975b; @@ -264,7 +270,8 @@ contract Verifier is IVerifier { } /// @notice Load verification keys to memory in runtime. - /// @dev The constants are loaded into memory in a specific layout declared in the constants starting from `VK_` prefix. + /// @dev The constants are loaded into memory in a specific layout declared in the constants starting from + /// `VK_` prefix. /// NOTE: Function may corrupt the memory state if some memory was used before this function was called. /// The VK consists of commitments to setup polynomials: /// [q_a], [q_b], [q_c], [q_d], - main gate setup commitments @@ -327,6 +334,9 @@ contract Verifier is IVerifier { // table type commitment mstore(VK_LOOKUP_TABLE_TYPE_X_SLOT, 0x2f85df2d6249ccbcc11b91727333cc800459de6ee274f29c657c8d56f6f01563) mstore(VK_LOOKUP_TABLE_TYPE_Y_SLOT, 0x088e1df178c47116a69c3c8f6d0c5feb530e2a72493694a623b1cceb7d44a76c) + + // flag for using recursive part + mstore(VK_RECURSIVE_FLAG, 0) } } @@ -342,7 +352,8 @@ contract Verifier is IVerifier { _loadVerificationKey(); // Begining of the big inline assembly block that makes all the verification work. - // Note: We use the custom memory layout, so the return value should be returned from the assembly, not Solidity code. + // Note: We use the custom memory layout, so the return value should be returned from the assembly, not + // Solidity code. assembly { /*////////////////////////////////////////////////////////////// Utils @@ -479,7 +490,8 @@ contract Verifier is IVerifier { /// @dev This function loads a zk-SNARK proof, ensures it's properly formatted, and stores it in memory. /// It ensures the number of inputs and the elliptic curve point's validity. - /// Note: It does NOT reject inputs that exceed these module sizes, but rather wraps them within the module bounds. + /// Note: It does NOT reject inputs that exceed these module sizes, but rather wraps them within the + /// module bounds. /// The proof consists of: /// 1. Public input: (1 field element from F_r) /// @@ -502,7 +514,7 @@ contract Verifier is IVerifier { /// s(x*omega), t(z*omega), table_type(z) - lookup argument polynomial openings /// r(z) - linearisation polynomial opening /// - /// 4. Recursive proof (2 elliptic curve points over F_q) + /// 4. Recursive proof (0 or 2 elliptic curve points over F_q) function loadProof() { // 1. Load public input let offset := calldataload(0x04) @@ -510,7 +522,7 @@ contract Verifier is IVerifier { let isValid := eq(publicInputLengthInWords, 1) // We expect only one public input mstore(PROOF_PUBLIC_INPUT, and(calldataload(add(offset, 0x24)), FR_MASK)) - // 2. Load the proof (except for the recursive part) + // 2. Load the proof offset := calldataload(0x24) let proofLengthInWords := calldataload(add(offset, 0x04)) isValid := and(eq(proofLengthInWords, 44), isValid) @@ -662,24 +674,33 @@ contract Verifier is IVerifier { // 3. Load the recursive part of the proof offset := calldataload(0x44) let recursiveProofLengthInWords := calldataload(add(offset, 0x04)) - isValid := and(eq(recursiveProofLengthInWords, 4), isValid) - // PROOF_RECURSIVE_PART_P1 - { - let x := mod(calldataload(add(offset, 0x024)), Q_MOD) - let y := mod(calldataload(add(offset, 0x044)), Q_MOD) - let xx := mulmod(x, x, Q_MOD) - isValid := and(eq(mulmod(y, y, Q_MOD), addmod(mulmod(x, xx, Q_MOD), 3, Q_MOD)), isValid) - mstore(PROOF_RECURSIVE_PART_P1_X_SLOT, x) - mstore(PROOF_RECURSIVE_PART_P1_Y_SLOT, y) + + switch mload(VK_RECURSIVE_FLAG) + case 0 { + // recursive part should be empty + isValid := and(iszero(recursiveProofLengthInWords), isValid) } - // PROOF_RECURSIVE_PART_P2 - { - let x := mod(calldataload(add(offset, 0x064)), Q_MOD) - let y := mod(calldataload(add(offset, 0x084)), Q_MOD) - let xx := mulmod(x, x, Q_MOD) - isValid := and(eq(mulmod(y, y, Q_MOD), addmod(mulmod(x, xx, Q_MOD), 3, Q_MOD)), isValid) - mstore(PROOF_RECURSIVE_PART_P2_X_SLOT, x) - mstore(PROOF_RECURSIVE_PART_P2_Y_SLOT, y) + default { + // recursive part should be consist of 2 points + isValid := and(eq(recursiveProofLengthInWords, 4), isValid) + // PROOF_RECURSIVE_PART_P1 + { + let x := mod(calldataload(add(offset, 0x024)), Q_MOD) + let y := mod(calldataload(add(offset, 0x044)), Q_MOD) + let xx := mulmod(x, x, Q_MOD) + isValid := and(eq(mulmod(y, y, Q_MOD), addmod(mulmod(x, xx, Q_MOD), 3, Q_MOD)), isValid) + mstore(PROOF_RECURSIVE_PART_P1_X_SLOT, x) + mstore(PROOF_RECURSIVE_PART_P1_Y_SLOT, y) + } + // PROOF_RECURSIVE_PART_P2 + { + let x := mod(calldataload(add(offset, 0x064)), Q_MOD) + let y := mod(calldataload(add(offset, 0x084)), Q_MOD) + let xx := mulmod(x, x, Q_MOD) + isValid := and(eq(mulmod(y, y, Q_MOD), addmod(mulmod(x, xx, Q_MOD), 3, Q_MOD)), isValid) + mstore(PROOF_RECURSIVE_PART_P2_X_SLOT, x) + mstore(PROOF_RECURSIVE_PART_P2_Y_SLOT, y) + } } // Revert if a proof is not valid @@ -842,10 +863,14 @@ contract Verifier is IVerifier { mstore(STATE_POWER_OF_ALPHA_8_SLOT, currentAlpha) } - let stateZ := mload(STATE_Z_SLOT) // z - mstore(STATE_L_0_AT_Z_SLOT, evaluateLagrangePolyOutOfDomain(0, stateZ)) // L_0(z) - mstore(STATE_L_N_MINUS_ONE_AT_Z_SLOT, evaluateLagrangePolyOutOfDomain(sub(DOMAIN_SIZE, 1), stateZ)) // L_{n-1}(z) - let stateT := mulmod(mload(STATE_L_0_AT_Z_SLOT), mload(PROOF_PUBLIC_INPUT), R_MOD) // L_0(z) * PI + // z + let stateZ := mload(STATE_Z_SLOT) + // L_0(z) + mstore(STATE_L_0_AT_Z_SLOT, evaluateLagrangePolyOutOfDomain(0, stateZ)) + // L_{n-1}(z) + mstore(STATE_L_N_MINUS_ONE_AT_Z_SLOT, evaluateLagrangePolyOutOfDomain(sub(DOMAIN_SIZE, 1), stateZ)) + // L_0(z) * PI + let stateT := mulmod(mload(STATE_L_0_AT_Z_SLOT), mload(PROOF_PUBLIC_INPUT), R_MOD) // Compute main gate contribution let result := mulmod(stateT, mload(PROOF_GATE_SELECTORS_0_OPENING_AT_Z_SLOT), R_MOD) @@ -1102,7 +1127,8 @@ contract Verifier is IVerifier { let l0AtZ := mload(STATE_L_0_AT_Z_SLOT) factor := addmod(factor, mulmod(l0AtZ, mload(STATE_POWER_OF_ALPHA_5_SLOT), R_MOD), R_MOD) - // Here we can optimize one scalar multiplication by aggregating coefficients near [z_perm] during computing [F] + // Here we can optimize one scalar multiplication by aggregating coefficients near [z_perm] during + // computing [F] // We will sum them and add and make one scalar multiplication: (coeff1 + coeff2) * [z_perm] factor := mulmod(factor, mload(STATE_V_SLOT), R_MOD) mstore(COPY_PERMUTATION_FIRST_AGGREGATED_COMMITMENT_COEFF, factor) @@ -1171,7 +1197,8 @@ contract Verifier is IVerifier { factor := mulmod(factor, mload(STATE_Z_MINUS_LAST_OMEGA_SLOT), R_MOD) factor := mulmod(factor, mload(STATE_V_SLOT), R_MOD) - // Here we can optimize one scalar multiplication by aggregating coefficients near [s] during computing [F] + // Here we can optimize one scalar multiplication by aggregating coefficients near [s] during + // computing [F] // We will sum them and add and make one scalar multiplication: (coeff1 + coeff2) * [s] mstore(LOOKUP_S_FIRST_AGGREGATED_COMMITMENT_COEFF, factor) @@ -1227,7 +1254,8 @@ contract Verifier is IVerifier { R_MOD ) - // Here we can optimize one scalar multiplication by aggregating coefficients near [z_lookup] during computing [F] + // Here we can optimize one scalar multiplication by aggregating coefficients near [z_lookup] during + // computing [F] // We will sum them and add and make one scalar multiplication: (coeff1 + coeff2) * [z_lookup] factor := mulmod(factor, mload(STATE_V_SLOT), R_MOD) mstore(LOOKUP_GRAND_PRODUCT_FIRST_AGGREGATED_COMMITMENT_COEFF, factor) @@ -1241,32 +1269,32 @@ contract Verifier is IVerifier { /// We use the formula: /// [D0] = [t_0] + z^n * [t_1] + z^{2n} * [t_2] + z^{3n} * [t_3] /// and - /// [D1] = main_gate_selector(z) * ( \ - /// a(z) * [q_a] + b(z) * [q_b] + c(z) * [q_c] + d(z) * [q_d] + | - main gate contribution - /// a(z) * b(z) * [q_ab] + a(z) * c(z) * [q_ac] + | - /// [q_const] + d(z*omega) * [q_{d_next}]) / + /// [D1] = main_gate_selector(z) * ( \ + /// a(z) * [q_a] + b(z) * [q_b] + c(z) * [q_c] + d(z) * [q_d] + | - main gate contribution + /// a(z) * b(z) * [q_ab] + a(z) * c(z) * [q_ac] + | + /// [q_const] + d(z*omega) * [q_{d_next}]) / /// - /// + alpha * [custom_gate_selector] * ( \ - /// (a(z)^2 - b(z)) + | - custom gate contribution - /// (b(z)^2 - c(z)) * alpha + | - /// (a(z)*c(z) - d(z)) * alpha^2 ) / + /// + alpha * [custom_gate_selector] * ( \ + /// (a(z)^2 - b(z)) + | - custom gate contribution + /// (b(z)^2 - c(z)) * alpha + | + /// (a(z)*c(z) - d(z)) * alpha^2 ) / /// - /// + alpha^4 * [z_perm] * \ - /// (a(z) + beta * z + gamma) * | - /// (b(z) + beta * z * k0 + gamma) * | - /// (c(z) + beta * z * k1 + gamma) * | - /// (d(z) + beta * z * k2 + gamma) | - permutation contribution - /// - alpha^4 * z_perm(z*omega) * beta * [sigma_3] * | - /// (a(z) + beta * sigma_0(z) + gamma) * | - /// (b(z) + beta * sigma_1(z) + gamma) * | - /// (c(z) + beta * sigma_2(z) + gamma) * | - /// + alpha^5 * L_0(z) * [z_perm] / + /// + alpha^4 * [z_perm] * \ + /// (a(z) + beta * z + gamma) * | + /// (b(z) + beta * z * k0 + gamma) * | + /// (c(z) + beta * z * k1 + gamma) * | + /// (d(z) + beta * z * k2 + gamma) | - permutation contribution + /// - alpha^4 * z_perm(z*omega) * beta * [sigma_3] * | + /// (a(z) + beta * sigma_0(z) + gamma) * | + /// (b(z) + beta * sigma_1(z) + gamma) * | + /// (c(z) + beta * sigma_2(z) + gamma) * | + /// + alpha^5 * L_0(z) * [z_perm] / /// - /// - alpha^6 * (1 + beta') * (gamma' + f(z)) * (z - omega^{n-1}) * \ - /// (gamma'(1 + beta') + t(z) + beta' * t(z*omega)) * [z_lookup] | - /// + alpha^6 * z_lookup(z*omega) * (z - omega^{n-1}) * [s] | - lookup contribution - /// + alpha^7 * L_0(z) * [z_lookup] | - /// + alpha^8 * L_{n-1}(z) * [z_lookup] / + /// - alpha^6 * (1 + beta') * (gamma' + f(z)) * (z - omega^{n-1}) * \ + /// (gamma'(1 + beta') + t(z) + beta' * t(z*omega)) * [z_lookup] | + /// + alpha^6 * z_lookup(z*omega) * (z - omega^{n-1}) * [s] | - lookup contribution + /// + alpha^7 * L_0(z) * [z_lookup] | + /// + alpha^8 * L_{n-1}(z) * [z_lookup] / function prepareQueries() { // Calculate [D0] { @@ -1587,6 +1615,7 @@ contract Verifier is IVerifier { /// where [F] and [E] were computed previously /// /// Also we need to check that e([P1], [x]_2) = e([P2], [1]_2) + /// if we have the recursive part of the proof /// where [P1] and [P2] are parts of the recursive proof /// /// We can aggregate both pairings into one for gas optimization: @@ -1617,10 +1646,12 @@ contract Verifier is IVerifier { pointMulAndAddIntoDest(PROOF_OPENING_PROOF_AT_Z_OMEGA_X_SLOT, u, PAIRING_PAIR_WITH_X_X_SLOT) pointNegate(PAIRING_PAIR_WITH_X_X_SLOT) - // Add recursive proof part - let uu := mulmod(u, u, R_MOD) - pointMulAndAddIntoDest(PROOF_RECURSIVE_PART_P1_X_SLOT, uu, PAIRING_PAIR_WITH_GENERATOR_X_SLOT) - pointMulAndAddIntoDest(PROOF_RECURSIVE_PART_P2_X_SLOT, uu, PAIRING_PAIR_WITH_X_X_SLOT) + // Add recursive proof part if needed + if mload(VK_RECURSIVE_FLAG) { + let uu := mulmod(u, u, R_MOD) + pointMulAndAddIntoDest(PROOF_RECURSIVE_PART_P1_X_SLOT, uu, PAIRING_PAIR_WITH_GENERATOR_X_SLOT) + pointMulAndAddIntoDest(PROOF_RECURSIVE_PART_P2_X_SLOT, uu, PAIRING_PAIR_WITH_X_X_SLOT) + } // Calculate pairing { diff --git a/ethereum/package.json b/ethereum/package.json index 211d2bc67..09ef8427f 100644 --- a/ethereum/package.json +++ b/ethereum/package.json @@ -35,10 +35,12 @@ "merkletreejs": "^0.2.32", "mocha": "^9.0.2", "path": "^0.12.7", - "prettier": "^1.18.2", - "prettier-plugin-solidity": "=1.0.0-dev.22", + "prettier": "^2.8.8", + "prettier-plugin-solidity": "^1.1.3", "querystring": "^0.2.0", "solc": "0.8.17", + "solhint": "^3.6.2", + "solhint-plugin-prettier": "^0.0.5", "solidity-coverage": "^0.8.2", "ts-generator": "^0.1.1", "ts-node": "^10.1.0", @@ -50,6 +52,10 @@ "clean": "hardhat clean", "test": "CONTRACT_TESTS=1 yarn hardhat test test/unit_tests/*.spec.ts --network hardhat", "test:fork": "CONTRACT_TESTS=1 TEST_CONTRACTS_FORK=1 yarn run hardhat test test/unit_tests/*.fork.ts --network hardhat", + "lint": "yarn lint:sol && yarn prettier:check", + "lint:sol": "solhint --max-warnings 29 contracts/**/*.sol", + "prettier:check": "prettier --check contracts/**/*.sol", + "prettier:write": "prettier --write contracts/**/*.sol", "deploy-no-build": "ts-node scripts/deploy.ts", "deploy-weth-bridges": "ts-node scripts/deploy-weth-bridges.ts", "initialize-weth-bridges": "ts-node scripts/initialize-weth-bridges.ts", diff --git a/ethereum/test/unit_tests/verifier.spec.ts b/ethereum/test/unit_tests/verifier.spec.ts index 71859681e..812d9a7c4 100644 --- a/ethereum/test/unit_tests/verifier.spec.ts +++ b/ethereum/test/unit_tests/verifier.spec.ts @@ -1,6 +1,6 @@ import * as hardhat from 'hardhat'; import { expect } from 'chai'; -import { VerifierTest, VerifierTestFactory } from '../../typechain'; +import { VerifierTest, VerifierRecursiveTest, VerifierTestFactory } from '../../typechain'; import { getCallRevertReason } from './utils'; import { ethers } from 'hardhat'; @@ -8,6 +8,209 @@ describe('Verifier test', function () { const Q_MOD = '21888242871839275222246405745257275088696311157297823662689037894645226208583'; const R_MOD = '21888242871839275222246405745257275088548364400416034343698204186575808495617'; + const PROOF = { + publicInputs: ['0x00461afd95c6bd5a38a01a995f5c292d19a816a139bbc78fc23321c3b8da6243'], + serializedProof: [ + '0x2b80ef6480b0c1a4ab9ccac1b1f5549d8d0e875e45f445599de5e1a88c3ccf25', + '0x173e23b955ea8f1972358bbeae3539d96e60494032faf3ada36fb3660f45d752', + '0x0579422893e75ebcf9ebfefd6bf80513bee55e16f0971779d774cca3227c11a3', + '0x257c35d228de381fa897042758ef80e4f29c84e8851878d12bae17d7700059e5', + '0x11cb7bc2927e1ffd32b7c0bf9b75e7f3f2915c33ca525bbb91a39d5ba9d050d1', + '0x0b396e2027a7e5cbffb8ef303560420c2ec2c25df1325b037208f61679596021', + '0x1d6feb9bfaf92d370a8041b1669fc901ac083c6f09d815df8e57e3bc0af529c6', + '0x1dd56a14ac384b74aab66e11dfeb36242a3d3c83c7fc11beed1ebb2d4b921aa3', + '0x07158e6a51b6354ab3355f298d5cc24948bddd48b0715eff52e0f135936536fc', + '0x18969b22583c701ef304d793e22d11a56ca9e5b08c20cd877b4fb142dfab852f', + '0x0c49d474877b03b231cb8aeb592728c93f6b5b62e357a4a77c7dd2818181fc43', + '0x186e08d590ce9937d193189a0c74890237df96ebc6593dc55b988eae74b9ea44', + '0x180772b6ef5bd078663a3ba77c3c997b0f9d6a62664a9aa35be4acfe5fd52acb', + '0x01e19ccd1fa25da95ce7799c6946a64eb12b04bb59fb31b0f48346e844ee06bb', + '0x0a991aee2dfdea382dd4ed65083c15004d812dcc6017aed812360c1a750f6994', + '0x2eba4d12e899bd433bc277127d3bb98997ea4953aa092705e185971c5bf95057', + '0x16ebb143325b1da3c88baf9f69a6911962c89cc34f364cb62f0db35e645baaa3', + '0x10a1806face2c2906455ac9060155bd648eb18f30a73f0d8214ef75683a2f015', + '0x2f153ebf44a9ebe05033a085c9c5a20ef002437420badd9723b59d9d9fed7666', + '0x054da7edbb7dd64940f64d5a46e6d2b70f8d16496657acf01d1bff905e70fe34', + '0x11a54b951c5f0120c00d6c0ad6b188f21c3d2b955ebea2578926eaf7b0607a34', + '0x2b5266f06d505e753e8ca5b9a4718f060ed1386313ef9c78b79f7f0474b3ecfc', + '0x202b9746f651068481021d43598dafcd8aa5e1c662de5baf24507cf8483e517f', + '0x0e4c150798976c5dbf261b2f50d43e2ae145eec6d63d361b79abdf5a875c7312', + '0x0d78beaef934700a7a3f63cc94f8ff11f056b770fc7f2e72f6cf2b7b29fb2298', + '0x26d892a58479bb3a147a7bfd8488ab1e6d97a89b647c886ace6d072134be3474', + '0x22ee472ea71eb002d8e3b35f93825ef831ab6d321eccc62ae4a1230449f05316', + '0x18b8f397a1a1db84ce0985252007c532c7d6f0454ef88a446180d6ab3b348321', + '0x0cbecff5b91f1da7dd1d440f7dd8c48726d7edd5cd119c8f2603fbfba03acd59', + '0x1f73e67e371a989ef56adc605ce4be99fb1a1200cdc9f15e1cbd9c825a400ed7', + '0x028667567deeadd469936a07962ba1c7215df0b9d27836cb1160088fc9e44b4c', + '0x17d4f2ed4b820a8222d2b839035ef0c26ee5ec8e8d2d1a7c16486e54240455cd', + '0x07a3089dc75c8035530c84d5067f481d42d2a095e9a8bb839c20909b5c978fcc', + '0x091c2be5555c05bb87116b667992af159e4ad0616c0ec7335570e26c6e627531', + '0x03c5e763840a185dbc363ed770645d8a0fef39736741848f12d90c3027d3fbfd', + '0x1f6e675ad9dd1cb9f92086111c47511f510e27c3632527d56c48be1c7b8a03e2', + '0x23aa0ab9bfb0e38ff029ba5a4cc6f4b8a1dde5b54b1db7435e22c9048ffa7029', + '0x19a6d569cc94a65fa3685ea1144db7415ceb1cabb11e267c35097dea637536d9', + '0x04dc0a7c7669340261725af51e4c32eb7f8968b163e70f0beccdf20bd7f771c1', + '0x1bf9dd4999e0e82da492c292fbb8287bcccd0cb3cd2f1de14f8b4a1592786715', + '0x257c2aa02452019ea981bc722f0777552be886772eea9a3bdf3257a1e3b75954', + '0x01b4dc62f39bdb3596ff653b6035e5fb17d278466ba4621a632962a7299523f1', + '0x0df615b627d9dd8e0d4d7f96c7e30f34d0cbda04c761c191d81cac19de41ccbd', + '0x1c22d1d281177a86617454edf488d6bb18c6a60222be2121091f4b18d4f5be92' + ], + recursiveAggregationInput: [] + }; + let verifier: VerifierTest; + + before(async function () { + const verifierFactory = await hardhat.ethers.getContractFactory('VerifierTest'); + const verifierContract = await verifierFactory.deploy(); + verifier = VerifierTestFactory.connect(verifierContract.address, verifierContract.signer); + }); + + it('Should verify proof', async () => { + // Call the verifier directly (though the call, not static call) to add the save the consumed gas into the statistic. + const calldata = verifier.interface.encodeFunctionData('verify', [ + PROOF.publicInputs, + PROOF.serializedProof, + PROOF.recursiveAggregationInput + ]); + await verifier.fallback({ data: calldata }); + + // Check that proof is verified + let result = await verifier.verify(PROOF.publicInputs, PROOF.serializedProof, PROOF.recursiveAggregationInput); + expect(result, 'proof verification failed').true; + }); + + describe('Should verify valid proof with fields values in non standard format', function () { + it('Public input with dirty bits over Fr mask', async () => { + let validProof = JSON.parse(JSON.stringify(PROOF)); + // Fill dirty bits + validProof.publicInputs[0] = ethers.BigNumber.from(validProof.publicInputs[0]) + .add('0xe000000000000000000000000000000000000000000000000000000000000000') + .toHexString(); + const result = await verifier.verify( + validProof.publicInputs, + validProof.serializedProof, + validProof.recursiveAggregationInput + ); + expect(result, 'proof verification failed').true; + }); + + it('Elliptic curve points over modulo', async () => { + let validProof = JSON.parse(JSON.stringify(PROOF)); + // Add modulo to points + validProof.serializedProof[0] = ethers.BigNumber.from(validProof.serializedProof[0]).add(Q_MOD); + validProof.serializedProof[1] = ethers.BigNumber.from(validProof.serializedProof[1]).add(Q_MOD).add(Q_MOD); + const result = await verifier.verify( + validProof.publicInputs, + validProof.serializedProof, + validProof.recursiveAggregationInput + ); + expect(result, 'proof verification failed').true; + }); + + it('Fr over modulo', async () => { + let validProof = JSON.parse(JSON.stringify(PROOF)); + // Add modulo to number + validProof.serializedProof[22] = ethers.BigNumber.from(validProof.serializedProof[22]).add(R_MOD); + const result = await verifier.verify( + validProof.publicInputs, + validProof.serializedProof, + validProof.recursiveAggregationInput + ); + expect(result, 'proof verification failed').true; + }); + }); + + describe('Should revert on invalid input', function () { + it('More than 1 public inputs', async () => { + let invalidProof = JSON.parse(JSON.stringify(PROOF)); + // Add one more public input to proof + invalidProof.publicInputs.push(invalidProof.publicInputs[0]); + const revertReason = await getCallRevertReason( + verifier.verify( + invalidProof.publicInputs, + invalidProof.serializedProof, + invalidProof.recursiveAggregationInput + ) + ); + expect(revertReason).equal('loadProof: Proof is invalid'); + }); + + it('Empty public inputs', async () => { + const revertReason = await getCallRevertReason( + verifier.verify([], PROOF.serializedProof, PROOF.recursiveAggregationInput) + ); + expect(revertReason).equal('loadProof: Proof is invalid'); + }); + + it('More than 44 words for proof', async () => { + let invalidProof = JSON.parse(JSON.stringify(PROOF)); + // Add one more "serialized proof" input + invalidProof.serializedProof.push(invalidProof.serializedProof[0]); + const revertReason = await getCallRevertReason( + verifier.verify( + invalidProof.publicInputs, + invalidProof.serializedProof, + invalidProof.recursiveAggregationInput + ) + ); + expect(revertReason).equal('loadProof: Proof is invalid'); + }); + + it('Empty serialized proof', async () => { + const revertReason = await getCallRevertReason( + verifier.verify(PROOF.publicInputs, [], PROOF.recursiveAggregationInput) + ); + expect(revertReason).equal('loadProof: Proof is invalid'); + }); + + it('Not empty recursive aggregation input', async () => { + let invalidProof = JSON.parse(JSON.stringify(PROOF)); + // Add one more "recursive aggregation input" value + invalidProof.recursiveAggregationInput.push(invalidProof.publicInputs[0]); + const revertReason = await getCallRevertReason( + verifier.verify( + invalidProof.publicInputs, + invalidProof.serializedProof, + invalidProof.recursiveAggregationInput + ) + ); + expect(revertReason).equal('loadProof: Proof is invalid'); + }); + + it('Elliptic curve point at infinity', async () => { + let invalidProof = JSON.parse(JSON.stringify(PROOF)); + // Change first point to point at infinity (encode as (0, 0) on EVM) + invalidProof.serializedProof[0] = ethers.constants.HashZero; + invalidProof.serializedProof[1] = ethers.constants.HashZero; + const revertReason = await getCallRevertReason( + verifier.verify( + invalidProof.publicInputs, + invalidProof.serializedProof, + invalidProof.recursiveAggregationInput + ) + ); + expect(revertReason).equal('loadProof: Proof is invalid'); + }); + }); + + it('Should failed with invalid public input', async () => { + const revertReason = await getCallRevertReason( + verifier.verify([ethers.constants.HashZero], PROOF.serializedProof, PROOF.recursiveAggregationInput) + ); + expect(revertReason).equal('invalid quotient evaluation'); + }); + + it('Should return correct Verification key hash', async () => { + const vksHash = await verifier.verificationKeyHash(); + expect(vksHash).equal('0x8a50c24dacf7e4d0e8cccb618261cbc775f7b8a2a1e5e794510b10ff42a49323'); + }); +}); + +describe('Verifier with recursive part test', function () { + const Q_MOD = '21888242871839275222246405745257275088696311157297823662689037894645226208583'; + const R_MOD = '21888242871839275222246405745257275088548364400416034343698204186575808495617'; + const PROOF = { publicInputs: ['0x00461afd95c6bd5a38a01a995f5c292d19a816a139bbc78fc23321c3b8da6243'], serializedProof: [ @@ -63,10 +266,10 @@ describe('Verifier test', function () { '0x0713c1371914ac18d7dced467a8a60eeca0f3d80a2cbd5dcc75abb6cbab39f39' ] }; - let verifier: VerifierTest; + let verifier: VerifierRecursiveTest; before(async function () { - const verifierFactory = await hardhat.ethers.getContractFactory('VerifierTest'); + const verifierFactory = await hardhat.ethers.getContractFactory('VerifierRecursiveTest'); const verifierContract = await verifierFactory.deploy(); verifier = VerifierTestFactory.connect(verifierContract.address, verifierContract.signer); }); diff --git a/ethereum/yarn.lock b/ethereum/yarn.lock index 3857bd63a..1a21d9160 100644 --- a/ethereum/yarn.lock +++ b/ethereum/yarn.lock @@ -2,6 +2,28 @@ # yarn lockfile v1 +"@babel/code-frame@^7.0.0": + version "7.22.13" + resolved "https://registry.yarnpkg.com/@babel/code-frame/-/code-frame-7.22.13.tgz#e3c1c099402598483b7a8c46a721d1038803755e" + integrity sha512-XktuhWlJ5g+3TJXc5upd9Ks1HutSArik6jf2eAjYFyIOf4ej3RN+184cZbzDvbPnuTJIUhPKKJE3cIsYTiAT3w== + dependencies: + "@babel/highlight" "^7.22.13" + chalk "^2.4.2" + +"@babel/helper-validator-identifier@^7.22.5": + version "7.22.15" + resolved "https://registry.yarnpkg.com/@babel/helper-validator-identifier/-/helper-validator-identifier-7.22.15.tgz#601fa28e4cc06786c18912dca138cec73b882044" + integrity sha512-4E/F9IIEi8WR94324mbDUMo074YTheJmd7eZF5vITTeYchqAi6sYXRLHUVsmkdmY4QjfKTcB2jB7dVP3NaBElQ== + +"@babel/highlight@^7.22.13": + version "7.22.13" + resolved "https://registry.yarnpkg.com/@babel/highlight/-/highlight-7.22.13.tgz#9cda839e5d3be9ca9e8c26b6dd69e7548f0cbf16" + integrity sha512-C/BaXcnnvBCmHTpz/VGZ8jgtE2aYlW4hxDhseJAWZb7gqGM/qtCK6iZUb0TyKFf7BOUsBH7Q7fkRsDRhg1XklQ== + dependencies: + "@babel/helper-validator-identifier" "^7.22.5" + chalk "^2.4.2" + js-tokens "^4.0.0" + "@colors/colors@1.5.0": version "1.5.0" resolved "https://registry.yarnpkg.com/@colors/colors/-/colors-1.5.0.tgz#bb504579c1cae923e6576a4f5da43d25f97bdbd9" @@ -887,13 +909,20 @@ resolved "https://registry.yarnpkg.com/@sindresorhus/is/-/is-4.6.0.tgz#3c7c9c46e678feefe7a2e5bb609d3dbd665ffb3f" integrity sha512-t09vSN3MdfsyCHoFcTRCH/iUtG7OJ0CsjzB8cjAmKc/va/kIgeDI/TxsigdncE/4be734m0cvIYwNaV4i2XqAw== -"@solidity-parser/parser@^0.14.0", "@solidity-parser/parser@^0.14.1", "@solidity-parser/parser@^0.14.2": +"@solidity-parser/parser@^0.14.0", "@solidity-parser/parser@^0.14.1": version "0.14.5" resolved "https://registry.yarnpkg.com/@solidity-parser/parser/-/parser-0.14.5.tgz#87bc3cc7b068e08195c219c91cd8ddff5ef1a804" integrity sha512-6dKnHZn7fg/iQATVEzqyUOyEidbn05q7YA2mQ9hC0MMXhhV3/JrsxmFSYZAcr7j1yUP700LLhTruvJ3MiQmjJg== dependencies: antlr4ts "^0.5.0-alpha.4" +"@solidity-parser/parser@^0.16.0": + version "0.16.1" + resolved "https://registry.yarnpkg.com/@solidity-parser/parser/-/parser-0.16.1.tgz#f7c8a686974e1536da0105466c4db6727311253c" + integrity sha512-PdhRFNhbTtu3x8Axm0uYpqOy/lODYQK+MlYSgqIsq2L8SFYEHJPHNUiOTAJbDGzNjjr1/n9AcIayxafR/fWmYw== + dependencies: + antlr4ts "^0.5.0-alpha.4" + "@szmarczak/http-timer@^1.1.2": version "1.1.2" resolved "https://registry.yarnpkg.com/@szmarczak/http-timer/-/http-timer-1.1.2.tgz#b1665e2c461a2cd92f4c1bbf50d5454de0d4b421" @@ -1257,7 +1286,7 @@ aggregate-error@^3.0.0: clean-stack "^2.0.0" indent-string "^4.0.0" -ajv@^6.12.3: +ajv@^6.12.3, ajv@^6.12.6: version "6.12.6" resolved "https://registry.yarnpkg.com/ajv/-/ajv-6.12.6.tgz#baf5a62e802b07d977034586f8c3baf5adf26df4" integrity sha512-j3fVLgvTo527anyYyJOGTYJbG+vnnQYvE0m5mmkc1TK+nxAppkCLMIL0aZ4dblVCNoGShhm+kzE4ZUykBoMg4g== @@ -1343,6 +1372,11 @@ ansi-styles@^4.0.0, ansi-styles@^4.1.0: dependencies: color-convert "^2.0.1" +antlr4@^4.11.0: + version "4.13.1" + resolved "https://registry.yarnpkg.com/antlr4/-/antlr4-4.13.1.tgz#1e0a1830a08faeb86217cb2e6c34716004e4253d" + integrity sha512-kiXTspaRYvnIArgE97z5YVVf/cDVQABr3abFRR6mE7yesLMkgu4ujuyV/sgxafQ8wgve0DJQUJ38Z8tkgA2izA== + antlr4@~4.8.0: version "4.8.0" resolved "https://registry.yarnpkg.com/antlr4/-/antlr4-4.8.0.tgz#f938ec171be7fc2855cd3a533e87647185b32b6a" @@ -1488,6 +1522,11 @@ assign-symbols@^1.0.0: resolved "https://registry.yarnpkg.com/assign-symbols/-/assign-symbols-1.0.0.tgz#59667f41fadd4f20ccbc2bb96b8d4f7f78ec0367" integrity sha512-Q+JC7Whu8HhmTdBph/Tq59IoRtoy6KAm5zzPv00WdujX82lbAL8K7WVjne7vdCsAmbF4AYaDOPyO3k0kl8qIrw== +ast-parents@^0.0.1: + version "0.0.1" + resolved "https://registry.yarnpkg.com/ast-parents/-/ast-parents-0.0.1.tgz#508fd0f05d0c48775d9eccda2e174423261e8dd3" + integrity sha512-XHusKxKz3zoYk1ic8Un640joHbFMhbqneyoZfoKnEGtf2ey9Uh/IdpcQplODdO/kENaMIWsD0nJm4+wX3UNLHA== + astral-regex@^2.0.0: version "2.0.0" resolved "https://registry.yarnpkg.com/astral-regex/-/astral-regex-2.0.0.tgz#483143c567aeed4785759c0865786dc77d7d2e31" @@ -2493,6 +2532,11 @@ call-bind@^1.0.0, call-bind@^1.0.2, call-bind@~1.0.2: function-bind "^1.1.1" get-intrinsic "^1.0.2" +callsites@^3.0.0: + version "3.1.0" + resolved "https://registry.yarnpkg.com/callsites/-/callsites-3.1.0.tgz#b3630abd8943432f54b3f0519238e33cd7df2f73" + integrity sha512-P8BjAsXvZS+VIDUI11hHCQEv74YT67YUi5JJFNWIqL235sBmjX4+qx9Muvls5ivyNENctx46xQLQ3aTuE7ssaQ== + camelcase@^3.0.0: version "3.0.0" resolved "https://registry.yarnpkg.com/camelcase/-/camelcase-3.0.0.tgz#32fc4b9fcdaf845fcdf7e73bb97cac2261f0ab0a" @@ -2818,6 +2862,11 @@ commander@3.0.2: resolved "https://registry.yarnpkg.com/commander/-/commander-3.0.2.tgz#6837c3fb677ad9933d1cfba42dd14d5117d6b39e" integrity sha512-Gar0ASD4BDyKC4hl4DwHqDrmvjoxWKZigVnAbn5H1owvm4CxCPdb0HQDehwNYMJpla5+M2tPmPARzhtYuwpHow== +commander@^10.0.0: + version "10.0.1" + resolved "https://registry.yarnpkg.com/commander/-/commander-10.0.1.tgz#881ee46b4f77d1c1dccc5823433aa39b022cbe06" + integrity sha512-y4Mg2tXshplEbSGzx7amzPwKKOCGuoSRP/CjEdwwk0FOGlUbq6lKuoyDZTNZkmxHdJtp54hdfY/JUrdL7Xfdug== + commander@^2.19.0: version "2.20.3" resolved "https://registry.yarnpkg.com/commander/-/commander-2.20.3.tgz#fd485e84c03eb4881c20722ba48035e8531aeb33" @@ -2927,6 +2976,16 @@ cors@^2.8.1: object-assign "^4" vary "^1" +cosmiconfig@^8.0.0: + version "8.3.6" + resolved "https://registry.yarnpkg.com/cosmiconfig/-/cosmiconfig-8.3.6.tgz#060a2b871d66dba6c8538ea1118ba1ac16f5fae3" + integrity sha512-kcZ6+W5QzcJ3P1Mt+83OUv/oHFqZHIx8DuxG6eZ5RGMERoLqp4BuGjhHLYGK+Kf5XVkQvqBSmAy/nGWN3qDgEA== + dependencies: + import-fresh "^3.3.0" + js-yaml "^4.1.0" + parse-json "^5.2.0" + path-type "^4.0.0" + crc-32@^1.2.0: version "1.2.2" resolved "https://registry.yarnpkg.com/crc-32/-/crc-32-1.2.2.tgz#3cad35a934b8bf71f25ca524b6da51fb7eace2ff" @@ -3331,11 +3390,6 @@ elliptic@6.5.4, elliptic@^6.4.0, elliptic@^6.5.2, elliptic@^6.5.3, elliptic@^6.5 minimalistic-assert "^1.0.1" minimalistic-crypto-utils "^1.0.1" -emoji-regex@^10.1.0: - version "10.2.1" - resolved "https://registry.yarnpkg.com/emoji-regex/-/emoji-regex-10.2.1.tgz#a41c330d957191efd3d9dfe6e1e8e1e9ab048b3f" - integrity sha512-97g6QgOk8zlDRdgq1WxwgTMgEWGVAQvB5Fdpgc1MkNy56la5SKP9GsMXKDOdqwn90/41a8yPwIGk1Y6WVbeMQA== - emoji-regex@^7.0.1: version "7.0.3" resolved "https://registry.yarnpkg.com/emoji-regex/-/emoji-regex-7.0.3.tgz#933a04052860c85e83c122479c4748a8e4c72156" @@ -3395,7 +3449,7 @@ errno@~0.1.1: dependencies: prr "~1.0.1" -error-ex@^1.2.0: +error-ex@^1.2.0, error-ex@^1.3.1: version "1.3.2" resolved "https://registry.yarnpkg.com/error-ex/-/error-ex-1.3.2.tgz#b4ac40648107fdcdcfae242f428bea8a14d4f1bf" integrity sha512-7dFHNmqeFSEt2ZBsCriorKnn3Z2pj+fd9kmI6QoWw4//DL+icEBfc0U7qJCisqrTsKTjw4fNFy2pW9OqStD84g== @@ -3545,7 +3599,7 @@ escape-string-regexp@1.0.5, escape-string-regexp@^1.0.2, escape-string-regexp@^1 resolved "https://registry.yarnpkg.com/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz#1b61c0562190a8dff6ae3bb2cf0200ca130b86d4" integrity sha512-vbRorB5FUQWvla16U8R/qgaFIya2qGzwDrNmCZuYKrbdSUMG6I1ZCGQRefkRVhuOkIGVne7BQ35DSfo1qvJqFg== -escape-string-regexp@4.0.0, escape-string-regexp@^4.0.0: +escape-string-regexp@4.0.0: version "4.0.0" resolved "https://registry.yarnpkg.com/escape-string-regexp/-/escape-string-regexp-4.0.0.tgz#14ba83a5d373e3d311e5afca29cf5bfad965bf34" integrity sha512-TtpcNJ3XAzx3Gq8sWRzJaVajRs0uVxA2YAkdb1jm2YkPz4G6egUFAyA3n5vtEIZefPk5Wa4UXbKuS5fKkJWdgA== @@ -4300,6 +4354,11 @@ fast-deep-equal@^3.1.1: resolved "https://registry.yarnpkg.com/fast-deep-equal/-/fast-deep-equal-3.1.3.tgz#3a7d56b559d6cbc3eb512325244e619a65c6c525" integrity sha512-f3qQ9oQy9j2AhBe/H9VC91wLmKBCCU/gDOnKNAYG5hswO7BLKj09Hc5HYNz9cGI++xlpDCIgDaitVs03ATR84Q== +fast-diff@^1.1.2, fast-diff@^1.2.0: + version "1.3.0" + resolved "https://registry.yarnpkg.com/fast-diff/-/fast-diff-1.3.0.tgz#ece407fa550a64d638536cd727e129c61616e0f0" + integrity sha512-VxPP4NqbUjj6MaAOafWeUn2cXWLcCtljklUtZf0Ind4XQ+QPtmA0b18zZy0jIQx+ExRVCR/ZQpBmik5lXshNsw== + fast-glob@^3.0.3: version "3.2.12" resolved "https://registry.yarnpkg.com/fast-glob/-/fast-glob-3.2.12.tgz#7f39ec99c2e6ab030337142da9e0c18f37afae80" @@ -4788,6 +4847,17 @@ glob@^7.0.0, glob@^7.1.2, glob@^7.1.3, glob@~7.2.3: once "^1.3.0" path-is-absolute "^1.0.0" +glob@^8.0.3: + version "8.1.0" + resolved "https://registry.yarnpkg.com/glob/-/glob-8.1.0.tgz#d388f656593ef708ee3e34640fdfb99a9fd1c33e" + integrity sha512-r8hpEjiQEYlF2QU0df3dS+nxxSIreXQS1qRhMJM0Q5NDdR386C7jb7Hwwod8Fgiuex+k0GFjgft18yvxm5XoCQ== + dependencies: + fs.realpath "^1.0.0" + inflight "^1.0.4" + inherits "2" + minimatch "^5.0.1" + once "^1.3.0" + global-modules@^2.0.0: version "2.0.0" resolved "https://registry.yarnpkg.com/global-modules/-/global-modules-2.0.0.tgz#997605ad2345f27f51539bea26574421215c7780" @@ -5232,7 +5302,7 @@ ieee754@^1.1.13, ieee754@^1.2.1: resolved "https://registry.yarnpkg.com/ieee754/-/ieee754-1.2.1.tgz#8eb7a10a63fff25d15a57b001586d177d1b0d352" integrity sha512-dcyqhDvX1C46lXZcVqCpK+FtMRQVdIMN6/Df5js2zouUsqG7I6sFxitIC+7KYK29KdXOLHdu9zL4sFnoVQnqaA== -ignore@^5.1.1: +ignore@^5.1.1, ignore@^5.2.4: version "5.2.4" resolved "https://registry.yarnpkg.com/ignore/-/ignore-5.2.4.tgz#a291c0c6178ff1b960befe47fcdec301674a6324" integrity sha512-MAb38BcSbH0eHNBxn7ql2NH/kX33OkB3lZ1BNdh7ENeRChHTYsTvWrMubiIAMNS2llXEEgZ1MUOBtXChP3kaFQ== @@ -5252,6 +5322,14 @@ immutable@^4.0.0-rc.12: resolved "https://registry.yarnpkg.com/immutable/-/immutable-4.2.2.tgz#2da9ff4384a4330c36d4d1bc88e90f9e0b0ccd16" integrity sha512-fTMKDwtbvO5tldky9QZ2fMX7slR0mYpY5nbnFWYp0fOzDhHqhgIw9KoYgxLWsoNTS9ZHGauHj18DTyEw6BK3Og== +import-fresh@^3.3.0: + version "3.3.0" + resolved "https://registry.yarnpkg.com/import-fresh/-/import-fresh-3.3.0.tgz#37162c25fcb9ebaa2e6e53d5b4d88ce17d9e0c2b" + integrity sha512-veYYhQa+D1QBKznvhUHxb8faxlrwUnxseDAbAp457E0wLNio2bOSKnjYDhMj+YiAq61xrMGhQk9iXVk5FzgQMw== + dependencies: + parent-module "^1.0.0" + resolve-from "^4.0.0" + indent-string@^4.0.0: version "4.0.0" resolved "https://registry.yarnpkg.com/indent-string/-/indent-string-4.0.0.tgz#624f8f4497d619b2d9768531d58f4122854d7251" @@ -5707,7 +5785,7 @@ js-sha3@0.8.0, js-sha3@^0.8.0: resolved "https://registry.yarnpkg.com/js-sha3/-/js-sha3-0.8.0.tgz#b9b7a5da73afad7dedd0f8c463954cbde6818840" integrity sha512-gF1cRrHhIzNfToc802P800N8PpXS+evLLXfsVpowqmAFR9uwbi89WvXg2QspOmXL8QL86J4T1EpFu+yUkwJY3Q== -"js-tokens@^3.0.0 || ^4.0.0": +"js-tokens@^3.0.0 || ^4.0.0", js-tokens@^4.0.0: version "4.0.0" resolved "https://registry.yarnpkg.com/js-tokens/-/js-tokens-4.0.0.tgz#19203fb59991df98e3a287050d4647cdeaf32499" integrity sha512-RdJUflcE3cUzKiMqQgsCu06FPu9UdIJO0beYbPhHN4k6apgJtifcoCtT9bcxOpYBtpD2kCM6Sbzg4CausW/PKQ== @@ -5733,7 +5811,7 @@ js-yaml@3.x: argparse "^1.0.7" esprima "^4.0.0" -js-yaml@4.1.0: +js-yaml@4.1.0, js-yaml@^4.1.0: version "4.1.0" resolved "https://registry.yarnpkg.com/js-yaml/-/js-yaml-4.1.0.tgz#c1fb65f8f5017901cdd2c951864ba18458a10602" integrity sha512-wpxZs9NoxZaJESJGIZTyDEaYpl0FKSA+FB9aJiyemKhMwkxQg63h4T1KJgUGHpTqPDNRcmmYLugrRjJlBtWvRA== @@ -5765,6 +5843,11 @@ json-buffer@3.0.1: resolved "https://registry.yarnpkg.com/json-buffer/-/json-buffer-3.0.1.tgz#9338802a30d3b6605fbe0613e094008ca8c05a13" integrity sha512-4bV5BfR2mqfQTJm+V5tPPdf+ZpuhiIvTuAB5g8kcrXOZpTT/QwwVRWBywX1ozr6lEuPdbHxwaJlm9G6mI2sfSQ== +json-parse-even-better-errors@^2.3.0: + version "2.3.1" + resolved "https://registry.yarnpkg.com/json-parse-even-better-errors/-/json-parse-even-better-errors-2.3.1.tgz#7c47805a94319928e05777405dc12e1f7a4ee02d" + integrity sha512-xyFwyhro/JEof6Ghe2iz2NcXoj2sloNsWr/XsERDK/oiPCfaNhl5ONfp+jQdAZRQQ0IJWNzH9zIZF7li91kh2w== + json-rpc-engine@^3.4.0, json-rpc-engine@^3.6.0: version "3.8.0" resolved "https://registry.yarnpkg.com/json-rpc-engine/-/json-rpc-engine-3.8.0.tgz#9d4ff447241792e1d0a232f6ef927302bb0c62a9" @@ -6142,6 +6225,11 @@ levn@~0.3.0: prelude-ls "~1.1.2" type-check "~0.3.2" +lines-and-columns@^1.1.6: + version "1.2.4" + resolved "https://registry.yarnpkg.com/lines-and-columns/-/lines-and-columns-1.2.4.tgz#eca284f75d2965079309dc0ad9255abb2ebc1632" + integrity sha512-7ylylesZQ/PV29jhEDl3Ufjo6ZX7gCqJr5F7PKrqc93v7fzSymt1BpwEU8nAUXs8qzzvqhbjhK5QZg6Mt/HkBg== + load-json-file@^1.0.0: version "1.1.0" resolved "https://registry.yarnpkg.com/load-json-file/-/load-json-file-1.1.0.tgz#956905708d58b4bab4c2261b04f59f31c99374c0" @@ -6555,6 +6643,13 @@ minimatch@5.0.1: dependencies: brace-expansion "^2.0.1" +minimatch@^5.0.1: + version "5.1.6" + resolved "https://registry.yarnpkg.com/minimatch/-/minimatch-5.1.6.tgz#1cfcb8cf5522ea69952cd2af95ae09477f122a96" + integrity sha512-lKwV/1brpG6mBUFHtb7NUmtABCb2WZZmm2wNiOA5hAb8VdCS4B3dtMWyvcoViccwAW/COERjXLt0zP1zXUN26g== + dependencies: + brace-expansion "^2.0.1" + minimist@^1.2.0, minimist@^1.2.5, minimist@^1.2.6, minimist@~1.2.6: version "1.2.7" resolved "https://registry.yarnpkg.com/minimist/-/minimist-1.2.7.tgz#daa1c4d91f507390437c6a8bc01078e7000c4d18" @@ -7193,6 +7288,13 @@ p-try@^2.0.0: resolved "https://registry.yarnpkg.com/p-try/-/p-try-2.2.0.tgz#cb2868540e313d61de58fafbe35ce9004d5540e6" integrity sha512-R4nPAVTAU0B9D35/Gk3uJf/7XYbQcyohSKdvAxIRSNghFl4e71hVoGnBNQz9cWaXxO2I10KTC+3jMdvvoKw6dQ== +parent-module@^1.0.0: + version "1.0.1" + resolved "https://registry.yarnpkg.com/parent-module/-/parent-module-1.0.1.tgz#691d2709e78c79fae3a156622452d00762caaaa2" + integrity sha512-GQ2EWRpQV8/o+Aw8YqtfZZPfNRWZYkbidE9k5rpl/hC3vtHHBfGm2Ifi6qWV+coDGkrUKZAxE3Lot5kcsRlh+g== + dependencies: + callsites "^3.0.0" + parse-asn1@^5.0.0, parse-asn1@^5.1.5: version "5.1.6" resolved "https://registry.yarnpkg.com/parse-asn1/-/parse-asn1-5.1.6.tgz#385080a3ec13cb62a62d39409cb3e88844cdaed4" @@ -7221,6 +7323,16 @@ parse-json@^2.2.0: dependencies: error-ex "^1.2.0" +parse-json@^5.2.0: + version "5.2.0" + resolved "https://registry.yarnpkg.com/parse-json/-/parse-json-5.2.0.tgz#c76fc66dee54231c962b22bcc8a72cf2f99753cd" + integrity sha512-ayCKvm/phCGxOkYRSCM82iDwct8/EonSEgCSxWxD7ve6jHggsFl4fZVQBPRNgQoKiuV/odhFrGzQXZwbifC8Rg== + dependencies: + "@babel/code-frame" "^7.0.0" + error-ex "^1.3.1" + json-parse-even-better-errors "^2.3.0" + lines-and-columns "^1.1.6" + parseurl@~1.3.3: version "1.3.3" resolved "https://registry.yarnpkg.com/parseurl/-/parseurl-1.3.3.tgz#9da19e7bee8d12dff0513ed5b76957793bc2e8d4" @@ -7381,6 +7493,11 @@ pinkie@^2.0.0: resolved "https://registry.yarnpkg.com/pinkie/-/pinkie-2.0.4.tgz#72556b80cfa0d48a974e80e77248e80ed4f7f870" integrity sha512-MnUuEycAemtSaeFSjXKW/aroV7akBbY+Sv+RkyqFjgAe73F+MR0TBWKBRDkmfWq/HiFmdavfZ1G7h4SPZXaCSg== +pluralize@^8.0.0: + version "8.0.0" + resolved "https://registry.yarnpkg.com/pluralize/-/pluralize-8.0.0.tgz#1a6fa16a38d12a1901e0320fa017051c539ce3b1" + integrity sha512-Nc3IT5yHzflTfbjgqWcCPpo7DaKy4FnpB0l/zCAW0Tc7jxAiuqSxHasntB3D7887LSrA93kDJ9IXovxJYxyLCA== + posix-character-classes@^0.1.0: version "0.1.1" resolved "https://registry.yarnpkg.com/posix-character-classes/-/posix-character-classes-0.1.1.tgz#01eac0fe3b5af71a2a6c02feabb8c1fef7e00eab" @@ -7406,28 +7523,32 @@ prepend-http@^2.0.0: resolved "https://registry.yarnpkg.com/prepend-http/-/prepend-http-2.0.0.tgz#e92434bfa5ea8c19f41cdfd401d741a3c819d897" integrity sha512-ravE6m9Atw9Z/jjttRUZ+clIXogdghyZAuWJ3qEzjT+jI/dL1ifAqhZeC5VHzQp1MSt1+jxKkFNemj/iO7tVUA== -prettier-plugin-solidity@=1.0.0-dev.22: - version "1.0.0-dev.22" - resolved "https://registry.yarnpkg.com/prettier-plugin-solidity/-/prettier-plugin-solidity-1.0.0-dev.22.tgz#08c07816884d17bd9171c073c2421559057230c3" - integrity sha512-0v+O2/sqq6WMlZ2TsnRBXaNmKF4zANn0uLLWuvNra4BjmKUtp33EZ4AVKB26fzWy14BkVGeJfPAtKry0x3SFfQ== +prettier-linter-helpers@^1.0.0: + version "1.0.0" + resolved "https://registry.yarnpkg.com/prettier-linter-helpers/-/prettier-linter-helpers-1.0.0.tgz#d23d41fe1375646de2d0104d3454a3008802cf7b" + integrity sha512-GbK2cP9nraSSUF9N2XwUwqfzlAFlMNYYl+ShE/V+H8a9uNl/oUqB1w2EL54Jh0OlyRSd8RfWYJ3coVS4TROP2w== dependencies: - "@solidity-parser/parser" "^0.14.2" - emoji-regex "^10.1.0" - escape-string-regexp "^4.0.0" - semver "^7.3.7" - solidity-comments-extractor "^0.0.7" - string-width "^4.2.3" + fast-diff "^1.1.2" -prettier@^1.18.2: - version "1.19.1" - resolved "https://registry.yarnpkg.com/prettier/-/prettier-1.19.1.tgz#f7d7f5ff8a9cd872a7be4ca142095956a60797cb" - integrity sha512-s7PoyDv/II1ObgQunCbB9PdLmUcBZcnWOcxDh7O0N/UwDEsHyqkW+Qh28jW+mVuCdx7gLB0BotYI1Y6uI9iyew== +prettier-plugin-solidity@^1.1.3: + version "1.1.3" + resolved "https://registry.yarnpkg.com/prettier-plugin-solidity/-/prettier-plugin-solidity-1.1.3.tgz#9a35124f578404caf617634a8cab80862d726cba" + integrity sha512-fQ9yucPi2sBbA2U2Xjh6m4isUTJ7S7QLc/XDDsktqqxYfTwdYKJ0EnnywXHwCGAaYbQNK+HIYPL1OemxuMsgeg== + dependencies: + "@solidity-parser/parser" "^0.16.0" + semver "^7.3.8" + solidity-comments-extractor "^0.0.7" prettier@^2.1.2: version "2.8.2" resolved "https://registry.yarnpkg.com/prettier/-/prettier-2.8.2.tgz#c4ea1b5b454d7c4b59966db2e06ed7eec5dfd160" integrity sha512-BtRV9BcncDyI2tsuS19zzhzoxD8Dh8LiCx7j7tHzrkz8GFXAexeWFdi22mjE1d16dftH2qNaytVxqiRTGlMfpw== +prettier@^2.8.3, prettier@^2.8.8: + version "2.8.8" + resolved "https://registry.yarnpkg.com/prettier/-/prettier-2.8.8.tgz#e8c5d7e98a4305ffe3de2e1fc4aca1a71c28b1da" + integrity sha512-tdN8qQGvNjw4CHbY+XXk0JgCXn9QiF21a55rBe5LJAU+kDyC4WQn4+awm2Xfk2lQMk5fKup9XgzTZtGkjBdP9Q== + private@^0.1.6, private@^0.1.8: version "0.1.8" resolved "https://registry.yarnpkg.com/private/-/private-0.1.8.tgz#2381edb3689f7a53d653190060fcf822d2f368ff" @@ -7894,6 +8015,11 @@ resolve-from@^3.0.0: resolved "https://registry.yarnpkg.com/resolve-from/-/resolve-from-3.0.0.tgz#b22c7af7d9d6881bc8b6e653335eebcb0a188748" integrity sha512-GnlH6vxLymXJNMBo7XP1fJIzBFbdYt49CuTwmB/6N53t+kMPRMFKz783LlQ4tv28XoQfMWinAJX6WCGf2IlaIw== +resolve-from@^4.0.0: + version "4.0.0" + resolved "https://registry.yarnpkg.com/resolve-from/-/resolve-from-4.0.0.tgz#4abcd852ad32dd7baabfe9b40e00a36db5f392e6" + integrity sha512-pb/MYmXstAkysRFx8piNI1tGFNQIFA3vkE3Gq4EuA1dF6gHp/+vgZqsCGJapvy8N3Q+4o7FwvquPJcnZ7RYy4g== + resolve-url@^0.2.1: version "0.2.1" resolved "https://registry.yarnpkg.com/resolve-url/-/resolve-url-0.2.1.tgz#2c637fe77c893afd2a663fe21aa9080068e2052a" @@ -8122,10 +8248,10 @@ semver@^7.3.4: dependencies: lru-cache "^6.0.0" -semver@^7.3.7: - version "7.3.8" - resolved "https://registry.yarnpkg.com/semver/-/semver-7.3.8.tgz#07a78feafb3f7b32347d725e33de7e2a2df67798" - integrity sha512-NB1ctGL5rlHrPJtFDVIVzTyQylMLu9N9VICA6HSFJo8MCGVTMW6gfpicwKmmK/dAjTOrqu5l63JJOpDSrAis3A== +semver@^7.3.8, semver@^7.5.2: + version "7.5.4" + resolved "https://registry.yarnpkg.com/semver/-/semver-7.5.4.tgz#483986ec4ed38e1c6c48c34894a9182dbff68a6e" + integrity sha512-1bCSESV6Pv+i21Hvpxp3Dx+pSD8lIPt8uVjRrxAUt/nbswYc+tK6Y2btiULjd4+fnq15PX+nqQDC7Oft7WkwcA== dependencies: lru-cache "^6.0.0" @@ -8383,6 +8509,38 @@ solc@^0.6.3: semver "^5.5.0" tmp "0.0.33" +solhint-plugin-prettier@^0.0.5: + version "0.0.5" + resolved "https://registry.yarnpkg.com/solhint-plugin-prettier/-/solhint-plugin-prettier-0.0.5.tgz#e3b22800ba435cd640a9eca805a7f8bc3e3e6a6b" + integrity sha512-7jmWcnVshIrO2FFinIvDQmhQpfpS2rRRn3RejiYgnjIE68xO2bvrYvjqVNfrio4xH9ghOqn83tKuTzLjEbmGIA== + dependencies: + prettier-linter-helpers "^1.0.0" + +solhint@^3.6.2: + version "3.6.2" + resolved "https://registry.yarnpkg.com/solhint/-/solhint-3.6.2.tgz#2b2acbec8fdc37b2c68206a71ba89c7f519943fe" + integrity sha512-85EeLbmkcPwD+3JR7aEMKsVC9YrRSxd4qkXuMzrlf7+z2Eqdfm1wHWq1ffTuo5aDhoZxp2I9yF3QkxZOxOL7aQ== + dependencies: + "@solidity-parser/parser" "^0.16.0" + ajv "^6.12.6" + antlr4 "^4.11.0" + ast-parents "^0.0.1" + chalk "^4.1.2" + commander "^10.0.0" + cosmiconfig "^8.0.0" + fast-diff "^1.2.0" + glob "^8.0.3" + ignore "^5.2.4" + js-yaml "^4.1.0" + lodash "^4.17.21" + pluralize "^8.0.0" + semver "^7.5.2" + strip-ansi "^6.0.1" + table "^6.8.1" + text-table "^0.2.0" + optionalDependencies: + prettier "^2.8.3" + solidity-comments-extractor@^0.0.7: version "0.0.7" resolved "https://registry.yarnpkg.com/solidity-comments-extractor/-/solidity-comments-extractor-0.0.7.tgz#99d8f1361438f84019795d928b931f4e5c39ca19" @@ -8792,7 +8950,7 @@ sync-rpc@^1.2.1: dependencies: get-port "^3.1.0" -table@^6.8.0: +table@^6.8.0, table@^6.8.1: version "6.8.1" resolved "https://registry.yarnpkg.com/table/-/table-6.8.1.tgz#ea2b71359fe03b017a5fbc296204471158080bdf" integrity sha512-Y4X9zqrCftUhMeH2EptSSERdVKt/nEdijTOacGD/97EKjhQ/Qs8RTlEGABSJNNN8lac9kheH+af7yAkEWlgneA== @@ -8850,6 +9008,11 @@ testrpc@0.0.1: resolved "https://registry.yarnpkg.com/testrpc/-/testrpc-0.0.1.tgz#83e2195b1f5873aec7be1af8cbe6dcf39edb7aed" integrity sha512-afH1hO+SQ/VPlmaLUFj2636QMeDvPCeQMc/9RBMW0IfjNe9gFD9Ra3ShqYkB7py0do1ZcCna/9acHyzTJ+GcNA== +text-table@^0.2.0: + version "0.2.0" + resolved "https://registry.yarnpkg.com/text-table/-/text-table-0.2.0.tgz#7f5ee823ae805207c00af2df4a84ec3fcfa570b4" + integrity sha512-N+8UisAXDGk8PFXP4HAzVR9nbfmVJ3zYLAWiTIoqC5v5isinhr+r5uaO8+7r3BMfuNIufIsA7RdpVgacC2cSpw== + then-request@^6.0.0: version "6.0.2" resolved "https://registry.yarnpkg.com/then-request/-/then-request-6.0.2.tgz#ec18dd8b5ca43aaee5cb92f7e4c1630e950d4f0c"