Merge remote-tracking branch 'origin/develop' into feat/cancun

0xPolygonZero · Jun 27, 2024 · dfc733d · dfc733d
2 parents b7cea48 + 1cba914
commit dfc733d
Show file tree

Hide file tree

Showing 23 changed files with 1,724 additions and 121 deletions.
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -2,7 +2,7 @@ name: Continuous Integration
 
 on:
   push:
-    branches: [main]
+    branches: [develop, main]
   pull_request:
     branches:
       - "**"

diff --git a/.github/workflows/jerigon.yml b/.github/workflows/jerigon.yml
@@ -0,0 +1,85 @@
+name: Jerigon Integration
+
+on:
+  push:
+    branches: [develop, main]
+  pull_request:
+    branches:
+      - "**"
+  workflow_dispatch:
+    branches:
+      - "**"
+
+
+env:
+  CARGO_TERM_COLOR: always
+  REGISTRY: ghcr.io
+
+jobs:
+  test_jerigon_input_proving:
+    name: Test proof generation with jerigon input
+    runs-on: zero-ci
+    timeout-minutes: 40
+    if: "! contains(toJSON(github.event.commits.*.message), '[skip-ci]')"
+    steps:
+      - name: Checkout sources
+        uses: actions/checkout@v4
+
+      - name: Checkout test-jerigon-network sources
+        uses: actions/checkout@v4        
+        with:
+          repository: 0xPolygonZero/jerigon-test-network
+          path: test-jerigon-network
+
+      - name: Install nightly toolchain
+        uses: dtolnay/rust-toolchain@nightly
+
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v3        
+
+      - name: Login to GitHub Container Registry
+        uses: docker/login-action@v2
+        with:
+          registry: ${{ env.REGISTRY }}
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}        
+
+      - name: Set up rust cache
+        uses: Swatinem/rust-cache@v2
+        with:
+          cache-on-failure: true
+
+      - name: Run jerigon test network with docker compose
+        run: |
+          cd test-jerigon-network
+          docker-compose -f docker-compose.yml up -d
+          docker logs -f smart-contracts
+          echo "Jerigon network is up and running, ready for testing"
+
+      - name: Rpc test with curl
+        run: |
+            curl -X POST -H "Content-Type: application/json" --data '{"jsonrpc": "2.0", "method": "eth_blockNumber", "params": [], "id":83}' localhost:8545
+        env:
+            RUST_LOG: info
+
+      - name: Run prove blocks in test_only mode
+        run: |
+          cd zero_bin/tools
+          OUTPUT_TO_TERMINAL=true ./prove_rpc.sh 0x2 0x3 http://localhost:8546 jerigon true 0 0 test_only
+          echo "Proving blocks in test_only mode finished"
+
+
+      - name: Run prove blocks in real mode
+        run: |
+          cd zero_bin/tools
+          rm -rf proofs/* circuits/* ./proofs.json test.out verify.out leader.out
+          OUTPUT_TO_TERMINAL=true RUN_VERIFICATION=true ./prove_rpc.sh 0x4 0x5 http://localhost:8546 jerigon true
+          echo "Proving blocks in real mode finished"
+          
+      - name: Shut down network
+        run: |
+          cd test-jerigon-network
+          docker-compose -f docker-compose.yml down -v
+
+
+
diff --git a/.github/workflows/pr_checking.yml b/.github/workflows/pr_checking.yml
@@ -0,0 +1,56 @@
+name: PR check
+
+on:
+  pull_request:
+    types: [opened, reopened, synchronize]
+
+permissions:
+  pull-requests: write
+
+jobs:
+  pr_check:
+    name: Validate PR
+    runs-on: ubuntu-latest
+    steps:
+      - name: Set up keywords
+        id: setup_keywords
+        run: echo "RESTRICTED_KEYWORDS=$(echo '${{ secrets.RESTRICTED_KEYWORDS }}' | jq -r '.[]' | tr '\n' ' ')" >> $GITHUB_ENV
+
+      - name: Check for spam PR
+        id: check
+        run: |
+          # Initialize variables to track spam presence
+          title_is_spam=false
+          description_is_spam=false
+          
+          # Check title for spam
+          for keyword in $RESTRICTED_KEYWORDS; do
+            if echo "${{ github.event.pull_request.title }}" | grep -i -q "$keyword"; then
+              title_is_spam=true
+              break
+            fi
+          done
+
+          # Check description for spam
+          for keyword in $RESTRICTED_KEYWORDS; do
+            if echo "${{ github.event.pull_request.body }}" | grep -i -q "$keyword"; then
+              description_is_spam=true
+              break
+            fi
+          done
+
+          # Set the output based on the presence of spam
+          if [ "$title_is_spam" = true ] || [ "$description_is_spam" = true ]; then
+            echo "is_spam=true" >> $GITHUB_ENV
+          else
+            echo "is_spam=false" >> $GITHUB_ENV
+          fi
+
+      - name: Checkout repository
+        uses: actions/checkout@v4
+
+      - name: Close PR if spam are found and author is not a contributor or member
+        if: ${{ env.is_spam == 'true' && github.event.pull_request.author_association != 'CONTRIBUTOR' && github.event.pull_request.author_association != 'MEMBER' && github.event.pull_request.author_association != 'OWNER' }}
+        run: gh pr close ${{ github.event.pull_request.number }} --comment "Spam detected"
+        env:
+          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/Cargo.toml b/Cargo.toml
@@ -1,5 +1,6 @@
 [workspace]
 members = ["mpt_trie",
+    "smt_trie",
     "proof_gen",
     "trace_decoder",
     "evm_arithmetization",
@@ -42,7 +43,6 @@ bytes = "1.5.0"
 ciborium = "0.2.1"
 ciborium-io = "0.2.1"
 clap = { version = "4.4.6", features = ["derive", "env"] }
-__compat_primitive_types = "0.12.2"
 criterion = "0.5.1"
 dotenvy = "0.15.7"
 enum-as-inner = "0.6.0"
@@ -84,6 +84,7 @@ serde = "1.0.166"
 serde_json = "1.0.96"
 serde_path_to_error = "0.1.14"
 serde_with = "3.4.0"
+smt_trie = { path = "smt_trie", version = "0.1.0" }
 sha2 = "0.10.6"
 static_assertions = "1.1.0"
 thiserror = "1.0.49"

diff --git a/evm_arithmetization/src/cpu/decode.rs b/evm_arithmetization/src/cpu/decode.rs
@@ -148,9 +148,16 @@ pub(crate) fn eval_packed_generic<P: PackedField>(
             .sum()
     };
 
+    // Manually check that the fp254 operations are kernel-only instructions.
+    yield_constr.constraint((kernel_mode - P::ONES) * lv.op.fp254_op);
+
+    // Manually check that SUBMOD is a kernel-only instruction. SUBMOD is
+    // differentiated by its second bit set to 1.
+    yield_constr.constraint(lv.op.ternary_op * lv.opcode_bits[1] * (kernel_mode - P::ONES));
+
     // Manually check lv.op.m_op_constr
     let opcode = opcode_high_bits(8);
-    yield_constr.constraint((P::ONES - kernel_mode) * lv.op.m_op_general);
+    yield_constr.constraint((kernel_mode - P::ONES) * lv.op.m_op_general);
 
     let m_op_constr = (opcode - P::Scalar::from_canonical_usize(0xfb_usize))
         * (opcode - P::Scalar::from_canonical_usize(0xfc_usize))
@@ -161,7 +168,7 @@ pub(crate) fn eval_packed_generic<P: PackedField>(
     // KECCAK_GENERAL is a kernel-only instruction, but not JUMPDEST.
     // JUMPDEST is differentiated from KECCAK_GENERAL by its second bit set to 1.
     yield_constr.constraint(
-        (P::ONES - kernel_mode) * lv.op.jumpdest_keccak_general * (P::ONES - lv.opcode_bits[1]),
+        (kernel_mode - P::ONES) * lv.op.jumpdest_keccak_general * (P::ONES - lv.opcode_bits[1]),
     );
 
     // Check the JUMPDEST and KERNEL_GENERAL opcodes.
@@ -190,7 +197,7 @@ pub(crate) fn eval_packed_generic<P: PackedField>(
 
     // Manually check lv.op.m_op_32bytes.
     // Both are kernel-only.
-    yield_constr.constraint((P::ONES - kernel_mode) * lv.op.m_op_32bytes);
+    yield_constr.constraint((kernel_mode - P::ONES) * lv.op.m_op_32bytes);
 
     // Check the MSTORE_32BYTES and MLOAD-32BYTES opcodes.
     let opcode_high_three = opcode_high_bits(3);
@@ -205,7 +212,7 @@ pub(crate) fn eval_packed_generic<P: PackedField>(
         * (opcode_high_three - P::Scalar::from_canonical_usize(0x60_usize))
         * lv.op.push_prover_input;
     yield_constr.constraint(push_prover_input_constr);
-    let prover_input_constr = lv.op.push_prover_input * lv.opcode_bits[7] * (P::ONES - kernel_mode);
+    let prover_input_constr = lv.op.push_prover_input * lv.opcode_bits[7] * (kernel_mode - P::ONES);
     yield_constr.constraint(prover_input_constr);
 }
 
@@ -303,15 +310,23 @@ pub(crate) fn eval_ext_circuit<F: RichField + Extendable<D>, const D: usize>(
         yield_constr.constraint(builder, constr);
     }
 
+    // Manually check that the fp254 operations are kernel-only instructions.
+    let constr = builder.mul_sub_extension(kernel_mode, lv.op.fp254_op, lv.op.fp254_op);
+    yield_constr.constraint(builder, constr);
+
+    // Manually check that SUBMOD is a kernel-only instruction. SUBMOD is
+    // differentiated by its second bit set to 1.
+    let submod_op = builder.mul_extension(lv.op.ternary_op, lv.opcode_bits[1]);
+    let constr = builder.mul_sub_extension(kernel_mode, submod_op, submod_op);
+    yield_constr.constraint(builder, constr);
+
     // Manually check lv.op.m_op_constr
     let opcode = opcode_high_bits_circuit(builder, lv, 8);
 
     let mload_opcode = builder.constant_extension(F::Extension::from_canonical_usize(0xfb_usize));
     let mstore_opcode = builder.constant_extension(F::Extension::from_canonical_usize(0xfc_usize));
 
-    let one_extension = builder.constant_extension(F::Extension::ONE);
-    let is_not_kernel_mode = builder.sub_extension(one_extension, kernel_mode);
-    let constr = builder.mul_extension(is_not_kernel_mode, lv.op.m_op_general);
+    let constr = builder.mul_sub_extension(kernel_mode, lv.op.m_op_general, lv.op.m_op_general);
     yield_constr.constraint(builder, constr);
 
     let mload_constr = builder.sub_extension(opcode, mload_opcode);
@@ -333,7 +348,8 @@ pub(crate) fn eval_ext_circuit<F: RichField + Extendable<D>, const D: usize>(
     let mut kernel_general_filter = builder.sub_extension(one, lv.opcode_bits[1]);
     kernel_general_filter =
         builder.mul_extension(lv.op.jumpdest_keccak_general, kernel_general_filter);
-    let constr = builder.mul_extension(is_not_kernel_mode, kernel_general_filter);
+    let constr =
+        builder.mul_sub_extension(kernel_mode, kernel_general_filter, kernel_general_filter);
     yield_constr.constraint(builder, constr);
 
     // Check the JUMPDEST and KERNEL_GENERAL opcodes.
@@ -374,7 +390,7 @@ pub(crate) fn eval_ext_circuit<F: RichField + Extendable<D>, const D: usize>(
 
     // Manually check lv.op.m_op_32bytes.
     // Both are kernel-only.
-    let constr = builder.mul_extension(is_not_kernel_mode, lv.op.m_op_32bytes);
+    let constr = builder.mul_sub_extension(kernel_mode, lv.op.m_op_32bytes, lv.op.m_op_32bytes);
     yield_constr.constraint(builder, constr);
 
     // Check the MSTORE_32BYTES and MLOAD-32BYTES opcodes.
@@ -401,7 +417,8 @@ pub(crate) fn eval_ext_circuit<F: RichField + Extendable<D>, const D: usize>(
     let push_prover_input_constr =
         builder.mul_many_extension([lv.op.push_prover_input, prover_input_constr, push_constr]);
     yield_constr.constraint(builder, push_prover_input_constr);
+
     let prover_input_filter = builder.mul_extension(lv.op.push_prover_input, lv.opcode_bits[7]);
-    let constr = builder.mul_extension(prover_input_filter, is_not_kernel_mode);
+    let constr = builder.mul_sub_extension(kernel_mode, prover_input_filter, prover_input_filter);
     yield_constr.constraint(builder, constr);
 }
diff --git a/evm_arithmetization/src/cpu/kernel/asm/core/terminate.asm b/evm_arithmetization/src/cpu/kernel/asm/core/terminate.asm
@@ -109,9 +109,36 @@ global sys_selfdestruct:
     %add_eth
 
 sys_selfdestruct_journal_add:
+    // stack: address, recipient, balance, kexit_info
+    DUP3 ISZERO
+
+    // If balance is 0, we didn't perform any transfer. Hence, the recipient
+    // may not exist, and we need to verify this before adding a new journal entry.
+
+    // stack: balance=0, address, recipient, balance, kexit_info
+    %jumpi(skip_journal_entry_if_nonexistent)
+
+sys_selfdestruct_journal_add_after_check:
     // stack: address, recipient, balance, kexit_info
     %journal_add_account_destroyed
+    %jump(sys_selfdestruct_exit)
+
+skip_journal_entry_if_nonexistent:
+    // stack: address, recipient, balance, kexit_info
+    DUP2 %is_non_existent
+
+    // If the account doesn't exist, there is no need to add a journal entry.
+    // stack: recipient_is_non_existent, address, recipient, balance, kexit_info
+    %jumpi(skip_journal_entry)
+
+    // stack: address, recipient, balance, kexit_info
+    %jump(sys_selfdestruct_journal_add_after_check)
+
+skip_journal_entry:
+    // stack: address, recipient, balance, kexit_info
+    %pop3
 
+sys_selfdestruct_exit:
     // stack: kexit_info
     %leftover_gas
     // stack: leftover_gas

diff --git a/evm_arithmetization/src/cpu/kernel/asm/core/transfer.asm b/evm_arithmetization/src/cpu/kernel/asm/core/transfer.asm
@@ -65,6 +65,9 @@ global deduct_eth_insufficient_balance:
 global add_eth:
     // stack: addr, amount, retdest
     DUP1 %insert_touched_addresses
+    // stack: addr, amount, retdest
+    DUP2 ISZERO %jumpi(add_eth_zero_amount)
+    // stack: addr, amount, retdest
     DUP1 %mpt_read_state_trie
     // stack: account_ptr, addr, amount, retdest
     DUP1 ISZERO %jumpi(add_eth_new_account) // If the account pointer is null, we need to create the account.
@@ -84,7 +87,6 @@ global add_eth_new_account:
     // stack: null_account_ptr, addr, amount, retdest
     POP
     // stack: addr, amount, retdest
-    DUP2 ISZERO %jumpi(add_eth_new_account_zero)
     DUP1 PUSH 0
     // stack: is_eoa, addr, addr, amount, retdest
     %journal_add_account_created
@@ -102,7 +104,7 @@ global add_eth_new_account:
     // stack: key, new_account_ptr, retdest
     %jump(mpt_insert_state_trie)
 
-add_eth_new_account_zero:
+add_eth_zero_amount:
     // stack: addr, amount, retdest
     %pop2 JUMP