Skip to content

Commit

Permalink
StarkEx v4.0
Browse files Browse the repository at this point in the history
  • Loading branch information
@gkaempfer
gkaempfer committed Oct 14, 2021
1 parent f796eef commit 0efa9ce
Show file tree
Hide file tree
Showing 157 changed files with 20,115 additions and 6,300 deletions.
68 changes: 51 additions & 17 deletions common-contracts/src/upgrade/CallProxy.sol
View file
Original file line number Diff line number Diff line change
Expand Up @@ -24,23 +24,59 @@ import "../libraries/Common.sol";
The assumption is that if a different implementation is needed, it will be performed
in an upgradeTo a new deployed CallProxy, pointing to a new implementation.
*/
// NOLINTNEXTLINE locked-ether.
contract CallProxy is BlockDirectCall, StorageSlots {

using Addresses for address;

string public constant CALL_PROXY_VERSION = "3.0.0";
string public constant CALL_PROXY_VERSION = "3.1.0";

// Proxy client - initialize & isFrozen.
// NOLINTNEXTLINE: external-function.
function isFrozen() public pure returns(bool) {
function isFrozen() public pure returns (bool) {
return false;
}

/*
This function is called by the Proxy upon activating an implementation.
The data passed in to this function contains the implementation address,
and if applicable, an address of an EIC (ExternalInitializerContract) and its data.
The expected data format is as following:
Case I (no EIC):
data.length == 64.
[0 :32] implementation address
[32:64] Zero address.
Case II (EIC):
data length >= 64
[0 :32] implementation address
[32:64] EIC address
[64: ] EIC init data.
*/
function initialize(bytes calldata data) external notCalledDirectly {
require(data.length == 32, "INCORRECT_DATA_SIZE");
address impl = abi.decode(data, (address));
require(data.length >= 64, "INCORRECT_DATA_SIZE");
(address impl, address eic) = abi.decode(data, (address, address));
require(impl.isContract(), "ADDRESS_NOT_CONTRACT");
setCallProxyImplementation(impl);
if (eic != address(0x0)) {
callExternalInitializer(eic, data[64:]);
} else {
require(data.length == 64, "INVALID_INIT_DATA");
}
}

function callExternalInitializer(address externalInitializerAddr, bytes calldata eicData)
private
{
require(externalInitializerAddr.isContract(), "EIC_NOT_A_CONTRACT");

// NOLINTNEXTLINE: low-level-calls, controlled-delegatecall.
(bool success, bytes memory returndata) = externalInitializerAddr.delegatecall(
abi.encodeWithSelector(this.initialize.selector, eicData)
);
require(success, string(returndata));
require(returndata.length == 0, string(returndata));
}

/*
Expand All @@ -67,10 +103,7 @@ contract CallProxy is BlockDirectCall, StorageSlots {
An explicit isValid entry point, used to make isValid a part of the ABI and visible
on Etherscan (and alike).
*/
function isValid(bytes32 fact)
external view
returns(bool)
{
function isValid(bytes32 fact) external view returns (bool) {
return IFactRegistry(callProxyImplementation()).isValid(fact);
}

Expand All @@ -86,7 +119,8 @@ contract CallProxy is BlockDirectCall, StorageSlots {
Contract's default function. Pass execution to the implementation contract (using call).
It returns back to the external caller whatever the implementation called code returns.
*/
fallback() external payable { // NOLINT locked-ether.
fallback() external payable {
// NOLINT locked-ether.
address _implementation = callProxyImplementation();
require(_implementation != address(0x0), "MISSING_IMPLEMENTATION");
uint256 value = msg.value;
Expand All @@ -104,13 +138,13 @@ contract CallProxy is BlockDirectCall, StorageSlots {
returndatacopy(0, 0, returndatasize())

switch result
// delegatecall returns 0 on error.
case 0 {
revert(0, returndatasize())
}
default {
return(0, returndatasize())
}
// delegatecall returns 0 on error.
case 0 {
revert(0, returndatasize())
}
default {
return(0, returndatasize())
}
}
}
}
42 changes: 24 additions & 18 deletions evm-verifier/solidity/contracts/Fri.sol.ref
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,21 +11,21 @@ import "../../HornerEvaluator.sol";
by evaluating the fully committed polynomial, and requires specific handling.
*/
contract Fri is MemoryMap, MemoryAccessUtils, HornerEvaluator, FriLayer {

function verifyLastLayer(uint256[] memory ctx, uint256 nPoints)
internal view {
function verifyLastLayer(uint256[] memory ctx, uint256 nPoints) internal view {
uint256 friLastLayerDegBound = ctx[MM_FRI_LAST_LAYER_DEG_BOUND];
uint256 groupOrderMinusOne = friLastLayerDegBound * ctx[MM_BLOW_UP_FACTOR] - 1;
uint256 coefsStart = ctx[MM_FRI_LAST_LAYER_PTR];

for (uint256 i = 0; i < nPoints; i++) {
uint256 point = ctx[MM_FRI_QUEUE + 3*i + 2];
uint256 point = ctx[MM_FRI_QUEUE + 3 * i + 2];
// Invert point using inverse(point) == fpow(point, ord(point) - 1).

point = fpow(point, groupOrderMinusOne);
require(
hornerEval(coefsStart, point, friLastLayerDegBound) == ctx[MM_FRI_QUEUE + 3*i + 1],
"Bad Last layer value.");
hornerEval(coefsStart, point, friLastLayerDegBound) ==
ctx[MM_FRI_QUEUE + 3 * i + 1],
"Bad Last layer value."
);
}
}

Expand All @@ -40,15 +40,12 @@ contract Fri is MemoryMap, MemoryAccessUtils, HornerEvaluator, FriLayer {
ctx[mmFriQueue + 3*i + 2] = inverse(
fpow(layerGenerator, bitReverse(ctx[mmFriQueue + 3*i], logLayerSize)).
*/
function friVerifyLayers(
uint256[] memory ctx)
internal view virtual
{

function friVerifyLayers(uint256[] memory ctx) internal view virtual {
uint256 friCtx = getPtr(ctx, MM_FRI_CTX);
require(
MAX_SUPPORTED_MAX_FRI_STEP == FRI_MAX_FRI_STEP,
"Incosistent MAX_FRI_STEP between MemoryMap.sol and FriLayer.sol");
"Incosistent MAX_FRI_STEP between MemoryMap.sol and FriLayer.sol"
);
initFriGroups(friCtx);
// emit LogGas("FRI offset precomputation", gasleft());
uint256 channelPtr = getChannelPtr(ctx);
Expand All @@ -66,8 +63,8 @@ contract Fri is MemoryMap, MemoryAccessUtils, HornerEvaluator, FriLayer {
//
// The values in the proof are already multiplied by MontgomeryR,
// but the inputs from the OODS oracle need to be fixed.
for (uint256 i = 0; i < nLiveQueries; i++ ) {
ctx[MM_FRI_QUEUE + 3*i + 1] = fmul(ctx[MM_FRI_QUEUE + 3*i + 1], K_MONTGOMERY_R);
for (uint256 i = 0; i < nLiveQueries; i++) {
ctx[MM_FRI_QUEUE + 3 * i + 1] = fmul(ctx[MM_FRI_QUEUE + 3 * i + 1], K_MONTGOMERY_R);
}

uint256 friQueue = getPtr(ctx, MM_FRI_QUEUE);
Expand All @@ -78,8 +75,14 @@ contract Fri is MemoryMap, MemoryAccessUtils, HornerEvaluator, FriLayer {
uint256 friCosetSize = 2**friSteps[friStep];

nLiveQueries = computeNextLayer(
channelPtr, friQueue, merkleQueuePtr, nLiveQueries,
ctx[MM_FRI_EVAL_POINTS + friStep], friCosetSize, friCtx);
channelPtr,
friQueue,
merkleQueuePtr,
nLiveQueries,
ctx[MM_FRI_EVAL_POINTS + friStep],
friCosetSize,
friCtx
);

// emit LogGas(
// string(abi.encodePacked("FRI layer ", bytes1(uint8(48 + friStep)))), gasleft());
Expand All @@ -88,8 +91,11 @@ contract Fri is MemoryMap, MemoryAccessUtils, HornerEvaluator, FriLayer {
// ctx[mmMerkleQueue: merkleQueueIdx) holds the indices
// and values of the merkle leaves that need verification.
verifyMerkle(
channelPtr, merkleQueuePtr, bytes32(ctx[MM_FRI_COMMITMENTS + friStep - 1]),
nLiveQueries);
channelPtr,
merkleQueuePtr,
bytes32(ctx[MM_FRI_COMMITMENTS + friStep - 1]),
nLiveQueries
);

// emit LogGas(
// string(abi.encodePacked("Merkle of FRI layer ", bytes1(uint8(48 + friStep)))),
Expand Down
Loading

0 comments on commit 0efa9ce

Please sign in to comment.