From 01b82f794397e26597198810d1f51d71e32ee501 Mon Sep 17 00:00:00 2001 From: KimiWu Date: Thu, 4 Jan 2024 15:32:53 +0800 Subject: [PATCH] feat: support ecrecover oog case --- .../circuit_input_builder/input_state_ref.rs | 1 - .../execution/error_oog_precompile.rs | 9 +++++---- .../execution/precompiles/ecrecover.rs | 17 +++++++++-------- 3 files changed, 14 insertions(+), 13 deletions(-) diff --git a/bus-mapping/src/circuit_input_builder/input_state_ref.rs b/bus-mapping/src/circuit_input_builder/input_state_ref.rs index 17fda5d2948..164f4ec72f5 100644 --- a/bus-mapping/src/circuit_input_builder/input_state_ref.rs +++ b/bus-mapping/src/circuit_input_builder/input_state_ref.rs @@ -1619,7 +1619,6 @@ impl<'a> CircuitInputStateRef<'a> { PrecompileCalls::Sha256 | PrecompileCalls::Ripemd160 | PrecompileCalls::Blake2F - | PrecompileCalls::Ecrecover | PrecompileCalls::Bn128Add | PrecompileCalls::Bn128Mul | PrecompileCalls::Bn128Pairing diff --git a/zkevm-circuits/src/evm_circuit/execution/error_oog_precompile.rs b/zkevm-circuits/src/evm_circuit/execution/error_oog_precompile.rs index f29d3bfabe9..8bc67144513 100644 --- a/zkevm-circuits/src/evm_circuit/execution/error_oog_precompile.rs +++ b/zkevm-circuits/src/evm_circuit/execution/error_oog_precompile.rs @@ -64,10 +64,10 @@ impl ExecutionGadget for ErrorOOGPrecompileGadget { // calculate required gas for precompile let precompiles_required_gas = vec![ - // ( - // addr_bits.value_equals(PrecompileCalls::Ecrecover), - // GasCost::PRECOMPILE_ECRECOVER_BASE.expr(), - // ), + ( + addr_bits.value_equals(PrecompileCalls::Ecrecover), + GasCost::PRECOMPILE_ECRECOVER_BASE.expr(), + ), // addr_bits.value_equals(PrecompileCalls::Sha256), // addr_bits.value_equals(PrecompileCalls::Ripemd160), // addr_bits.value_equals(PrecompileCalls::Blake2F), @@ -182,6 +182,7 @@ impl ExecutionGadget for ErrorOOGPrecompileGadget { // required_gas let precompile_call: PrecompileCalls = precompile_addr.to_fixed_bytes()[19].into(); let required_gas = match precompile_call { + PrecompileCalls::Ecrecover => precompile_call.base_gas_cost(), // PrecompileCalls::Bn128Pairing => { // precompile_call.base_gas_cost() // + n_pairs * GasCost::PRECOMPILE_BN256PAIRING_PER_PAIR diff --git a/zkevm-circuits/src/evm_circuit/execution/precompiles/ecrecover.rs b/zkevm-circuits/src/evm_circuit/execution/precompiles/ecrecover.rs index b65c9203566..14ba85a401e 100644 --- a/zkevm-circuits/src/evm_circuit/execution/precompiles/ecrecover.rs +++ b/zkevm-circuits/src/evm_circuit/execution/precompiles/ecrecover.rs @@ -1,7 +1,7 @@ -use bus_mapping::precompile::PrecompileAuxData; -use eth_types::{evm_types::GasCost, word, Field, ToLittleEndian, ToScalar, ToWord, U256}; +use bus_mapping::precompile::{PrecompileAuxData, PrecompileCalls}; +use eth_types::{evm_types::GasCost, word, Field, ToLittleEndian, ToScalar, U256}; use ethers_core::k256::elliptic_curve::PrimeField; -use gadgets::util::{and, not, or, select, sum, Expr}; +use gadgets::util::{and, not, or, select, Expr}; use halo2_proofs::{circuit::Value, halo2curves::secp256k1::Fq, plonk::Error}; use crate::{ @@ -106,12 +106,13 @@ impl ExecutionGadget for EcrecoverGadget { ] .map(|tag| cb.call_context(None, tag)); + let input_len = PrecompileCalls::Ecrecover.input_len().unwrap(); for (field_tag, value) in [ (CallContextFieldTag::CallDataOffset, 0.expr()), - (CallContextFieldTag::CallDataLength, 128.expr()), + (CallContextFieldTag::CallDataLength, input_len.expr()), ( CallContextFieldTag::ReturnDataOffset, - select::expr(is_recovered.expr(), 128.expr(), 0.expr()), + select::expr(is_recovered.expr(), input_len.expr(), 0.expr()), ), ( CallContextFieldTag::ReturnDataLength, @@ -129,10 +130,9 @@ impl ExecutionGadget for EcrecoverGadget { // lookup to the sign_verify table: let is_valid_sig = and::expr([is_valid_r_s.expr(), is_valid_sig_v.expr()]); - let mut msg_hash_le = msg_hash.limbs.clone(); - msg_hash_le.reverse(); - cb.condition(is_valid_sig.expr(), |cb| { + let mut msg_hash_le = msg_hash.limbs.clone(); + msg_hash_le.reverse(); cb.sig_table_lookup( WordLimbs::new(msg_hash_le).to_word(), sig_v.lo().expr() - 27.expr(), @@ -142,6 +142,7 @@ impl ExecutionGadget for EcrecoverGadget { is_recovered.expr(), ); }); + cb.condition(not::expr(is_valid_sig.expr()), |cb| { cb.require_zero( "is_recovered == false if r, s or v not canonical",