Skip to content

Commit 15d2cb0

Browse files
authored
feat: merge-train/barretenberg (#20688)
BEGIN_COMMIT_OVERRIDE feat!: Address ECDSA audit (#20583) feat: avoid redundant serial zeroing in polynomial allocation (#20670) fix: ECDSA tests in acir_tests don't fail anymore (#20689) END_COMMIT_OVERRIDE
2 parents 591ab95 + 5f91776 commit 15d2cb0

File tree

16 files changed

+404
-318
lines changed

16 files changed

+404
-318
lines changed

barretenberg/acir_tests/bootstrap.sh

Lines changed: 0 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -113,12 +113,6 @@ function build {
113113
rm -rf acir_tests/{regression_5045,regression_7744}
114114
# The following test fails because it uses CallData/ReturnData with UltraBuilder, which is not supported
115115
rm -rf acir_tests/{regression_7612,regression_7143,databus_composite_calldata,databus_two_calldata_simple,databus_two_calldata,databus}
116-
# Mark tests that are expected to fail with a failing_ prefix.
117-
# bb_prove.sh will expect these to fail and error if they suddenly pass.
118-
for t in ecdsa_secp256k1_invalid_inputs; do
119-
mv acir_tests/$t acir_tests/failing_$t
120-
sed -i "s/^name = \"$t\"/name = \"failing_$t\"/" acir_tests/failing_$t/Nargo.toml
121-
done
122116
# Merge the internal test programs with the acir tests.
123117
cp -R ./internal_test_programs/* acir_tests
124118

barretenberg/cpp/scripts/test_chonk_standalone_vks_havent_changed.sh

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -13,7 +13,7 @@ cd ..
1313
# - Generate a hash for versioning: sha256sum bb-chonk-inputs.tar.gz
1414
# - Upload the compressed results: aws s3 cp bb-chonk-inputs.tar.gz s3://aztec-ci-artifacts/protocol/bb-chonk-inputs-[hash(0:8)].tar.gz
1515
# Note: In case of the "Test suite failed to run ... Unexpected token 'with' " error, need to run: docker pull aztecprotocol/build:3.0
16-
pinned_short_hash="53ce2d4f"
16+
pinned_short_hash="189f0026"
1717
pinned_chonk_inputs_url="https://aztec-ci-artifacts.s3.us-east-2.amazonaws.com/protocol/bb-chonk-inputs-${pinned_short_hash}.tar.gz"
1818

1919
script_path="$(cd "$(dirname "${BASH_SOURCE[0]}")/scripts" && pwd)/$(basename "${BASH_SOURCE[0]}")"
@@ -85,13 +85,13 @@ function prove_and_verify_inputs {
8585
echo "Running proof test for $1..."
8686
$bb prove --scheme chonk --ivc_inputs_path "$flow_folder/ivc-inputs.msgpack" > /dev/null 2>&1 || prove_exit_code=$?
8787

88-
# if [[ $proof_exit_code -ne 0 ]]; then
88+
if [[ $proof_exit_code -ne 0 ]]; then
8989
echo "Proof test failed for flow $1. Please re-run the script with flag --update_inputs."
9090

9191
cp "$flow_folder/ivc-inputs.msgpack" "$root/yarn-project/end-to-end/example-app-ivc-inputs-out/$1/ivc-inputs.msgpack"
9292
echo "Inputs copied in yarn-project for debugging"
9393
exit 1
94-
# fi
94+
fi
9595
}
9696

9797
export -f prove_and_verify_inputs

barretenberg/cpp/src/barretenberg/dsl/acir_format/ecdsa_constraints.test.cpp

Lines changed: 7 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -58,11 +58,13 @@ template <class Curve> class EcdsaTestingFunctions {
5858
WitnessVector witness_values,
5959
const InvalidWitness::Target& invalid_witness_target)
6060
{
61-
// For most ECDSA invalidation cases, we set result=0 to ensure that the failure mode caught by the test is
62-
// specific to the particular case being tested, not just simple verification failure.
63-
// For the "Result" case we test the mismatch between actual and claimed result.
64-
if (invalid_witness_target != InvalidWitness::Target::None &&
65-
invalid_witness_target != InvalidWitness::Target::Result) {
61+
62+
// The ECDSA verification algorithm never makes the circuit fail, it just returns a boolean bearing witness to
63+
// whether the verification succeeded or not. The only exception is HashIsNotAByteArray, in which case the
64+
// byte_array constructors raises an error. To ensure that the failure mode caught by the test is specific to
65+
// the particular case being tested, not just simple verification failure, we set the verification result to
66+
// false for HashIsNotAByteArray and to true for every other case.
67+
if (invalid_witness_target == InvalidWitness::Target::HashIsNotAByteArray) {
6668
witness_values[ecdsa_constraints.result] = bb::fr(0);
6769
}
6870

@@ -98,7 +100,6 @@ template <class Curve> class EcdsaTestingFunctions {
98100
case InvalidWitness::Target::Result:
99101
// Test enforcement of verification result: tamper signature but claim it's valid
100102
witness_values[ecdsa_constraints.signature[31]] = bb::fr(0);
101-
witness_values[ecdsa_constraints.result] = bb::fr(1);
102103
break;
103104
case InvalidWitness::Target::None:
104105
break;

barretenberg/cpp/src/barretenberg/dsl/acir_format/gate_count_constants.hpp

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -34,9 +34,9 @@ template <typename Builder> inline constexpr size_t AES128_ENCRYPTION = 1559 + Z
3434
// overlap with the values added for ECCVM. secp256k1 uses table of size 16 whose indices contain all the 4 values
3535
// set for ECCVM (hence the same value for Ultra and Mega builders). secp256r1 uses ROM tables of size 4, which
3636
// contain only 2 of the values set for ECCVM (hence the difference of two gates between Ultra and Mega builders).
37-
template <typename Builder> inline constexpr size_t ECDSA_SECP256K1 = 42541 + ZERO_GATE;
37+
template <typename Builder> inline constexpr size_t ECDSA_SECP256K1 = 42839 + ZERO_GATE;
3838
template <typename Builder>
39-
inline constexpr size_t ECDSA_SECP256R1 = 72313 + ZERO_GATE + (IsMegaBuilder<Builder> ? 2 : 0);
39+
inline constexpr size_t ECDSA_SECP256R1 = 72614 + ZERO_GATE + (IsMegaBuilder<Builder> ? 2 : 0);
4040

4141
template <typename Builder> inline constexpr size_t BLAKE2S = 2952 + ZERO_GATE + MEGA_OFFSET<Builder>;
4242
template <typename Builder> inline constexpr size_t BLAKE3 = 2158 + ZERO_GATE + MEGA_OFFSET<Builder>;
@@ -45,7 +45,7 @@ template <typename Builder> inline constexpr size_t POSEIDON2_PERMUTATION = 73 +
4545
template <typename Builder> inline constexpr size_t MULTI_SCALAR_MUL = 3559 + ZERO_GATE;
4646
template <typename Builder> inline constexpr size_t EC_ADD = 80 + ZERO_GATE + MEGA_OFFSET<Builder>;
4747
template <typename Builder> inline constexpr size_t BLOCK_ROM_READ = 9 + ZERO_GATE + MEGA_OFFSET<Builder>;
48-
template <typename Builder> inline constexpr size_t BLOCK_RAM_READ = 18 + ZERO_GATE + MEGA_OFFSET<Builder>;
48+
template <typename Builder> inline constexpr size_t BLOCK_RAM_READ = 9 + ZERO_GATE + MEGA_OFFSET<Builder>;
4949
template <typename Builder> inline constexpr size_t BLOCK_RAM_WRITE = 18 + ZERO_GATE + MEGA_OFFSET<Builder>;
5050
template <typename Builder> inline constexpr size_t BLOCK_CALLDATA = 1 + ZERO_GATE + MEGA_OFFSET<Builder>;
5151
template <typename Builder> inline constexpr size_t BLOCK_RETURNDATA = 11 + ZERO_GATE + MEGA_OFFSET<Builder>;

0 commit comments

Comments
 (0)