Skip to content

feat(avm): defensively assert cd hashes #19346

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
IlyasRidhuan merged 2 commits into from
Jan 7, 2026
Merged

feat(avm): defensively assert cd hashes #19346

IlyasRidhuan merged 2 commits into from
Jan 7, 2026

Conversation

@IlyasRidhuan
Copy link
Contributor

@IlyasRidhuan IlyasRidhuan commented Jan 6, 2026
edited
Loading

This PR moves us from compute_calldata_hash -> assert_calldata_hash which essentially adds a degree of validation to the calldata hash in the AVM cpp code.

Why tho?

  1. Aligns it with other "infallible" pre-requisites to proving, e.g., assert_address_derivation.
  2. Somewhat minimises (although not completely) the following prover DOS vector.
    • A sequencer generates proving hints with a bad calldata hash (i.e. H(calldata) != calldata_hash)
    • Gives the hints to a prover agent, since there is no validation the prover agent constructs the entire trace.
    • The proof construction fails because the lookup constraining calldata hash is invalid, all the prover work is wasted
  3. It only minimises the attack vector because the prover agent still wastes some work during re-execution, although this should be significantly less than when it gets to tracegen.

Sharp Edges

In TS, cd hash validation is done at the tx validation level. I don't think it is worthwhile to implement the cd hash validation in the TS simulator - so instead I've implemented a validation in the TS fuzzer entrypoint

@IlyasRidhuan Graphite App
Copy link
Contributor Author

IlyasRidhuan commented Jan 6, 2026
edited
Loading

This stack of pull requests is managed by Graphite. Learn more about stacking.

This was referenced Jan 6, 2026
Merged
Open
Draft
Draft
@IlyasRidhuan IlyasRidhuan force-pushed the ir/01-04-feat_avm_mutate_enqueued_calls branch from e1ca69a to 8325579 Compare January 7, 2026 10:43
@IlyasRidhuan IlyasRidhuan force-pushed the ir/01-04-feat_avm_defensively_assert_cd_hashes branch from 97782de to 36ee031 Compare January 7, 2026 10:43
IlyasRidhuan
IlyasRidhuan commented Jan 7, 2026
View reviewed changes
@IlyasRidhuan IlyasRidhuan force-pushed the ir/01-04-feat_avm_defensively_assert_cd_hashes branch from 36ee031 to 86093ec Compare January 7, 2026 10:56
@IlyasRidhuan IlyasRidhuan force-pushed the ir/01-04-feat_avm_mutate_enqueued_calls branch from 8325579 to 5ab4f28 Compare January 7, 2026 10:56
@IlyasRidhuan IlyasRidhuan marked this pull request as ready for review January 7, 2026 10:58
fcarreiro
fcarreiro reviewed Jan 7, 2026
View reviewed changes
Copy link
Contributor

@fcarreiro fcarreiro left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Just a note that this does make C++ simulation check the cd hashes and fail catastrophically if sth goes wrong. Assuming that the hash is already validated in TX validation, this should be ok (a noop change).

Btw, the sequencer does not generate hints and give them to the prover. The prover itself generates the hints from the TXs and gives them to the agents (all of it under its control).

Once CI passes, lmk and I'll approve.

@IlyasRidhuan IlyasRidhuan changed the base branch from ir/01-04-feat_avm_mutate_enqueued_calls to graphite-base/19346 January 7, 2026 14:15
@IlyasRidhuan IlyasRidhuan force-pushed the ir/01-04-feat_avm_defensively_assert_cd_hashes branch from 86093ec to 619ee29 Compare January 7, 2026 15:33
@IlyasRidhuan IlyasRidhuan changed the base branch from graphite-base/19346 to ir/01-04-feat_avm_mutate_enqueued_calls January 7, 2026 15:33
@IlyasRidhuan IlyasRidhuan force-pushed the ir/01-04-feat_avm_defensively_assert_cd_hashes branch from 619ee29 to 0ffaa16 Compare January 7, 2026 15:49
@IlyasRidhuan IlyasRidhuan requested a review from fcarreiro January 7, 2026 16:26
Base automatically changed from ir/01-04-feat_avm_mutate_enqueued_calls to merge-train/avm January 7, 2026 16:29
@IlyasRidhuan IlyasRidhuan merged commit f20753a into merge-train/avm Jan 7, 2026
11 checks passed
@IlyasRidhuan IlyasRidhuan deleted the ir/01-04-feat_avm_defensively_assert_cd_hashes branch January 7, 2026 19:36
@AztecBot AztecBot mentioned this pull request Jan 7, 2026
Merged
github-merge-queue bot pushed a commit that referenced this pull request Jan 8, 2026
@AztecBot
feat: merge-train/avm (#19377)
629a41b 
BEGIN_COMMIT_OVERRIDE
feat(avm)!: optionally use TS logger in C++ simulation (#19305)
chore(avm): bytecode caching comments
chore(avm): disable VK hash checking in tests
fix(avm)!: instr_fetching soundness bug (#19381)
fix(avm): dont catch wide exceptions (#19388)
refactor(avm): Refactor get contract instance fuzzer backfill (#19387)
feat(avm): mutate enqueued calls (#19315)
chore(avm): migrate to BB asserts (#19395)
fix!: more missing boolean constraints in calldata, calldata hashing,
sha256 mem PILs (#19367)
feat(avm): defensively assert cd hashes (#19346)
chore: annotate booleans in PIL, and add some missing boolean
constraints (#19371)
fix!: missing boolean constraints on zero checks targets (#19401)
fix!: context did not constrain returndata size to 0 at start, and had a
misnamed relation (#19404)
END_COMMIT_OVERRIDE
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@fcarreiro fcarreiro fcarreiro approved these changes

@dbanks12 dbanks12 Awaiting requested review from dbanks12

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@IlyasRidhuan @fcarreiro