Merge pull request #3132 from ProvableHQ/feat/increase-program-size-2

Add safety checks for `MAX_WRITE` increase.

Author: vicsn

console/network/src/consensus_heights.rs

@@ -328,6 +328,11 @@ mod tests {
             assert!(*version > previous_version);
             previous_version = *version;
         }
+        let mut previous_version = N::MAX_WRITES.first().unwrap().0;
+        for (version, _) in N::MAX_WRITES.iter().skip(1) {
+            assert!(*version > previous_version);
+            previous_version = *version;
+        }
     }
 
     /// Ensure that consensus *heights* are unique and incrementing.
@@ -369,6 +374,12 @@ mod tests {
             // Double-check that consensus_config_value returns the correct value.
             assert_eq!(consensus_config_value!(N, MAX_TRANSACTION_SIZE, height).unwrap(), *value);
         }
+        for (version, value) in N::MAX_WRITES.iter() {
+            // Ensure that the height at which an update occurs are present in CONSENSUS_VERSION_HEIGHTS.
+            let height = N::CONSENSUS_VERSION_HEIGHTS().iter().find(|(c_version, _)| *c_version == *version).unwrap().1;
+            // Double-check that consensus_config_value returns the correct value.
+            assert_eq!(consensus_config_value!(N, MAX_WRITES, height).unwrap(), *value);
+        }
     }
 
     /// Ensure that consensus_config_value returns a valid value for all consensus versions.
@@ -378,6 +389,7 @@ mod tests {
             assert!(consensus_config_value!(N, TRANSACTION_SPEND_LIMIT, *height).is_some());
             assert!(consensus_config_value!(N, MAX_PROGRAM_SIZE, *height).is_some());
             assert!(consensus_config_value!(N, MAX_TRANSACTION_SIZE, *height).is_some());
+            assert!(consensus_config_value!(N, MAX_WRITES, *height).is_some());
         }
     }
 
@@ -415,6 +427,7 @@ mod tests {
         let _ = [N1::TRANSACTION_SPEND_LIMIT, N2::TRANSACTION_SPEND_LIMIT, N3::TRANSACTION_SPEND_LIMIT];
         let _ = [N1::MAX_PROGRAM_SIZE, N2::MAX_PROGRAM_SIZE, N3::MAX_PROGRAM_SIZE];
         let _ = [N1::MAX_TRANSACTION_SIZE, N2::MAX_TRANSACTION_SIZE, N3::MAX_TRANSACTION_SIZE];
+        let _ = [N1::MAX_WRITES, N2::MAX_WRITES, N3::MAX_WRITES];
     }
 
     /// Ensure that `LATEST_MAX_*` functions return valid values without panicking.
@@ -426,6 +439,8 @@ mod tests {
         assert!(N::LATEST_MAX_PROGRAM_SIZE() > 0, "LATEST_MAX_PROGRAM_SIZE must be positive");
         // Verify LATEST_MAX_TRANSACTION_SIZE returns a positive value.
         assert!(N::LATEST_MAX_TRANSACTION_SIZE() > 0, "LATEST_MAX_TRANSACTION_SIZE must be positive");
+        // Verify LATEST_MAX_WRITES returns a positive value.
+        assert!(N::LATEST_MAX_WRITES() > 0, "LATEST_MAX_WRITES must be positive");
     }
 
     #[test]

console/program/src/state_path/configuration/mod.rs

@@ -21,7 +21,9 @@ pub const BLOCKS_DEPTH: u8 = 32;
 /// The depth of the Merkle tree for the block header.
 pub const HEADER_DEPTH: u8 = 3;
 /// The depth of the Merkle tree for finalize operations in a transaction.
-pub const FINALIZE_ID_DEPTH: u8 = TRANSACTION_DEPTH + 4; // '+ 4' is to support 16 finalize operations per transition.
+/// A transaction can include at most `2^FINALIZE_ID_DEPTH` finalize operations total (across *all* transitions).
+/// Note that `MAX_WRITES * MAX_TRANSITIONS` can exceed that Merkle-tree capacity.
+pub const FINALIZE_ID_DEPTH: u8 = TRANSACTION_DEPTH + 4; // '+ 4' is to support an average of 16 finalize operations per transition.
 /// The depth of the Merkle tree for finalize operations in a block.
 pub const FINALIZE_OPERATIONS_DEPTH: u8 = TRANSACTIONS_DEPTH;
 /// The depth of the Merkle tree for the ratifications in a block.

synthesizer/program/src/lib.rs

@@ -103,7 +103,7 @@ use console::{
     program::{Identifier, PlaintextType, ProgramID, RecordType, StructType},
     types::U8,
 };
-use snarkvm_utilities::cfg_iter;
+use snarkvm_utilities::{cfg_find_map, cfg_iter};
 
 use indexmap::{IndexMap, IndexSet};
 use std::collections::BTreeSet;
@@ -1069,17 +1069,22 @@ impl<N: Network> ProgramCore<N> {
             .ok_or(anyhow!("Failed to fetch maximum program size"))?;
 
         // Check if the constructor exceeds the maximum number of writes.
-        let constructor_exceeds =
-            self.constructor().is_some_and(|constructor| constructor.num_writes() > max_num_writes);
-
-        // Check if any finalize logic exceeds the maximum number of writes.
-        let finalize_exceeds = cfg_iter!(self.functions()).any(|(_, function)| {
-            function.finalize_logic().is_some_and(|finalize| finalize.num_writes() > max_num_writes)
-        });
+        if self.constructor().is_some_and(|constructor| constructor.num_writes() > max_num_writes) {
+            bail!(
+                "Program constructor exceeds the maximum allowed writes ({max_num_writes}) for the current height {block_height} (consensus version {}).",
+                N::CONSENSUS_VERSION(block_height)?
+            );
+        }
 
-        if constructor_exceeds || finalize_exceeds {
+        // Find the first function whose finalize logic exceeds the maximum writes.
+        if let Some(name) = cfg_find_map!(self.functions(), |function| {
+            function
+                .finalize_logic()
+                .is_some_and(|finalize| finalize.num_writes() > max_num_writes)
+                .then(|| *function.name())
+        }) {
             bail!(
-                "Program writes exceed the maximum allowed writes of {max_num_writes} for the current height {block_height} (consensus version {}).",
+                "Program function '{name}' exceeds the maximum allowed writes ({max_num_writes}) for the current height {block_height} (consensus version {}).",
                 N::CONSENSUS_VERSION(block_height)?
             );
         }

synthesizer/src/vm/mod.rs

@@ -29,7 +29,19 @@ use crate::{Restrictions, cast_mut_ref, cast_ref, convert, process};
 use console::{
     account::{Address, PrivateKey},
     network::prelude::*,
-    program::{Argument, Identifier, Literal, Locator, Plaintext, ProgramID, ProgramOwner, Record, Response, Value},
+    program::{
+        Argument,
+        FINALIZE_ID_DEPTH,
+        Identifier,
+        Literal,
+        Locator,
+        Plaintext,
+        ProgramID,
+        ProgramOwner,
+        Record,
+        Response,
+        Value,
+    },
     types::{Field, Group, U16, U64},
 };
 use snarkvm_algorithms::snark::varuna::VarunaVersion;
@@ -73,6 +85,7 @@ use snarkvm_synthesizer_process::{
     execution_cost,
 };
 use snarkvm_synthesizer_program::{
+    FinalizeCore,
     FinalizeGlobalState,
     FinalizeOperation,
     FinalizeStoreTrait,