Merge branch 'devnet-ready' into get_proxies_in_precompile

Author: open-junius

Cargo.lock

@@ -274,7 +274,7 @@ sp-keystore = { git = "https://github.com/paritytech/polkadot-sdk.git", tag = "p
 w3f-bls = { git = "https://github.com/opentensor/bls", branch = "fix-no-std", default-features = false }
 ark-crypto-primitives = { version = "0.4.0", default-features = false }
 ark-scale = { version = "0.0.11", default-features = false }
-sp-ark-bls12-381 = { git = "https://github.com/paritytech/substrate-curves", default-features = false }
+sp-ark-bls12-381 = { git = "https://github.com/paritytech/arkworks-substrate", package = "sp-ark-bls12-381", default-features = false }
 ark-bls12-381 = { version = "0.4.0", default-features = false }
 ark-serialize = { version = "0.4.0", default-features = false }
 ark-ff = { version = "0.4.0", default-features = false }

Cargo.toml

@@ -0,0 +1,62 @@
+// SPDX-License-Identifier: MIT
+pragma solidity ^0.8.23;
+
+interface ISR25519Verify {
+    function verify(
+        bytes32 message,
+        bytes32 publicKey,
+        bytes32 r,
+        bytes32 s
+    ) external pure returns (bool);
+}
+
+interface IED25519Verify {
+    function verify(
+        bytes32 message,
+        bytes32 publicKey,
+        bytes32 r,
+        bytes32 s
+    ) external pure returns (bool);
+}
+
+contract PrecompileGas {
+    address constant IED25519VERIFY_ADDRESS =
+        0x0000000000000000000000000000000000000402;
+    address constant ISR25519VERIFY_ADDRESS =
+        0x0000000000000000000000000000000000000403;
+    IED25519Verify constant ed25519 = IED25519Verify(IED25519VERIFY_ADDRESS);
+    ISR25519Verify constant sr25519 = ISR25519Verify(ISR25519VERIFY_ADDRESS);
+
+    event Log(string message);
+
+    bytes32 message =
+        0x1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef;
+    bytes32 publicKey =
+        0x0000000000000000000000000000000000000000000000000000000000000000;
+    bytes32 r =
+        0x0000000000000000000000000000000000000000000000000000000000000000;
+    bytes32 s =
+        0x0000000000000000000000000000000000000000000000000000000000000000;
+
+    /**
+     * @notice Call the precompile using hardcoded signature data
+     * @param iterations Number of times to call the precompile
+     */
+    function callED25519(uint64 iterations) external {
+        for (uint64 i = 0; i < iterations; i++) {
+            ed25519.verify(message, publicKey, r, s);
+        }
+        emit Log("callED25519");
+    }
+
+    /**
+     * @notice Call the precompile using hardcoded signature data
+     * @param iterations Number of times to call the precompile
+     */
+    function callSR25519(uint64 iterations) external {
+        for (uint64 i = 0; i < iterations; i++) {
+            sr25519.verify(message, publicKey, r, s);
+        }
+        emit Log("callSR25519");
+    }
+}

evm-tests/src/contracts/precompileGas.sol

@@ -0,0 +1,44 @@
+
+export const PrecompileGas_CONTRACT_ABI = [
+    {
+        "anonymous": false,
+        "inputs": [
+            {
+                "indexed": false,
+                "internalType": "string",
+                "name": "message",
+                "type": "string"
+            }
+        ],
+        "name": "Log",
+        "type": "event"
+    },
+    {
+        "inputs": [
+            {
+                "internalType": "uint64",
+                "name": "iterations",
+                "type": "uint64"
+            }
+        ],
+        "name": "callED25519",
+        "outputs": [],
+        "stateMutability": "nonpayable",
+        "type": "function"
+    },
+    {
+        "inputs": [
+            {
+                "internalType": "uint64",
+                "name": "iterations",
+                "type": "uint64"
+            }
+        ],
+        "name": "callSR25519",
+        "outputs": [],
+        "stateMutability": "nonpayable",
+        "type": "function"
+    }
+]
+
+export const PrecompileGas_CONTRACT_BYTECODE = "60806040527f1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef5f1b5f555f5f1b6001555f5f1b6002555f5f1b6003553480156045575f5ffd5b5061048b806100535f395ff3fe608060405234801561000f575f5ffd5b5060043610610034575f3560e01c806356554a5714610038578063bd9cac2b14610054575b5f5ffd5b610052600480360381019061004d919061028f565b610070565b005b61006e6004803603810190610069919061028f565b61015f565b005b5f5f90505b8167ffffffffffffffff168167ffffffffffffffff1610156101265761040373ffffffffffffffffffffffffffffffffffffffff1663869adcb95f546001546002546003546040518563ffffffff1660e01b81526004016100d994939291906102d2565b602060405180830381865afa1580156100f4573d5f5f3e3d5ffd5b505050506040513d601f19601f82011682018060405250810190610118919061034a565b508080600101915050610075565b507fcf34ef537ac33ee1ac626ca1587a0a7e8e51561e5514f8cb36afa1c5102b3bab604051610154906103cf565b60405180910390a150565b5f5f90505b8167ffffffffffffffff168167ffffffffffffffff1610156102155761040273ffffffffffffffffffffffffffffffffffffffff1663869adcb95f546001546002546003546040518563ffffffff1660e01b81526004016101c894939291906102d2565b602060405180830381865afa1580156101e3573d5f5f3e3d5ffd5b505050506040513d601f19601f82011682018060405250810190610207919061034a565b508080600101915050610164565b507fcf34ef537ac33ee1ac626ca1587a0a7e8e51561e5514f8cb36afa1c5102b3bab60405161024390610437565b60405180910390a150565b5f5ffd5b5f67ffffffffffffffff82169050919050565b61026e81610252565b8114610278575f5ffd5b50565b5f8135905061028981610265565b92915050565b5f602082840312156102a4576102a361024e565b5b5f6102b18482850161027b565b91505092915050565b5f819050919050565b6102cc816102ba565b82525050565b5f6080820190506102e55f8301876102c3565b6102f260208301866102c3565b6102ff60408301856102c3565b61030c60608301846102c3565b95945050505050565b5f8115159050919050565b61032981610315565b8114610333575f5ffd5b50565b5f8151905061034481610320565b92915050565b5f6020828403121561035f5761035e61024e565b5b5f61036c84828501610336565b91505092915050565b5f82825260208201905092915050565b7f63616c6c535232353531390000000000000000000000000000000000000000005f82015250565b5f6103b9600b83610375565b91506103c482610385565b602082019050919050565b5f6020820190508181035f8301526103e6816103ad565b9050919050565b7f63616c6c454432353531390000000000000000000000000000000000000000005f82015250565b5f610421600b83610375565b915061042c826103ed565b602082019050919050565b5f6020820190508181035f83015261044e81610415565b905091905056fea26469706673582212202addcdae9c59ee78157cddedc3148678edf455132bdfc62347f85e7c660b4d2164736f6c634300081e0033"

evm-tests/src/contracts/precompileGas.ts

@@ -75,9 +75,9 @@ export function getRandomSubstrateKeypair() {
     return hdkdKeyPair
 }
 
-export async function getBalance(api: TypedApi<typeof devnet>) {
-    const value = await api.query.Balances.Account.getValue("")
-    return value
+export async function getBalance(api: TypedApi<typeof devnet>, ss58Address: string) {
+    const value = await api.query.System.Account.getValue(ss58Address)
+    return value.data.free
 }
 
 export async function getNonce(api: TypedApi<typeof devnet>, ss58Address: string): Promise<number> {

evm-tests/src/substrate.ts

@@ -0,0 +1,88 @@
+import * as assert from "assert";
+import { generateRandomEthersWallet, getPublicClient } from "../src/utils";
+import { ETH_LOCAL_URL } from "../src/config";
+import { getBalance, getDevnetApi } from "../src/substrate";
+import { forceSetBalanceToEthAddress } from "../src/subtensor";
+import { PrecompileGas_CONTRACT_ABI, PrecompileGas_CONTRACT_BYTECODE } from "../src/contracts/precompileGas";
+import { ethers } from "ethers";
+import { TypedApi } from "polkadot-api";
+import { devnet } from "@polkadot-api/descriptors";
+import { disableWhiteListCheck } from "../src/subtensor";
+import { convertH160ToSS58, convertPublicKeyToSs58 } from "../src/address-utils";
+
+describe("SR25519 ED25519 Precompile Gas Test", () => {
+    const wallet = generateRandomEthersWallet();
+    let api: TypedApi<typeof devnet>;
+
+    // scope of precompile gas usage for sr25519 and ed25519
+    const minPrecompileGas = BigInt(6000);
+    const maxPrecompileGas = BigInt(10000);
+
+    before(async () => {
+        api = await getDevnetApi();
+        await forceSetBalanceToEthAddress(api, wallet.address);
+        await disableWhiteListCheck(api, true);
+    });
+
+    it("Can deploy and call attackHardcoded", async () => {
+        const fee = await api.query.BaseFee.BaseFeePerGas.getValue()
+        assert.ok(fee[0] > 1000000000);
+        const baseFee = BigInt(fee[0]) / BigInt(1000000000);
+        console.log("Base fee per gas:", baseFee);
+
+        const contractFactory = new ethers.ContractFactory(PrecompileGas_CONTRACT_ABI, PrecompileGas_CONTRACT_BYTECODE, wallet);
+        const contractDeploy = await contractFactory.deploy();
+
+        const result = await contractDeploy.waitForDeployment();
+        console.log("Contract deployed to:", result.target);
+
+
+        let oneIterationGas = BigInt(0);
+
+        for (const iter of [1, 11, 101]) {
+            const balanceBefore = await getBalance(api, convertH160ToSS58(wallet.address));
+            const contract = new ethers.Contract(result.target, PrecompileGas_CONTRACT_ABI, wallet);
+            const iterations = iter;
+            const tx = await contract.callED25519(iterations)
+            await tx.wait()
+
+            const balanceAfter = await getBalance(api, convertH160ToSS58(wallet.address));
+            assert.ok(balanceAfter < balanceBefore);
+
+            const usedGas = balanceBefore - balanceAfter;
+            if (iterations === 1) {
+                oneIterationGas = usedGas;
+                continue;
+            }
+
+            assert.ok(usedGas >= oneIterationGas);
+
+            const precompileUsedGas = BigInt(usedGas - oneIterationGas);
+            assert.ok(precompileUsedGas >= minPrecompileGas * BigInt(iterations - 1) * baseFee);
+            assert.ok(precompileUsedGas <= maxPrecompileGas * BigInt(iterations - 1) * baseFee);
+        }
+
+        for (const iter of [1, 11, 101]) {
+            const balanceBefore = await getBalance(api, convertH160ToSS58(wallet.address));
+            const contract = new ethers.Contract(result.target, PrecompileGas_CONTRACT_ABI, wallet);
+            const iterations = iter;
+            const tx = await contract.callSR25519(iterations)
+            await tx.wait()
+
+            const balanceAfter = await getBalance(api, convertH160ToSS58(wallet.address));
+            assert.ok(balanceAfter < balanceBefore);
+
+            const usedGas = balanceBefore - balanceAfter;
+            if (iterations === 1) {
+                oneIterationGas = usedGas;
+                continue;
+            }
+
+            assert.ok(usedGas >= oneIterationGas);
+
+            const precompileUsedGas = BigInt(usedGas - oneIterationGas);
+            assert.ok(precompileUsedGas >= minPrecompileGas * BigInt(iterations - 1) * baseFee);
+            assert.ok(precompileUsedGas <= maxPrecompileGas * BigInt(iterations - 1) * baseFee);
+        }
+    });
+});

evm-tests/test/precompileGas.test.ts

@@ -337,7 +337,6 @@ where
         traits::{ConstU32, TransactionExtension},
     };
 
-    // Helper: map a Block hash to H256
     fn to_h256<H: AsRef<[u8]>>(h: H) -> H256 {
         let bytes = h.as_ref();
         let mut out = [0u8; 32];
@@ -356,7 +355,7 @@ where
             dst.copy_from_slice(src);
             H256(out)
         } else {
-            // Extremely unlikely; fall back to zeroed H256 if indices are somehow invalid.
+            // Extremely defensive fallback.
             H256([0u8; 32])
         }
     }
@@ -365,9 +364,10 @@ where
     let public_key: BoundedVec<u8, MaxPk> = BoundedVec::try_from(next_public_key)
         .map_err(|_| anyhow::anyhow!("public key too long (>2048 bytes)"))?;
 
-    // 1) The runtime call carrying public key bytes.
+    // 1) Runtime call carrying the public key bytes.
     let call = RuntimeCall::MevShield(pallet_shield::Call::announce_next_key { public_key });
 
+    // 2) Build the transaction extensions exactly like the runtime.
     type Extra = runtime::TransactionExtensions;
     let extra: Extra =
         (
@@ -390,42 +390,44 @@ where
             frame_metadata_hash_extension::CheckMetadataHash::<runtime::Runtime>::new(false),
         );
 
+    // 3) Manually construct the `Implicit` tuple that the runtime will also derive.
     type Implicit = <Extra as TransactionExtension<RuntimeCall>>::Implicit;
 
     let info = client.info();
     let genesis_h256: H256 = to_h256(info.genesis_hash);
 
     let implicit: Implicit = (
         (),                                   // CheckNonZeroSender
-        runtime::VERSION.spec_version,        // CheckSpecVersion
-        runtime::VERSION.transaction_version, // CheckTxVersion
-        genesis_h256,                         // CheckGenesis
-        genesis_h256,                         // CheckEra (Immortal)
-        (),                                   // CheckNonce (additional part)
-        (),                                   // CheckWeight
-        (),                                   // ChargeTransactionPaymentWrapper (additional part)
-        (),                                   // SubtensorTransactionExtension (additional part)
-        (),                                   // DrandPriority
-        None,                                 // CheckMetadataHash (disabled)
+        runtime::VERSION.spec_version,        // CheckSpecVersion::Implicit = u32
+        runtime::VERSION.transaction_version, // CheckTxVersion::Implicit = u32
+        genesis_h256,                         // CheckGenesis::Implicit = Hash
+        genesis_h256,                         // CheckEra::Implicit (Immortal => genesis hash)
+        (),                                   // CheckNonce::Implicit = ()
+        (),                                   // CheckWeight::Implicit = ()
+        (),                                   // ChargeTransactionPaymentWrapper::Implicit = ()
+        (),                                   // SubtensorTransactionExtension::Implicit = ()
+        (),                                   // DrandPriority::Implicit = ()
+        None,                                 // CheckMetadataHash::Implicit = Option<[u8; 32]>
     );
 
-    // Build the exact signable payload.
+    // 4) Build the exact signable payload from call + extra + implicit.
     let payload: SignedPayload = SignedPayload::from_raw(call.clone(), extra.clone(), implicit);
 
-    let raw_payload = payload.encode();
-
-    // Sign with the local Aura key.
-    let sig_opt = keystore
-        .sr25519_sign(AURA_KEY_TYPE, &aura_pub, &raw_payload)
+    // 5) Sign with the local Aura key using the same SCALE bytes the runtime expects.
+    let sig_opt = payload
+        .using_encoded(|bytes| keystore.sr25519_sign(AURA_KEY_TYPE, &aura_pub, bytes))
         .map_err(|e| anyhow::anyhow!("keystore sr25519_sign error: {e:?}"))?;
+
     let sig = sig_opt
         .ok_or_else(|| anyhow::anyhow!("keystore sr25519_sign returned None for Aura key"))?;
 
     let signature: MultiSignature = sig.into();
 
+    // 6) Sender address = AccountId32 derived from the Aura sr25519 public key.
     let who: AccountId32 = aura_pub.into();
     let address = sp_runtime::MultiAddress::Id(who);
 
+    // 7) Assemble the signed extrinsic and submit it to the pool.
     let uxt: UncheckedExtrinsic = UncheckedExtrinsic::new_signed(call, address, signature, extra);
 
     let xt_bytes = uxt.encode();