Fix public_inputs_hash generation when extra_field not set and serde deserialization bugs. Add google as provider for devnet (aptos-labs#12476)

* fix bugs

* update

* add google as default provider for chain ids above 100

* fix

* use lazy

* remove unused deps

* lint

Author: heliuchuan

aptos-move/vm-genesis/src/lib.rs

@@ -582,6 +582,21 @@ fn initialize_keyless_accounts(session: &mut SessionExt, chain_id: ChainId) {
             ]),
         );
     }
+    if !chain_id.id() > 100 {
+        exec_function(
+            session,
+            JWKS_MODULE_NAME,
+            "upsert_oidc_provider",
+            vec![],
+            serialize_values(&vec![
+                MoveValue::Signer(CORE_CODE_ADDRESS),
+                "https://accounts.google.com".to_string().as_move_value(),
+                "https://accounts.google.com/.well-known/openid-configuration"
+                    .to_string()
+                    .as_move_value(),
+            ]),
+        );
+    }
 }
 
 fn create_accounts(session: &mut SessionExt, accounts: &[AccountBalance]) {

types/src/keyless/bn254_circom.rs

@@ -1,5 +1,6 @@
 // Copyright © Aptos Foundation
 
+use super::circuit_constants::MAX_EXTRA_FIELD_BYTES;
 use crate::{
     jwks::rsa::RSA_JWK,
     keyless::{
@@ -14,6 +15,7 @@ use ark_bn254::{Fq, Fq2, Fr, G1Affine, G1Projective, G2Affine, G2Projective};
 use ark_ff::PrimeField;
 use ark_serialize::{CanonicalDeserialize, CanonicalSerialize};
 use num_traits::{One, Zero};
+use once_cell::sync::Lazy;
 use serde::{Deserialize, Deserializer, Serialize, Serializer};
 use serde_big_array::BigArray;
 
@@ -22,6 +24,10 @@ use serde_big_array::BigArray;
 pub const G1_PROJECTIVE_COMPRESSED_NUM_BYTES: usize = 32;
 pub const G2_PROJECTIVE_COMPRESSED_NUM_BYTES: usize = 64;
 
+// When the extra_field is none, use this hash value which is equal to the hash of a single space string.
+static EMPTY_EXTRA_FIELD_HASH: Lazy<Fr> =
+    Lazy::new(|| poseidon_bn254::pad_and_hash_string(" ", MAX_EXTRA_FIELD_BYTES as usize).unwrap());
+
 /// This will do the proper subgroup membership checks.
 pub fn g1_projective_str_to_affine(x: &str, y: &str) -> anyhow::Result<G1Affine> {
     let g1_affine = G1Bytes::new_unchecked(x, y)?.deserialize_into_affine()?;
@@ -240,7 +246,7 @@ pub fn get_public_inputs_hash(
 ) -> anyhow::Result<Fr> {
     if let EphemeralCertificate::ZeroKnowledgeSig(proof) = &sig.cert {
         let (has_extra_field, extra_field_hash) = match &proof.extra_field {
-            None => (Fr::zero(), Fr::zero()),
+            None => (Fr::zero(), *Lazy::force(&EMPTY_EXTRA_FIELD_HASH)),
             Some(extra_field) => (
                 Fr::one(),
                 poseidon_bn254::pad_and_hash_string(

types/src/keyless/openid_sig.rs

@@ -174,6 +174,7 @@ pub struct Claims {
     #[serde(flatten)]
     pub oidc_claims: OidcClaims,
     #[serde(default)]
+    #[serde(flatten)]
     pub additional_claims: BTreeMap<String, Value>,
 }