Fix Mina FFI tests

Author: gabrielbosio

operator/mina/lib/mina_verifier.h

@@ -1,6 +1,6 @@
 #include <stdbool.h>
+#include <stdint.h>
 
-bool verify_mina_state_ffi(unsigned char *proof_buffer,
-                            unsigned int proof_len,
-                            unsigned char *pub_input_buffer,
-                            unsigned int pub_input_len);
+int32_t verify_mina_state_ffi(unsigned char *proof_buffer, uint32_t proof_len,
+                              unsigned char *pub_input_buffer,
+                              uint32_t pub_input_len);

operator/mina/lib/src/lib.rs

@@ -37,9 +37,25 @@ lazy_static! {
 #[no_mangle]
 pub extern "C" fn verify_mina_state_ffi(
     proof_bytes: *const u8,
-    proof_len: usize,
+    proof_len: u32,
     pub_input_bytes: *const u8,
-    pub_input_len: usize,
+    pub_input_len: u32,
+) -> i32 {
+    let result = std::panic::catch_unwind(|| {
+        inner_verify_mina_state_ffi(proof_bytes, proof_len, pub_input_bytes, pub_input_len)
+    });
+
+    match result {
+        Ok(v) => v as i32,
+        Err(_) => -1,
+    }
+}
+
+fn inner_verify_mina_state_ffi(
+    proof_bytes: *const u8,
+    proof_len: u32,
+    pub_input_bytes: *const u8,
+    pub_input_len: u32,
 ) -> bool {
     if proof_bytes.is_null() || pub_input_bytes.is_null() {
         error!("Input buffer null");
@@ -233,105 +249,51 @@ mod test {
 
     #[test]
     fn valid_mina_state_proof_verifies() {
-        let mut proof_buffer = [0u8; PROOF_BYTES.len()];
-        let proof_size = PROOF_BYTES.len();
-        assert!(proof_size <= proof_buffer.len());
-        proof_buffer[..proof_size].clone_from_slice(PROOF_BYTES);
-
-        let mut pub_input_buffer = [0u8; super::MAX_PUB_INPUT_SIZE];
-        let pub_input_size = PUB_INPUT_BYTES.len();
-        assert!(pub_input_size <= pub_input_buffer.len());
-        pub_input_buffer[..pub_input_size].clone_from_slice(PUB_INPUT_BYTES);
-
-        let result =
-            verify_mina_state_ffi(&proof_buffer, proof_size, &pub_input_buffer, pub_input_size);
-        assert!(result);
+        let result = verify_mina_state_ffi(
+            PROOF_BYTES.as_ptr(),
+            PROOF_BYTES.len() as u32,
+            PUB_INPUT_BYTES.as_ptr(),
+            PUB_INPUT_BYTES.len() as u32,
+        );
+        assert_eq!(result, 1);
     }
 
     #[test]
     fn mina_state_proof_with_bad_bridge_tip_hash_does_not_verify() {
-        let mut proof_buffer = [0u8; PROOF_BYTES.len()];
-        let proof_size = PROOF_BYTES.len();
-        assert!(proof_size <= proof_buffer.len());
-        proof_buffer[..proof_size].clone_from_slice(PROOF_BYTES);
-
-        let mut pub_input_buffer = [0u8; super::MAX_PUB_INPUT_SIZE];
-        let pub_input_size = BAD_HASH_PUB_INPUT_BYTES.len();
-        assert!(pub_input_size <= pub_input_buffer.len());
-        pub_input_buffer[..pub_input_size].clone_from_slice(BAD_HASH_PUB_INPUT_BYTES);
-
-        let result =
-            verify_mina_state_ffi(&proof_buffer, proof_size, &pub_input_buffer, pub_input_size);
-        assert!(!result);
+        let result = verify_mina_state_ffi(
+            PROOF_BYTES.as_ptr(),
+            PROOF_BYTES.len() as u32,
+            BAD_HASH_PUB_INPUT_BYTES.as_ptr(),
+            BAD_HASH_PUB_INPUT_BYTES.len() as u32,
+        );
+        assert_eq!(result, 0);
     }
 
     #[test]
     fn empty_mina_state_proof_does_not_verify() {
-        let proof_buffer = [0u8; PROOF_BYTES.len()];
-        let proof_size = PROOF_BYTES.len();
-
-        let mut pub_input_buffer = [0u8; super::MAX_PUB_INPUT_SIZE];
-        let pub_input_size = PUB_INPUT_BYTES.len();
-        assert!(pub_input_size <= pub_input_buffer.len());
-        pub_input_buffer[..pub_input_size].clone_from_slice(PUB_INPUT_BYTES);
-
-        let result =
-            verify_mina_state_ffi(&proof_buffer, proof_size, &pub_input_buffer, pub_input_size);
-        assert!(!result);
-    }
-
-    #[test]
-    fn valid_mina_state_proof_with_empty_pub_input_does_not_verify() {
-        let mut proof_buffer = [0u8; PROOF_BYTES.len()];
-        let proof_size = PROOF_BYTES.len();
-        assert!(proof_size <= proof_buffer.len());
-        proof_buffer[..proof_size].clone_from_slice(PROOF_BYTES);
-
-        let pub_input_buffer = [0u8; super::MAX_PUB_INPUT_SIZE];
-        let pub_input_size = PUB_INPUT_BYTES.len();
-
-        let result =
-            verify_mina_state_ffi(&proof_buffer, proof_size, &pub_input_buffer, pub_input_size);
-        assert!(!result);
-    }
-
-    #[test]
-    fn valid_mina_state_proof_with_greater_proof_size_does_not_verify() {
-        let mut proof_buffer = [0u8; PROOF_BYTES.len()];
-        let wrong_proof_size = PROOF_BYTES.len() + 1;
-        proof_buffer[..PROOF_BYTES.len()].clone_from_slice(PROOF_BYTES);
-
-        let mut pub_input_buffer = [0u8; super::MAX_PUB_INPUT_SIZE];
-        let pub_input_size = PUB_INPUT_BYTES.len();
-        assert!(pub_input_size <= pub_input_buffer.len());
-        pub_input_buffer[..pub_input_size].clone_from_slice(PUB_INPUT_BYTES);
+        const PROOF_SIZE: usize = PROOF_BYTES.len();
+        let empty_proof_buffer = [0u8; PROOF_SIZE];
 
         let result = verify_mina_state_ffi(
-            &proof_buffer,
-            wrong_proof_size,
-            &pub_input_buffer,
-            pub_input_size,
+            empty_proof_buffer.as_ptr(),
+            PROOF_SIZE as u32,
+            PUB_INPUT_BYTES.as_ptr(),
+            PUB_INPUT_BYTES.len() as u32,
         );
-        assert!(!result);
+        assert_eq!(result, 0);
     }
 
     #[test]
-    fn valid_mina_state_proof_with_greater_pub_input_size_does_not_verify() {
-        let mut proof_buffer = [0u8; PROOF_BYTES.len()];
-        let proof_size = PROOF_BYTES.len();
-        assert!(proof_size <= proof_buffer.len());
-        proof_buffer[..proof_size].clone_from_slice(PROOF_BYTES);
-
-        let mut pub_input_buffer = [0u8; super::MAX_PUB_INPUT_SIZE];
-        let wrong_pub_input_size = MAX_PUB_INPUT_SIZE + 1;
-        pub_input_buffer[..PUB_INPUT_BYTES.len()].clone_from_slice(PUB_INPUT_BYTES);
+    fn valid_mina_state_proof_with_empty_pub_input_does_not_verify() {
+        const PUB_INPUT_SIZE: usize = PUB_INPUT_BYTES.len();
+        let empty_pub_input_buffer = [0u8; PUB_INPUT_SIZE];
 
         let result = verify_mina_state_ffi(
-            &proof_buffer,
-            proof_size,
-            &pub_input_buffer,
-            wrong_pub_input_size,
+            PROOF_BYTES.as_ptr(),
+            PROOF_BYTES.len() as u32,
+            empty_pub_input_buffer.as_ptr(),
+            PUB_INPUT_SIZE as u32,
         );
-        assert!(!result);
+        assert_eq!(result, 0);
     }
 }

operator/mina/mina.go

@@ -9,25 +9,36 @@ package mina
 import "C"
 import (
 	"fmt"
-	"time"
 	"unsafe"
 )
 
-func timer() func() {
-	start := time.Now()
-	return func() {
-		fmt.Printf("Mina block verification took %v\n", time.Since(start))
-	}
-}
-
-func VerifyMinaState(proofBuffer []byte, proofLen uint, pubInputBuffer []byte, pubInputLen uint) bool {
-	defer timer()()
-
+func VerifyMinaState(proofBuffer []byte, pubInputBuffer []byte) (isVerified bool, err error) {
+	// Here we define the return value on failure
+	isVerified = false
+	err = nil
 	if len(proofBuffer) == 0 || len(pubInputBuffer) == 0 {
-		return false
+		return isVerified, err
 	}
 
+	// This will catch any go panic
+	defer func() {
+		rec := recover()
+		if rec != nil {
+			err = fmt.Errorf("Panic was caught while verifying sp1 proof: %s", rec)
+		}
+	}()
+
 	proofPtr := (*C.uchar)(unsafe.Pointer(&proofBuffer[0]))
 	pubInputPtr := (*C.uchar)(unsafe.Pointer(&pubInputBuffer[0]))
-	return (bool)(C.verify_mina_state_ffi(proofPtr, (C.uint)(proofLen), pubInputPtr, (C.uint)(pubInputLen)))
+
+	r := (C.int32_t)(C.verify_mina_state_ffi(proofPtr, (C.uint32_t)(len(proofBuffer)), pubInputPtr, (C.uint32_t)(len(pubInputBuffer))))
+
+	if r == -1 {
+		err = fmt.Errorf("Panic happened on FFI while verifying Mina proof")
+		return isVerified, err
+	}
+
+	isVerified = (r == 1)
+
+	return isVerified, err
 }

operator/mina/mina_test.go

@@ -1,77 +1,71 @@
 package mina_test
 
 import (
-	"fmt"
 	"os"
 	"testing"
 
 	"github.com/yetanotherco/aligned_layer/operator/mina"
 )
 
+const ProofFilePath = "../../scripts/test_files/mina/mina_state.proof"
+
+const PubInputFilePath = "../../scripts/test_files/mina/mina_state.pub"
+
 func TestMinaStateProofVerifies(t *testing.T) {
-	fmt.Println(os.Getwd())
-	proofFile, err := os.Open("../../scripts/test_files/mina/mina_state.proof")
+	proofBytes, err := os.ReadFile(ProofFilePath)
 	if err != nil {
 		t.Errorf("could not open mina state proof file")
 	}
 
-	proofBuffer := make([]byte, mina.MAX_PROOF_SIZE)
-	proofLen, err := proofFile.Read(proofBuffer)
-	if err != nil {
-		t.Errorf("could not read bytes from mina state proof file")
-	}
-
-	pubInputFile, err := os.Open("../../scripts/test_files/mina/mina_state.pub")
-	if err != nil {
-		t.Errorf("could not open mina state hash file")
-	}
-	pubInputBuffer := make([]byte, mina.MAX_PUB_INPUT_SIZE)
-	pubInputLen, err := pubInputFile.Read(pubInputBuffer)
+	pubInputBytes, err := os.ReadFile(PubInputFilePath)
 	if err != nil {
-		t.Errorf("could not read bytes from mina state hash")
+		t.Errorf("could not open mina state pub input file")
 	}
 
-	if !mina.VerifyMinaState(([mina.MAX_PROOF_SIZE]byte)(proofBuffer), uint(proofLen), ([mina.MAX_PUB_INPUT_SIZE]byte)(pubInputBuffer), uint(pubInputLen)) {
+	verified, err := mina.VerifyMinaState(proofBytes, pubInputBytes)
+	if err != nil || !verified {
 		t.Errorf("proof did not verify")
 	}
 }
 
 func TestEmptyMinaStateProofDoesNotVerify(t *testing.T) {
-	fmt.Println(os.Getwd())
-
-	proofBuffer := make([]byte, mina.MAX_PROOF_SIZE)
-
-	pubInputFile, err := os.Open("../../scripts/test_files/mina/mina_state.pub")
+	proofBytes, err := os.ReadFile(ProofFilePath)
 	if err != nil {
-		t.Errorf("could not open mina state hash file")
+		t.Errorf("could not open mina state proof file")
 	}
-	pubInputBuffer := make([]byte, mina.MAX_PUB_INPUT_SIZE)
-	pubInputLen, err := pubInputFile.Read(pubInputBuffer)
+	emptyProofBuffer := make([]byte, len(proofBytes))
+
+	pubInputBytes, err := os.ReadFile(PubInputFilePath)
 	if err != nil {
-		t.Errorf("could not read bytes from mina state hash")
+		t.Errorf("could not open mina state pub input file")
 	}
 
-	if mina.VerifyMinaState(([mina.MAX_PROOF_SIZE]byte)(proofBuffer), mina.MAX_PROOF_SIZE, ([mina.MAX_PUB_INPUT_SIZE]byte)(pubInputBuffer), uint(pubInputLen)) {
-		t.Errorf("empty proof should not verify but it did")
+	verified, err := mina.VerifyMinaState(emptyProofBuffer, pubInputBytes)
+	if err != nil {
+		t.Errorf("verification failed with error")
+	}
+	if verified {
+		t.Errorf("proof should not verify")
 	}
 }
 
 func TestMinaStateProofWithEmptyPubInputDoesNotVerify(t *testing.T) {
-	fmt.Println(os.Getwd())
-	proofFile, err := os.Open("../../scripts/test_files/mina/mina_state.proof")
+	proofBytes, err := os.ReadFile(ProofFilePath)
 	if err != nil {
 		t.Errorf("could not open mina state proof file")
 	}
 
-	proofBuffer := make([]byte, mina.MAX_PROOF_SIZE)
-	proofLen, err := proofFile.Read(proofBuffer)
+	pubInputBytes, err := os.ReadFile(PubInputFilePath)
 	if err != nil {
-		t.Errorf("could not read bytes from mina state proof file")
+		t.Errorf("could not open mina state pub input file")
 	}
+	emptyPubInputBuffer := make([]byte, len(pubInputBytes))
 
-	pubInputBuffer := make([]byte, mina.MAX_PUB_INPUT_SIZE)
-
-	if mina.VerifyMinaState(([mina.MAX_PROOF_SIZE]byte)(proofBuffer), uint(proofLen), ([mina.MAX_PUB_INPUT_SIZE]byte)(pubInputBuffer), mina.MAX_PUB_INPUT_SIZE) {
-		t.Errorf("proof with no public inputs should not verify but it did")
+	verified, err := mina.VerifyMinaState(proofBytes, emptyPubInputBuffer)
+	if err != nil {
+		t.Errorf("verification failed with error")
+	}
+	if verified {
+		t.Errorf("proof should not verify")
 	}
 }

operator/sp1/sp1.go

@@ -1,8 +1,8 @@
 package sp1
 
 /*
-#cgo linux LDFLAGS: ${SRCDIR}/lib/libsp1_verifier_ffi.so -ldl -lrt -lm -lssl -lcrypto -Wl,--allow-multiple-definition
 #cgo darwin LDFLAGS: -L./lib -lsp1_verifier_ffi
+#cgo linux LDFLAGS: ${SRCDIR}/lib/libsp1_verifier_ffi.so -ldl -lrt -lm -lssl -lcrypto -Wl,--allow-multiple-definition
 
 #include "lib/sp1.h"
 */