feat: enforce image_id, vk_hash from solidity contract

MarcosNicolau · MarcosNicolau · commit 5bb7011c1e48 · 2025-04-30T18:34:03.000-03:00
diff --git a/aggregation_mode/abi/AlignedProofAggregationService.json b/aggregation_mode/abi/AlignedProofAggregationService.json
diff --git a/aggregation_mode/src/backend/mod.rs b/aggregation_mode/src/backend/mod.rs
@@ -20,7 +20,6 @@ use config::Config;
 use fetcher::{ProofsFetcher, ProofsFetcherError};
 use merkle_tree::compute_proofs_merkle_root;
 use risc0_ethereum_contracts::encode_seal;
-use sp1_sdk::HashableKey;
 use std::str::FromStr;
 use tracing::{error, info, warn};
 use types::{AlignedProofAggregationService, AlignedProofAggregationServiceContract};
@@ -154,7 +153,6 @@ impl ProofAggregator {
                 self.proof_aggregation_service
                     .verifySP1(
                         blob_versioned_hash.into(),
-                        proof.vk().bytes32_raw().into(),
                         proof.proof_with_pub_values.public_values.to_vec().into(),
                         proof.proof_with_pub_values.bytes().into(),
                     )
@@ -170,7 +168,6 @@ impl ProofAggregator {
                     .verifyRisc0(
                         blob_versioned_hash.into(),
                         encoded_seal.into(),
-                        proof.image_id.into(),
                         proof.receipt.journal.bytes.into(),
                     )
                     .sidecar(blob)
diff --git a/contracts/src/core/AlignedProofAggregationService.sol b/contracts/src/core/AlignedProofAggregationService.sol
@@ -36,6 +36,14 @@ contract AlignedProofAggregationService is
     /// if the sp1 verifier address is set to this address, then we skip verification
     address public constant VERIFIER_MOCK_ADDRESS = address(0xFF);
 
+    /// The unique identifier (image ID) of the RISC Zero aggregator program.
+    /// This ensures that only proofs generated by a trusted Risc0 program can be verified.
+    bytes32 public risc0AggregatorProgramImageId;
+
+    /// The verification key hash for the SP1 aggregator program.
+    /// This ensures that only proofs generated by a trusted SP1 program can be verified.
+    bytes32 public sp1AggregatorProgramVKHash;
+
     constructor() {
         _disableInitializers();
     }
@@ -44,45 +52,47 @@ contract AlignedProofAggregationService is
         address newOwner,
         address _alignedAggregatorAddress,
         address _sp1VerifierAddress,
-        address _risc0VerifierAddress
+        address _risc0VerifierAddress,
+        bytes32 _risc0AggregatorProgramImageId,
+        bytes32 _sp1AggregatorProgramVKHash
     ) public initializer {
         __Ownable_init();
         __UUPSUpgradeable_init();
         _transferOwnership(newOwner);
         alignedAggregatorAddress = _alignedAggregatorAddress;
         sp1VerifierAddress = _sp1VerifierAddress;
         risc0VerifierAddress = _risc0VerifierAddress;
+        risc0AggregatorProgramImageId = _risc0AggregatorProgramImageId;
+        sp1AggregatorProgramVKHash = _sp1AggregatorProgramVKHash;
     }
 
-    function verifySP1(
-        bytes32 blobVersionedHash,
-        bytes32 sp1ProgramVKey,
-        bytes calldata sp1PublicValues,
-        bytes calldata sp1ProofBytes
-    ) public onlyAlignedAggregator {
+    function verifySP1(bytes32 blobVersionedHash, bytes calldata sp1PublicValues, bytes calldata sp1ProofBytes)
+        public
+        onlyAlignedAggregator
+    {
         (bytes32 merkleRoot) = abi.decode(sp1PublicValues, (bytes32));
 
         // In dev mode, poofs are mocked, so we skip the verification part
         if (_isSP1VerificationEnabled()) {
-            ISP1Verifier(sp1VerifierAddress).verifyProof(sp1ProgramVKey, sp1PublicValues, sp1ProofBytes);
+            ISP1Verifier(sp1VerifierAddress).verifyProof(sp1AggregatorProgramVKHash, sp1PublicValues, sp1ProofBytes);
         }
 
         aggregatedProofs[merkleRoot] = true;
         emit AggregatedProofVerified(merkleRoot, blobVersionedHash);
     }
 
-    function verifyRisc0(
-        bytes32 blobVersionedHash,
-        bytes calldata risc0ReceiptSeal,
-        bytes32 risc0ImageId,
-        bytes calldata risc0JournalBytes
-    ) public onlyAlignedAggregator {
+    function verifyRisc0(bytes32 blobVersionedHash, bytes calldata risc0ReceiptSeal, bytes calldata risc0JournalBytes)
+        public
+        onlyAlignedAggregator
+    {
         (bytes32 merkleRoot) = abi.decode(risc0JournalBytes, (bytes32));
 
         // In dev mode, poofs are mocked, so we skip the verification part
         if (_isRisc0VerificationEnabled()) {
             bytes32 risc0JournalDigest = sha256(risc0JournalBytes);
-            IRiscZeroVerifier(risc0VerifierAddress).verify(risc0ReceiptSeal, risc0ImageId, risc0JournalDigest);
+            IRiscZeroVerifier(risc0VerifierAddress).verify(
+                risc0ReceiptSeal, risc0AggregatorProgramImageId, risc0JournalDigest
+            );
         }
 
         aggregatedProofs[merkleRoot] = true;
@@ -115,4 +125,16 @@ contract AlignedProofAggregationService is
     function setRisc0VerifierAddress(address _risc0VerifierAddress) external onlyOwner {
         risc0VerifierAddress = _risc0VerifierAddress;
     }
+
+    /// @notice Sets the image id of the Risc0 program
+    /// @param _risc0AggregatorProgramImageId The new imageid for the Risc0 aggregator program
+    function setRisc0AggregatorProgramImageId(bytes32 _risc0AggregatorProgramImageId) external onlyOwner {
+        risc0AggregatorProgramImageId = _risc0AggregatorProgramImageId;
+    }
+
+    /// @notice Sets the vk hash of the sp1 program
+    /// @param _sp1AggregatorProgramVKHash The new vk hash for the sp1 aggregator program
+    function setSP1AggregatorProgramVKHash(bytes32 _sp1AggregatorProgramVKHash) external onlyOwner {
+        sp1AggregatorProgramVKHash = _sp1AggregatorProgramVKHash;
+    }
 }
diff --git a/contracts/src/core/IAlignedProofAggregationService.sol b/contracts/src/core/IAlignedProofAggregationService.sol
@@ -5,22 +5,13 @@ interface IAlignedProofAggregationService {
     /// @dev This function is called by the aligned proof aggregator after collecting the proofs and aggregating them
     /// to be verified on-chain. We expect the blobTransactionHash to be called before
     /// @param blobVersionedHash the versioned hash of the blob transaction that contains the leaves that compose the merkle root.
-    /// @param sp1ProgramVKey Public verifying key
     /// @param sp1PublicValues Values used to perform the execution
     /// @param sp1ProofBytes Groth16 proof
-    function verifySP1(
-        bytes32 blobVersionedHash,
-        bytes32 sp1ProgramVKey,
-        bytes calldata sp1PublicValues,
-        bytes calldata sp1ProofBytes
-    ) external;
+    function verifySP1(bytes32 blobVersionedHash, bytes calldata sp1PublicValues, bytes calldata sp1ProofBytes)
+        external;
 
-    function verifyRisc0(
-        bytes32 blobVersionedHash,
-        bytes calldata risc0ReceiptSeal,
-        bytes32 risc0ImageId,
-        bytes calldata risc0JournalBytes
-    ) external;
+    function verifyRisc0(bytes32 blobVersionedHash, bytes calldata risc0ReceiptSeal, bytes calldata risc0JournalBytes)
+        external;
 
     /// @notice event that gets emitted after a successful aggregated proof verification
     event AggregatedProofVerified(bytes32 indexed merkleRoot, bytes32 blobVersionedHash);
