fix: batcher sends proof even if eip712 signature contents are incompatible (#1005)

Author: uri-99

Makefile

@@ -232,7 +232,7 @@ batcher/target/release/aligned:
 
 
 RPC_URL=http://localhost:8545
-BATCHER_PAYMENTS_CONTRACT_ADDRESS=0x7969c5eD335650692Bc04293B07F5BF2e7A673C0
+NETWORK=devnet # devnet | holesky-stage | holesky
 
 batcher_send_sp1_task:
 	@echo "Sending SP1 fibonacci task to Batcher..."
@@ -242,7 +242,7 @@ batcher_send_sp1_task:
 		--vm_program ../../scripts/test_files/sp1/sp1_fibonacci.elf \
 		--proof_generator_addr 0x66f9664f97F2b50F62D13eA064982f936dE76657 \
 		--rpc_url $(RPC_URL) \
-		--payment_service_addr $(BATCHER_PAYMENTS_CONTRACT_ADDRESS)
+		--network $(NETWORK)
 
 batcher_send_sp1_burst:
 	@echo "Sending SP1 fibonacci task to Batcher..."
@@ -253,7 +253,7 @@ batcher_send_sp1_burst:
 		--repetitions $(BURST_SIZE) \
 		--proof_generator_addr 0x66f9664f97F2b50F62D13eA064982f936dE76657 \
 		--rpc_url $(RPC_URL) \
-		--payment_service_addr $(BATCHER_PAYMENTS_CONTRACT_ADDRESS)
+		--network $(NETWORK)
 
 batcher_send_infinite_sp1:
 	@echo "Sending infinite SP1 fibonacci task to Batcher..."
@@ -268,7 +268,7 @@ batcher_send_risc0_task:
         --public_input ../../scripts/test_files/risc_zero/fibonacci_proof_generator/risc_zero_fibonacci.pub \
 		--proof_generator_addr 0x66f9664f97F2b50F62D13eA064982f936dE76657 \
 		--rpc_url $(RPC_URL) \
-		--payment_service_addr $(BATCHER_PAYMENTS_CONTRACT_ADDRESS)
+		--network $(NETWORK)
 
 batcher_send_risc0_burst:
 	@echo "Sending Risc0 fibonacci task to Batcher..."
@@ -280,7 +280,7 @@ batcher_send_risc0_burst:
         --repetitions $(BURST_SIZE) \
 		--proof_generator_addr 0x66f9664f97F2b50F62D13eA064982f936dE76657 \
 		--rpc_url $(RPC_URL) \
-		--payment_service_addr $(BATCHER_PAYMENTS_CONTRACT_ADDRESS)
+		--network $(NETWORK)
 
 batcher_send_plonk_bn254_task: batcher/target/release/aligned
 	@echo "Sending Groth16Bn254 1!=0 task to Batcher..."
@@ -291,7 +291,7 @@ batcher_send_plonk_bn254_task: batcher/target/release/aligned
 		--vk ../../scripts/test_files/gnark_plonk_bn254_script/plonk.vk \
 		--proof_generator_addr 0x66f9664f97F2b50F62D13eA064982f936dE76657 \
 		--rpc_url $(RPC_URL) \
-		--payment_service_addr $(BATCHER_PAYMENTS_CONTRACT_ADDRESS)
+		--network $(NETWORK)
 
 batcher_send_plonk_bn254_burst: batcher/target/release/aligned
 	@echo "Sending Groth16Bn254 1!=0 task to Batcher..."
@@ -303,7 +303,7 @@ batcher_send_plonk_bn254_burst: batcher/target/release/aligned
 		--proof_generator_addr 0x66f9664f97F2b50F62D13eA064982f936dE76657 \
 		--rpc_url $(RPC_URL) \
 		--repetitions 4 \
-		--payment_service_addr $(BATCHER_PAYMENTS_CONTRACT_ADDRESS)
+		--network $(NETWORK)
 
 batcher_send_plonk_bls12_381_task: batcher/target/release/aligned
 	@echo "Sending Groth16 BLS12-381 1!=0 task to Batcher..."
@@ -314,7 +314,7 @@ batcher_send_plonk_bls12_381_task: batcher/target/release/aligned
 		--vk ../../scripts/test_files/gnark_plonk_bls12_381_script/plonk.vk \
 		--proof_generator_addr 0x66f9664f97F2b50F62D13eA064982f936dE76657 \
 		--rpc_url $(RPC_URL) \
-		--payment_service_addr $(BATCHER_PAYMENTS_CONTRACT_ADDRESS)
+		--network $(NETWORK)
 
 batcher_send_plonk_bls12_381_burst: batcher/target/release/aligned
 	@echo "Sending Groth16 BLS12-381 1!=0 task to Batcher..."
@@ -326,8 +326,7 @@ batcher_send_plonk_bls12_381_burst: batcher/target/release/aligned
 		--proof_generator_addr 0x66f9664f97F2b50F62D13eA064982f936dE76657 \
 		--repetitions 15 \
 		--rpc_url $(RPC_URL) \
-		--payment_service_addr $(BATCHER_PAYMENTS_CONTRACT_ADDRESS)
-
+		--network $(NETWORK)
 
 batcher_send_groth16_bn254_task: batcher/target/release/aligned
 	@echo "Sending Groth16Bn254 1!=0 task to Batcher..."
@@ -338,7 +337,7 @@ batcher_send_groth16_bn254_task: batcher/target/release/aligned
 		--vk ../../scripts/test_files/gnark_groth16_bn254_infinite_script/infinite_proofs/ineq_1_groth16.vk \
 		--proof_generator_addr 0x66f9664f97F2b50F62D13eA064982f936dE76657 \
 		--rpc_url $(RPC_URL) \
-		--payment_service_addr $(BATCHER_PAYMENTS_CONTRACT_ADDRESS)
+		--network $(NETWORK)
 
 batcher_send_infinite_groth16: batcher/target/release/aligned ## Send a different Groth16 BN254 proof using the client every 3 seconds
 	@mkdir -p scripts/test_files/gnark_groth16_bn254_infinite_script/infinite_proofs
@@ -358,7 +357,7 @@ batcher_send_halo2_ipa_task: batcher/target/release/aligned
 		--public_input ../../scripts/test_files/halo2_ipa/pub_input.bin \
 		--vk ../../scripts/test_files/halo2_ipa/params.bin \
 		--rpc_url $(RPC_URL) \
-		--payment_service_addr $(BATCHER_PAYMENTS_CONTRACT_ADDRESS)
+		--network $(NETWORK)
 
 batcher_send_halo2_ipa_task_burst_5: batcher/target/release/aligned
 	@echo "Sending Halo2 IPA 1!=0 task to Batcher..."
@@ -369,7 +368,7 @@ batcher_send_halo2_ipa_task_burst_5: batcher/target/release/aligned
 		--vk ../../scripts/test_files/halo2_ipa/params.bin \
 		--repetitions 5 \
 		--rpc_url $(RPC_URL) \
-		--payment_service_addr $(BATCHER_PAYMENTS_CONTRACT_ADDRESS)
+		--network $(NETWORK)
 
 batcher_send_halo2_kzg_task: batcher/target/release/aligned
 	@echo "Sending Halo2 KZG 1!=0 task to Batcher..."
@@ -380,7 +379,7 @@ batcher_send_halo2_kzg_task: batcher/target/release/aligned
 		--vk ../../scripts/test_files/halo2_kzg/params.bin \
 		--proof_generator_addr 0x66f9664f97F2b50F62D13eA064982f936dE76657 \
 		--rpc_url $(RPC_URL) \
-		--payment_service_addr $(BATCHER_PAYMENTS_CONTRACT_ADDRESS)
+		--network $(NETWORK)
 
 batcher_send_halo2_kzg_task_burst_5: batcher/target/release/aligned
 	@echo "Sending Halo2 KZG 1!=0 task to Batcher..."
@@ -392,7 +391,7 @@ batcher_send_halo2_kzg_task_burst_5: batcher/target/release/aligned
 		--repetitions 5 \
 		--proof_generator_addr 0x66f9664f97F2b50F62D13eA064982f936dE76657 \
 		--rpc_url $(RPC_URL) \
-		--payment_service_addr $(BATCHER_PAYMENTS_CONTRACT_ADDRESS)
+		--network $(NETWORK)
 
 __GENERATE_PROOFS__:
  # TODO add a default proving system

batcher/aligned-batcher/src/lib.rs

@@ -441,7 +441,7 @@ impl Batcher {
 
         if client_msg.verification_data.chain_id != self.chain_id {
             warn!(
-                "Received message with incorrect chain id: {}",
+                "Received message with incorrect chain id: {}", //This check does not save against "Holesky" and "HoleskyStage", since both are chain_id 17000
                 client_msg.verification_data.chain_id
             );
 
@@ -454,13 +454,32 @@ impl Batcher {
             return Ok(());
         }
 
+        if client_msg.verification_data.payment_service_addr != self.payment_service.address() {
+            warn!(
+                "Received message with incorrect payment service address: {}", //This checks saves against "Holesky" and "HoleskyStage", since each one has a different payment service address
+                client_msg.verification_data.payment_service_addr
+            );
+
+            send_message(
+                ws_conn_sink.clone(),
+                ValidityResponseMessage::InvalidPaymentServiceAddress(
+                    client_msg.verification_data.payment_service_addr,
+                    self.payment_service.address(),
+                ),
+            )
+            .await;
+
+            return Ok(());
+        }
+
         info!("Verifying message signature...");
         if let Ok(addr) = client_msg.verify_signature() {
             info!("Message signature verified");
             if self.is_nonpaying(&addr) {
                 self.handle_nonpaying_msg(ws_conn_sink.clone(), client_msg)
                     .await
             } else {
+                info!("Handling paying message");
                 if !self
                     .check_user_balance_and_increment_proof_count(&addr)
                     .await

batcher/aligned-sdk/src/communication/batch.rs

@@ -4,7 +4,7 @@ use crate::{
     core::{
         errors,
         types::{
-            AlignedVerificationData, BatchInclusionData, Chain, VerificationCommitmentBatch,
+            AlignedVerificationData, BatchInclusionData, Network, VerificationCommitmentBatch,
             VerificationDataCommitment,
         },
     },
@@ -43,18 +43,12 @@ pub fn handle_batch_inclusion_data(
 pub async fn await_batch_verification(
     aligned_verification_data: &AlignedVerificationData,
     rpc_url: &str,
-    chain: Chain,
-    payment_service_addr: &str,
+    network: Network,
 ) -> Result<(), errors::SubmitError> {
     for _ in 0..RETRIES {
-        if is_proof_verified(
-            aligned_verification_data,
-            chain.clone(),
-            rpc_url,
-            payment_service_addr,
-        )
-        .await
-        .is_ok_and(|r| r)
+        if is_proof_verified(aligned_verification_data, network, rpc_url)
+            .await
+            .is_ok_and(|r| r)
         {
             return Ok(());
         }

batcher/aligned-sdk/src/communication/messaging.rs

@@ -114,6 +114,16 @@ pub async fn send_messages(
                 error!("Invalid replacement message!");
                 return Err(SubmitError::InvalidReplacementMessage);
             }
+            ValidityResponseMessage::InvalidPaymentServiceAddress(received_addr, expected_addr) => {
+                error!(
+                    "Invalid payment service address, received: {}, expected: {}",
+                    received_addr, expected_addr
+                );
+                return Err(SubmitError::InvalidPaymentServiceAddress(
+                    received_addr,
+                    expected_addr,
+                ));
+            }
         };
 
         sent_verification_data.push(verification_data.clone());

batcher/aligned-sdk/src/core/errors.rs

@@ -2,7 +2,7 @@ use core::fmt;
 use ethers::providers::ProviderError;
 use ethers::signers::WalletError;
 use ethers::types::transaction::eip712::Eip712Error;
-use ethers::types::SignatureError;
+use ethers::types::{SignatureError, H160};
 use std::io;
 use std::path::PathBuf;
 use tokio_tungstenite::tungstenite::protocol::CloseFrame;
@@ -80,6 +80,7 @@ pub enum SubmitError {
     ProofTooLarge,
     InvalidReplacementMessage,
     InsufficientBalance,
+    InvalidPaymentServiceAddress(H160, H160),
     BatchSubmissionFailed(String),
     GenericError(String),
 }
@@ -114,6 +115,9 @@ impl From<VerificationError> for SubmitError {
             VerificationError::HexDecodingError(e) => SubmitError::HexDecodingError(e.to_string()),
             VerificationError::EthereumProviderError(e) => SubmitError::EthereumProviderError(e),
             VerificationError::EthereumCallError(e) => SubmitError::EthereumProviderError(e),
+            VerificationError::EthereumNotAContract(address) => {
+                SubmitError::InvalidEthereumAddress(address.to_string())
+            }
         }
     }
 }
@@ -178,6 +182,13 @@ impl fmt::Display for SubmitError {
             SubmitError::ProofTooLarge => write!(f, "Proof too Large"),
             SubmitError::InvalidReplacementMessage => write!(f, "Invalid replacement message"),
             SubmitError::InsufficientBalance => write!(f, "Insufficient balance"),
+            SubmitError::InvalidPaymentServiceAddress(received_addr, expected_addr) => {
+                write!(
+                    f,
+                    "Invalid payment service address, received: {}, expected: {}",
+                    received_addr, expected_addr
+                )
+            }
             SubmitError::ProofQueueFlushed => write!(f, "Batch reset"),
         }
     }
@@ -188,6 +199,7 @@ pub enum VerificationError {
     HexDecodingError(String),
     EthereumProviderError(String),
     EthereumCallError(String),
+    EthereumNotAContract(H160),
 }
 
 impl fmt::Display for VerificationError {
@@ -198,6 +210,9 @@ impl fmt::Display for VerificationError {
                 write!(f, "Ethereum provider error: {}", e)
             }
             VerificationError::EthereumCallError(e) => write!(f, "Ethereum call error: {}", e),
+            VerificationError::EthereumNotAContract(address) => {
+                write!(f, "Address {} does not contain a contract", address)
+            }
         }
     }
 }

batcher/aligned-sdk/src/core/types.rs

@@ -317,6 +317,7 @@ pub enum ValidityResponseMessage {
     InvalidReplacementMessage,
     ProofTooLarge,
     InsufficientBalance(Address),
+    InvalidPaymentServiceAddress(Address, Address),
 }
 
 #[derive(Debug, Clone, Serialize, Deserialize)]
@@ -328,8 +329,8 @@ pub enum ResponseMessage {
     Error(String),
 }
 
-#[derive(Debug, Clone)]
-pub enum Chain {
+#[derive(Debug, Clone, Copy)]
+pub enum Network {
     Devnet,
     Holesky,
     HoleskyStage,

batcher/aligned-sdk/src/eth/aligned_service_manager.rs

@@ -1,4 +1,3 @@
-use std::str::FromStr;
 use std::sync::Arc;
 
 use ethers::prelude::*;
@@ -18,11 +17,18 @@ type AlignedLayerServiceManager = AlignedLayerServiceManagerContract<Provider<Ht
 
 pub async fn aligned_service_manager(
     provider: Provider<Http>,
-    contract_address: &str,
+    contract_address: H160,
 ) -> Result<AlignedLayerServiceManager, VerificationError> {
     let client = Arc::new(provider);
-    let contract_addr = H160::from_str(contract_address)
-        .map_err(|e| VerificationError::HexDecodingError(e.to_string()))?;
 
-    Ok(AlignedLayerServiceManager::new(contract_addr, client))
+    // Verify that the contract has code at the given address
+    let code = client
+        .get_code(contract_address, None)
+        .await
+        .map_err(|e| VerificationError::EthereumProviderError(e.to_string()))?;
+    if code.is_empty() {
+        return Err(VerificationError::EthereumNotAContract(contract_address));
+    }
+
+    Ok(AlignedLayerServiceManager::new(contract_address, client))
 }

batcher/aligned-sdk/src/eth/batcher_payment_service.rs

@@ -1,4 +1,3 @@
-use std::str::FromStr;
 use std::sync::Arc;
 
 use ethers::prelude::*;
@@ -14,13 +13,20 @@ pub type BatcherPaymentService = BatcherPaymentServiceContract<Provider<Http>>;
 
 pub async fn batcher_payment_service(
     provider: Provider<Http>,
-    contract_address: &str,
+    contract_address: H160,
 ) -> Result<BatcherPaymentService, VerificationError> {
     let client = Arc::new(provider);
-    let contract_addr = H160::from_str(contract_address)
-        .map_err(|e| VerificationError::HexDecodingError(e.to_string()))?;
 
-    Ok(BatcherPaymentService::new(contract_addr, client))
+    // Verify that the contract has code at the given address
+    let code = client
+        .get_code(contract_address, None)
+        .await
+        .map_err(|e| VerificationError::EthereumProviderError(e.to_string()))?;
+    if code.is_empty() {
+        return Err(VerificationError::EthereumNotAContract(contract_address));
+    }
+
+    Ok(BatcherPaymentService::new(contract_address, client))
 }
 
 impl SignatureData {