From ee0d09012b64bb0ee831bf6018fc4154bea80811 Mon Sep 17 00:00:00 2001 From: Oliver He Date: Tue, 12 Mar 2024 20:42:34 -0400 Subject: [PATCH] Fix public_inputs_hash generation when extra_field not set and serde deserialization bugs. Add google as provider for devnet (#12476) * fix bugs * update * add google as default provider for chain ids above 100 * fix * use lazy * remove unused deps * lint --- aptos-move/vm-genesis/src/lib.rs | 15 +++++++++++++++ types/src/keyless/bn254_circom.rs | 8 +++++++- types/src/keyless/openid_sig.rs | 1 + 3 files changed, 23 insertions(+), 1 deletion(-) diff --git a/aptos-move/vm-genesis/src/lib.rs b/aptos-move/vm-genesis/src/lib.rs index 7505aa25e1c64..ab171a4bb8050 100644 --- a/aptos-move/vm-genesis/src/lib.rs +++ b/aptos-move/vm-genesis/src/lib.rs @@ -582,6 +582,21 @@ fn initialize_keyless_accounts(session: &mut SessionExt, chain_id: ChainId) { ]), ); } + if !chain_id.id() > 100 { + exec_function( + session, + JWKS_MODULE_NAME, + "upsert_oidc_provider", + vec![], + serialize_values(&vec![ + MoveValue::Signer(CORE_CODE_ADDRESS), + "https://accounts.google.com".to_string().as_move_value(), + "https://accounts.google.com/.well-known/openid-configuration" + .to_string() + .as_move_value(), + ]), + ); + } } fn create_accounts(session: &mut SessionExt, accounts: &[AccountBalance]) { diff --git a/types/src/keyless/bn254_circom.rs b/types/src/keyless/bn254_circom.rs index f780ab2ba6c5d..38b056d366ac5 100644 --- a/types/src/keyless/bn254_circom.rs +++ b/types/src/keyless/bn254_circom.rs @@ -1,5 +1,6 @@ // Copyright © Aptos Foundation +use super::circuit_constants::MAX_EXTRA_FIELD_BYTES; use crate::{ jwks::rsa::RSA_JWK, keyless::{ @@ -14,6 +15,7 @@ use ark_bn254::{Fq, Fq2, Fr, G1Affine, G1Projective, G2Affine, G2Projective}; use ark_ff::PrimeField; use ark_serialize::{CanonicalDeserialize, CanonicalSerialize}; use num_traits::{One, Zero}; +use once_cell::sync::Lazy; use serde::{Deserialize, Deserializer, Serialize, Serializer}; use serde_big_array::BigArray; @@ -22,6 +24,10 @@ use serde_big_array::BigArray; pub const G1_PROJECTIVE_COMPRESSED_NUM_BYTES: usize = 32; pub const G2_PROJECTIVE_COMPRESSED_NUM_BYTES: usize = 64; +// When the extra_field is none, use this hash value which is equal to the hash of a single space string. +static EMPTY_EXTRA_FIELD_HASH: Lazy = + Lazy::new(|| poseidon_bn254::pad_and_hash_string(" ", MAX_EXTRA_FIELD_BYTES as usize).unwrap()); + /// This will do the proper subgroup membership checks. pub fn g1_projective_str_to_affine(x: &str, y: &str) -> anyhow::Result { let g1_affine = G1Bytes::new_unchecked(x, y)?.deserialize_into_affine()?; @@ -240,7 +246,7 @@ pub fn get_public_inputs_hash( ) -> anyhow::Result { if let EphemeralCertificate::ZeroKnowledgeSig(proof) = &sig.cert { let (has_extra_field, extra_field_hash) = match &proof.extra_field { - None => (Fr::zero(), Fr::zero()), + None => (Fr::zero(), *Lazy::force(&EMPTY_EXTRA_FIELD_HASH)), Some(extra_field) => ( Fr::one(), poseidon_bn254::pad_and_hash_string( diff --git a/types/src/keyless/openid_sig.rs b/types/src/keyless/openid_sig.rs index 4331c14d5471c..b96cf1b1ea20d 100644 --- a/types/src/keyless/openid_sig.rs +++ b/types/src/keyless/openid_sig.rs @@ -174,6 +174,7 @@ pub struct Claims { #[serde(flatten)] pub oidc_claims: OidcClaims, #[serde(default)] + #[serde(flatten)] pub additional_claims: BTreeMap, }