StarkEx v3.0

starkware-libs · Jun 14, 2021 · e42fede · e42fede
1 parent ceb62c0
commit e42fede
Show file tree

Hide file tree

Showing 102 changed files with 13,741 additions and 8,192 deletions.
diff --git a/common-contracts/src/components/FactRegistry.sol b/common-contracts/src/components/FactRegistry.sol
@@ -0,0 +1 @@
+../../../scalable-dex/contracts/src/components/FactRegistry.sol
diff --git a/common-contracts/src/interfaces/BlockDirectCall.sol b/common-contracts/src/interfaces/BlockDirectCall.sol
@@ -0,0 +1 @@
+../../../scalable-dex/contracts/src/interfaces/BlockDirectCall.sol
diff --git a/common-contracts/src/interfaces/FactRegistry.sol b/common-contracts/src/interfaces/FactRegistry.sol
diff --git a/common-contracts/src/upgrade/CallProxy.sol b/common-contracts/src/upgrade/CallProxy.sol
@@ -1,7 +1,9 @@
 // SPDX-License-Identifier: Apache-2.0.
 pragma solidity ^0.6.11;
 
+import "../interfaces/IFactRegistry.sol";
 import "./StorageSlots.sol";
+import "../interfaces/BlockDirectCall.sol";
 import "../libraries/Common.sol";
 
 /**
@@ -22,17 +24,19 @@ import "../libraries/Common.sol";
   The assumption is that if a different implementation is needed, it will be performed
   in an upgradeTo a new deployed CallProxy, pointing to a new implementation.
 */
-contract CallProxy is StorageSlots {
+contract CallProxy is BlockDirectCall, StorageSlots {
 
     using Addresses for address;
 
+    string public constant CALL_PROXY_VERSION = "3.0.0";
+
     // Proxy client - initialize & isFrozen.
     // NOLINTNEXTLINE: external-function.
     function isFrozen() public pure returns(bool) {
         return false;
     }
 
-    function initialize(bytes calldata data) external {
+    function initialize(bytes calldata data) external notCalledDirectly {
         require(data.length == 32, "INCORRECT_DATA_SIZE");
         address impl = abi.decode(data, (address));
         require(impl.isContract(), "ADDRESS_NOT_CONTRACT");
@@ -59,12 +63,30 @@ contract CallProxy is StorageSlots {
         }
     }
 
+    /*
+      An explicit isValid entry point, used to make isValid a part of the ABI and visible
+      on Etherscan (and alike).
+    */
+    function isValid(bytes32 fact)
+        external view
+        returns(bool)
+    {
+        return IFactRegistry(callProxyImplementation()).isValid(fact);
+    }
+
+    /*
+      This entry point serves only transactions with empty calldata. (i.e. pure value transfer tx).
+      We don't expect to receive such, thus block them.
+    */
+    receive() external payable {
+        revert("CONTRACT_NOT_EXPECTED_TO_RECEIVE");
+    }
+
     /*
       Contract's default function. Pass execution to the implementation contract (using call).
       It returns back to the external caller whatever the implementation called code returns.
     */
-    // NOLINTNEXTLINE: locked-ether.
-    fallback() external payable {
+    fallback() external payable { // NOLINT locked-ether.
         address _implementation = callProxyImplementation();
         require(_implementation != address(0x0), "MISSING_IMPLEMENTATION");
         uint256 value = msg.value;

diff --git a/evm-verifier/solidity/contracts/FriStatementContract.sol b/evm-verifier/solidity/contracts/FriStatementContract.sol
@@ -1,7 +1,7 @@
 // SPDX-License-Identifier: Apache-2.0.
 pragma solidity ^0.6.11;
 
-import "./interfaces/FactRegistry.sol";
+import "./components/FactRegistry.sol";
 import "./FriLayer.sol";
 
 contract FriStatementContract is FriLayer, FactRegistry {

diff --git a/evm-verifier/solidity/contracts/MerkleStatementContract.sol b/evm-verifier/solidity/contracts/MerkleStatementContract.sol
@@ -1,7 +1,7 @@
 // SPDX-License-Identifier: Apache-2.0.
 pragma solidity ^0.6.11;
 
-import "./interfaces/FactRegistry.sol";
+import "./components/FactRegistry.sol";
 import "./MerkleVerifier.sol";
 
 contract MerkleStatementContract is MerkleVerifier, FactRegistry {

diff --git a/evm-verifier/solidity/contracts/components/FactRegistry.sol b/evm-verifier/solidity/contracts/components/FactRegistry.sol
@@ -0,0 +1 @@
+../../../../scalable-dex/contracts/src/components/FactRegistry.sol
diff --git a/evm-verifier/solidity/contracts/cpu/CairoBootloaderProgram.sol b/evm-verifier/solidity/contracts/cpu/CairoBootloaderProgram.sol
@@ -3,7 +3,7 @@
 pragma solidity ^0.6.11;
 
 contract CairoBootloaderProgramSize {
-    uint256 internal constant PROGRAM_SIZE = 224;
+    uint256 internal constant PROGRAM_SIZE = 209;
 }
 
 contract CairoBootloaderProgram is CairoBootloaderProgramSize {
@@ -12,8 +12,10 @@ contract CairoBootloaderProgram is CairoBootloaderProgramSize {
         returns (uint256[PROGRAM_SIZE] memory)
     {
         return [
+            290341444919459839,
+            4,
             1226245742482522112,
-            181,
+            166,
             74168662805676031,
             0,
             146226256843603965,
@@ -44,19 +46,12 @@ contract CairoBootloaderProgram is CairoBootloaderProgramSize {
             2345108766317314046,
             2345108766317314046,
             1226245742482522112,
-            5,
+            3618502788666131213697322783095070105623107215331596699973092056135872020480,
             5198420613823102976,
             3618502788666131213697322783095070105623107215331596699973092056135872020479,
             2345108766317314046,
-            2345108766317314046,
             1226245742482522112,
-            3618502788666131213697322783095070105623107215331596699973092056135872020474,
-            5198420613823168512,
-            3618502788666131213697322783095070105623107215331596699973092056135872020442,
-            5202361254907052032,
-            2345108766317314046,
-            1226245742482522112,
-            3618502788666131213697322783095070105623107215331596699973092056135872020468,
+            3618502788666131213697322783095070105623107215331596699973092056135872020475,
             5191102234363920384,
             5191102238658887680,
             5191102242953854976,
@@ -65,22 +60,26 @@ contract CairoBootloaderProgram is CairoBootloaderProgramSize {
             5189976364521848832,
             4,
             1226245742482522112,
-            3618502788666131213697322783095070105623107215331596699973092056135872020433,
+            3618502788666131213697322783095070105623107215331596699973092056135872020440,
             4623648689905041407,
             291467327646433279,
             2345108766317314046,
+            5199827962936983548,
+            5208553695804948479,
+            4612389708016287743,
+            5198983563776262144,
+            1,
+            2345108766317314046,
             146226256843603965,
             4,
             5191102230068953088,
             2345108766317314046,
+            5191102230068953088,
             5188850460319711232,
             5188850460319776768,
-            5201798300658860031,
             5188850460319842304,
-            5210805504208568318,
-            4612389708016222207,
-            5198983563776196608,
-            1,
+            1226245742482522112,
+            3618502788666131213697322783095070105623107215331596699973092056135872020467,
             5198983563776262144,
             1,
             5198983563776327680,
@@ -90,7 +89,7 @@ contract CairoBootloaderProgram is CairoBootloaderProgramSize {
             5198983563776458752,
             3618502788666131213697322783095070105623107215331596699973092056135872020480,
             1226245742482522112,
-            3618502788666131213697322783095070105623107215331596699973092056135872020461,
+            3618502788666131213697322783095070105623107215331596699973092056135872020463,
             2345108766317314046,
             5188850460319907840,
             5202361254907052032,
@@ -109,24 +108,23 @@ contract CairoBootloaderProgram is CairoBootloaderProgramSize {
             3618502788666131213697322783095070105623107215331596699973092056135872020472,
             2345108766317314046,
             146226256843603965,
-            6,
-            5191102225773985792,
-            5191102238658887680,
+            5,
+            5191102230068953088,
             5191102242953854976,
             2345108766317314046,
             290341444919459839,
             16,
             1226245742482522112,
-            3618502788666131213697322783095070105623107215331596699973092056135872020407,
+            3618502788666131213697322783095070105623107215331596699973092056135872020411,
             4617174774030761984,
-            4612671182992867338,
+            4612671182992932874,
             5189976364521848832,
             0,
             4612389712311713791,
-            5188850464614547456,
+            5188850464614612992,
             5191102264428691456,
             1226245742482522112,
-            3618502788666131213697322783095070105623107215331596699973092056135872020448,
+            3618502788666131213697322783095070105623107215331596699973092056135872020449,
             4612389712312303615,
             4622804286450008075,
             4,
@@ -137,69 +135,58 @@ contract CairoBootloaderProgram is CairoBootloaderProgramSize {
             4622804286450597890,
             2,
             4617174765440827395,
-            4612671191582801924,
-            4612671195877769221,
-            1226245742482522112,
-            3618502788666131213697322783095070105623107215331596699973092056135872020384,
-            4612389712311386110,
-            5189976364521848832,
-            16,
-            5201798304953696256,
-            4612389708016418815,
-            5191102230068953088,
+            4612671191582867460,
+            4612671195877834757,
+            5191102234363920384,
             5198983563776655360,
             2,
             5191102307378364416,
             5191102311673331712,
             1226245742482522112,
-            3618502788666131213697322783095070105623107215331596699973092056135872020385,
+            3618502788666131213697322783095070105623107215331596699973092056135872020389,
             1191342896910008320,
             1226245742482522112,
-            3618502788666131213697322783095070105623107215331596699973092056135872020370,
+            3618502788666131213697322783095070105623107215331596699973092056135872020381,
             4623648758625632255,
-            722405534170316800,
-            0,
-            5191102230068953088,
+            5191102234363920384,
             5198983563776655360,
             6,
             5191102307378364416,
             5191102320263266304,
             5189976364521848832,
             4,
             1226245742482522112,
-            3618502788666131213697322783095070105623107215331596699973092056135872020331,
+            3618502788666131213697322783095070105623107215331596699973092056135872020344,
             4623648754330533887,
-            5191102238658887680,
+            5191102242953854976,
             5198983563776655360,
             2,
             5198983563776655360,
             6,
-            5191102234363920384,
+            5191102238658887680,
             5189976364521848832,
             4,
             1226245742482522112,
-            3618502788666131213697322783095070105623107215331596699973092056135872020373,
+            3618502788666131213697322783095070105623107215331596699973092056135872020385,
             4623930225012473862,
             4612671182994046991,
             5198983563776655360,
             6,
-            5191102230068953088,
             5191102234363920384,
+            5191102238658887680,
             5193354042767540224,
-            5198983563776393216,
-            2,
             5198983563776458752,
             3618502788666131213697322783095070105623107215331596699973092056135872020480,
             1226245742482522112,
-            3618502788666131213697322783095070105623107215331596699973092056135872020399,
+            3618502788666131213697322783095070105623107215331596699973092056135872020411,
             2345108766317314046,
             290341444919459839,
             1,
-            5199265038752907265,
+            5199265038752972801,
             1,
-            5191383709340631042,
+            5191383713635598338,
             5191383735110434819,
-            5191383717930565636,
+            5191383722225532932,
             5190257839498559493,
             122550255383924,
             5190257839498559494,
@@ -217,24 +204,22 @@ contract CairoBootloaderProgram is CairoBootloaderProgramSize {
             5190257839498559500,
             2,
             1226245742482522112,
-            3618502788666131213697322783095070105623107215331596699973092056135872020307,
+            3618502788666131213697322783095070105623107215331596699973092056135872020322,
             5198420613823102976,
             1,
             5198420613823037440,
             5,
             5198420613822971904,
             9,
-            5191102238658887680,
-            5191102247248822272,
-            5188850460319645696,
-            1226245742482522112,
-            3618502788666131213697322783095070105623107215331596699973092056135872020362,
-            4614641507830300670,
-            5188287510366486528,
-            5188287514661388288,
-            5188287518956290048,
-            5188287523251191808,
-            5193354038472572928,
+            5191102242953854976,
+            5188850460319711232,
+            1226245742482522112,
+            3618502788666131213697322783095070105623107215331596699973092056135872020375,
+            4614641507830300671,
+            5188287510366552064,
+            5188287514661453824,
+            5188287518956355584,
+            5188287523251257344,
             2345108766317314046
         ];
     }

diff --git a/evm-verifier/solidity/contracts/cpu/CpuPublicInputOffsets.sol b/evm-verifier/solidity/contracts/cpu/CpuPublicInputOffsets.sol
@@ -19,17 +19,19 @@ contract CpuPublicInputOffsets {
     uint256 internal constant OFFSET_RANGE_CHECK_STOP_PTR = 13;
     uint256 internal constant OFFSET_ECDSA_BEGIN_ADDR = 14;
     uint256 internal constant OFFSET_ECDSA_STOP_PTR = 15;
-    uint256 internal constant OFFSET_CHECKPOINTS_BEGIN_PTR = 16;
-    uint256 internal constant OFFSET_CHECKPOINTS_STOP_PTR = 17;
-    uint256 internal constant OFFSET_PUBLIC_MEMORY_PADDING_ADDR = 18;
-    uint256 internal constant OFFSET_PUBLIC_MEMORY_PADDING_VALUE = 19;
-    uint256 internal constant OFFSET_N_PUBLIC_MEMORY_PAGES = 20;
-    uint256 internal constant OFFSET_PUBLIC_MEMORY = 21;
+    uint256 internal constant OFFSET_PUBLIC_MEMORY_PADDING_ADDR = 16;
+    uint256 internal constant OFFSET_PUBLIC_MEMORY_PADDING_VALUE = 17;
+    uint256 internal constant OFFSET_N_PUBLIC_MEMORY_PAGES = 18;
+    uint256 internal constant OFFSET_PUBLIC_MEMORY = 19;
 
     uint256 internal constant N_WORDS_PER_PUBLIC_MEMORY_ENTRY = 2;
     // The program segment starts from 1, so that memory address 0 is kept for the null pointer.
     uint256 internal constant INITIAL_PC = 1;
-    uint256 internal constant FINAL_PC = INITIAL_PC + 2;
+    // The first Cairo instructions are:
+    //   ap += n_args; call main; jmp rel 0.
+    // As the first two instructions occupy 2 cells each, the "jmp rel 0" instruction is at
+    // offset 4 relative to INITIAL_PC.
+    uint256 internal constant FINAL_PC = INITIAL_PC + 4;
 
     // The format of the public input, starting at OFFSET_PUBLIC_MEMORY is as follows:
     //   * For each page:

diff --git a/evm-verifier/solidity/contracts/cpu/CpuVerifier.sol.ref b/evm-verifier/solidity/contracts/cpu/CpuVerifier.sol.ref
@@ -30,6 +30,9 @@ interface PeriodicColumnContract {
   * verify that the arguments and return values for main() are properly set (e.g., the segment
     pointers).
   * check anything on the program output.
+  * verify that [initial_fp - 2] = initial_fp, which is required to guarantee the "safe call"
+    feature (that is, all "call" instructions will return, even if the called function is
+    malicious). It guarantees that it's not possible to create a cycle in the call stack.
 */
 contract CpuVerifier is StarkParameters, StarkVerifier, CpuPublicInputOffsets,
         CairoVerifierContract, MemoryPageFactRegistryConstants {
@@ -162,17 +165,6 @@ contract CpuVerifier is StarkParameters, StarkVerifier, CpuPublicInputOffsets,
         require(outputStopPtr < 2**64, "Out of range output stop_ptr.");
         }
 
-        // "checkpoints" memory segment.
-        ctx[MM_INITIAL_CHECKPOINTS_ADDR] = publicInput[OFFSET_CHECKPOINTS_BEGIN_PTR];
-        ctx[MM_FINAL_CHECKPOINTS_ADDR] = publicInput[OFFSET_CHECKPOINTS_STOP_PTR];
-        require(
-            ctx[MM_INITIAL_CHECKPOINTS_ADDR] <= ctx[MM_FINAL_CHECKPOINTS_ADDR],
-            "checkpoints begin_addr must be <= stop_ptr");
-        require(ctx[MM_FINAL_CHECKPOINTS_ADDR] < 2**64, "Out of range checkpoints stop_ptr.");
-        require(
-            (ctx[MM_FINAL_CHECKPOINTS_ADDR] - ctx[MM_INITIAL_CHECKPOINTS_ADDR]) % 2 == 0,
-            "Checkpoints should occupy an even number of cells.");
-
         // "pedersen" memory segment.
         ctx[MM_INITIAL_PEDERSEN_ADDR] = publicInput[OFFSET_PEDERSEN_BEGIN_ADDR];
         require(ctx[MM_INITIAL_PEDERSEN_ADDR] < 2**64, "Out of range pedersen begin_addr.");

diff --git a/evm-verifier/solidity/contracts/cpu/MemoryPageFactRegistry.sol b/evm-verifier/solidity/contracts/cpu/MemoryPageFactRegistry.sol
@@ -1,7 +1,7 @@
 // SPDX-License-Identifier: Apache-2.0.
 pragma solidity ^0.6.11;
 
-import "../interfaces/FactRegistry.sol";
+import "../components/FactRegistry.sol";
 
 contract MemoryPageFactRegistryConstants {
     // A page based on a list of pairs (address, value).
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1 @@
		../../../scalable-dex/contracts/src/components/FactRegistry.sol
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1 @@
		../../../scalable-dex/contracts/src/interfaces/BlockDirectCall.sol
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1 @@
		../../../../scalable-dex/contracts/src/components/FactRegistry.sol