From fc3cbe009b9cf6e7102c8bec66cd39eaad8fd644 Mon Sep 17 00:00:00 2001 From: Lorenzo Gentile Date: Fri, 5 Dec 2025 01:14:45 +0100 Subject: [PATCH 1/7] added skeleton of recover function --- Makefile | 4 ++++ rlpauth/rlpauth.zkasm | 8 ++++++++ 2 files changed, 12 insertions(+) create mode 100644 rlpauth/rlpauth.zkasm diff --git a/Makefile b/Makefile index c3a3cb03..be08f765 100644 --- a/Makefile +++ b/Makefile @@ -70,6 +70,8 @@ OOB_OSAKA := oob/osaka RLP_ADDR := rlpaddr +RLP_AUTH := rlpauth/rlpauth.zkasm + RLP_TXN_LONDON := rlptxn/london RLP_TXN_CANCUN := rlptxn/cancun RLP_TXN_PRAGUE := rlptxn/cancun @@ -196,6 +198,7 @@ ZKEVM_MODULES_PRAGUE := ${ZKEVM_MODULES_COMMON} \ ${MMU_LONDON} \ ${MXP_CANCUN} \ ${OOB_PRAGUE} \ + ${RLP_AUTH} \ ${RLP_TXN_PRAGUE} \ ${RLP_UTILS_CANCUN} \ ${TRM_LONDON} \ @@ -214,6 +217,7 @@ ZKEVM_MODULES_OSAKA := ${ZKEVM_MODULES_COMMON} \ ${MMU_OSAKA} \ ${MXP_CANCUN} \ ${OOB_OSAKA} \ + ${RLP_AUTH} \ ${RLP_TXN_PRAGUE} \ ${RLP_UTILS_CANCUN} \ ${TRM_OSAKA} \ diff --git a/rlpauth/rlpauth.zkasm b/rlpauth/rlpauth.zkasm new file mode 100644 index 00000000..2612242a --- /dev/null +++ b/rlpauth/rlpauth.zkasm @@ -0,0 +1,8 @@ +include "../constants/evm.zkasm" + +fn recover(chain_id u256, nonce u64, address u160, y_parity u8, r u256, s u256) -> (authority u160, error u1) +{ + authority = 0 + error = 0 + return +} \ No newline at end of file From 1f3eb0d2d3bf3dcddca8e076345d5a3911be0b5e Mon Sep 17 00:00:00 2001 From: Lorenzo Gentile Date: Wed, 10 Dec 2025 21:26:27 +0100 Subject: [PATCH 2/7] added some preliminary checks in rlpauth --- rlpauth/rlpauth.zkasm | 40 +++++++++++++++++++++++++++++++++++----- 1 file changed, 35 insertions(+), 5 deletions(-) diff --git a/rlpauth/rlpauth.zkasm b/rlpauth/rlpauth.zkasm index 2612242a..03d6407b 100644 --- a/rlpauth/rlpauth.zkasm +++ b/rlpauth/rlpauth.zkasm @@ -1,8 +1,38 @@ include "../constants/evm.zkasm" -fn recover(chain_id u256, nonce u64, address u160, y_parity u8, r u256, s u256) -> (authority u160, error u1) -{ - authority = 0 - error = 0 - return +;; https://eips.ethereum.org/EIPS/eip-7702 + +const SECP256K1N = 0xfffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffc2f + +fn rlpauth(CHAIN_ID u256, NONCE u64, ADDRESS u160, Y_PARITY u8, R u256, S u256) -> (AUTHORITY u160, ERROR u1) +{ + ;; The following checks are enforced by the types above: + ;; assert auth.chain_id < 2**256 + ;; assert auth.nonce < 2**64 + ;; assert len(auth.address) == 20 + ;; assert auth.y_parity < 2**8 + ;; assert auth.r < 2**256 + ;; assert auth.s < 2**256 + step_1: + if CHAIN_ID == 0 goto step_3 + if CHAIN_ID == 1 goto step_3 + fail + ;; step_2 is implicitly succeseful due to NONCE being declared as u64 + step_3: + ;; Divide SECP256K1N by 2 + var secp256k1n_divided_by_two u256 + var b u1 + secp256k1n_divided_by_two, b = SECP256K1N + ;; Check that S <= SECP256K1N / 2 + var tmp u256 + b, tmp = S - secp256k1n_divided_by_two + if b == 1 goto failure + ;; compute msg + ;; call ecrecover + exit: + AUTHORITY = 0 + ERROR = 0 + return + failure: + fail } \ No newline at end of file From 833116b511560c07ca0eadebb59983361cb171b6 Mon Sep 17 00:00:00 2001 From: Lorenzo Gentile Date: Thu, 11 Dec 2025 09:37:56 +0100 Subject: [PATCH 3/7] added comment --- rlpauth/rlpauth.zkasm | 1 + 1 file changed, 1 insertion(+) diff --git a/rlpauth/rlpauth.zkasm b/rlpauth/rlpauth.zkasm index 03d6407b..c92fe21a 100644 --- a/rlpauth/rlpauth.zkasm +++ b/rlpauth/rlpauth.zkasm @@ -2,6 +2,7 @@ include "../constants/evm.zkasm" ;; https://eips.ethereum.org/EIPS/eip-7702 +;; TODO: here we can directly have secp256k1n_divided_by_two const SECP256K1N = 0xfffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffc2f fn rlpauth(CHAIN_ID u256, NONCE u64, ADDRESS u160, Y_PARITY u8, R u256, S u256) -> (AUTHORITY u160, ERROR u1) From 64270f9cf97e5d5d1974bec01c0156cf0a75bd5b Mon Sep 17 00:00:00 2001 From: Lorenzo Gentile Date: Fri, 12 Dec 2025 02:01:31 +0100 Subject: [PATCH 4/7] computed more steps and added pseudocode --- rlpauth/rlpauth.zkasm | 73 ++++++++++++++++++++++++++++++++++++------- 1 file changed, 62 insertions(+), 11 deletions(-) diff --git a/rlpauth/rlpauth.zkasm b/rlpauth/rlpauth.zkasm index c92fe21a..27a3dc81 100644 --- a/rlpauth/rlpauth.zkasm +++ b/rlpauth/rlpauth.zkasm @@ -2,10 +2,12 @@ include "../constants/evm.zkasm" ;; https://eips.ethereum.org/EIPS/eip-7702 +;; TODO: do we have an shared notation for constants, function arguments...? ;; TODO: here we can directly have secp256k1n_divided_by_two const SECP256K1N = 0xfffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffc2f +const MAGIC = 0x05 -fn rlpauth(CHAIN_ID u256, NONCE u64, ADDRESS u160, Y_PARITY u8, R u256, S u256) -> (AUTHORITY u160, ERROR u1) +fn rlpauth(chain_id u256, nonce u64, address u160, y_parity u8, r u256, s u256) -> (authority u160, error u1) { ;; The following checks are enforced by the types above: ;; assert auth.chain_id < 2**256 @@ -15,25 +17,74 @@ fn rlpauth(CHAIN_ID u256, NONCE u64, ADDRESS u160, Y_PARITY u8, R u256, S u256) ;; assert auth.r < 2**256 ;; assert auth.s < 2**256 step_1: - if CHAIN_ID == 0 goto step_3 - if CHAIN_ID == 1 goto step_3 + if chain_id == 0 goto step_3 + if chain_id == 1 goto step_3 ;; TODO: this should check current chain_id instead fail - ;; step_2 is implicitly succeseful due to NONCE being declared as u64 + ;; step_2 is implicitly succeseful due to nonce being declared as u64 step_3: ;; Divide SECP256K1N by 2 var secp256k1n_divided_by_two u256 var b u1 secp256k1n_divided_by_two, b = SECP256K1N - ;; Check that S <= SECP256K1N / 2 + ;; Check that s <= SECP256K1N / 2 var tmp u256 - b, tmp = S - secp256k1n_divided_by_two + b, tmp = s - secp256k1n_divided_by_two if b == 1 goto failure - ;; compute msg - ;; call ecrecover + ;; + var rlp_res u256 + rlp_res = compute_rlp(chain_id, address, nonce) + ;; + var keccak_input u264 + keccak_input = compute_concat_magic_and_rlp(MAGIC, rlp_res) + ;; + var msg u256 + msg = keccak(keccak_input) + authority = ecrecover(msg, y_parity, r, s) + step_4: + ;; Add authority to accessed_addresses, as defined in EIP-2929. Does it have any effect here? + step_5: + ;; if authority is emtpy goto step_6 + ;; if authority is already delegated goto step_6 + ;; fail + step_6: + ;; if authority.nonce == nonce goto step_7 + ;; fail + step_7: + ;; Add PER_EMPTY_ACCOUNT_COST - PER_AUTH_BASE_COST gas to the global refund counter if authority is not empty. Does it have any effect here? + step_8: + ;; if address == 0x0000000000000000000000000000000000000000 goto "authority.code_hash = 0xc5d2460186f7233c927e7db2dcc703c0e500b653ca82273b7bfad8045d85a470" + ;; authority.code = 0xef0100 || address + step_9: + ;; authority.nonce = authority.nonce + 1 exit: - AUTHORITY = 0 - ERROR = 0 + ;; dummy values + authority = 0 + error = 0 return failure: fail -} \ No newline at end of file +} + +;; temporary dummy functions +;; TODO: determine the exact size of RLP +fn compute_rlp(chain_id u256, address u160, nonce u64) -> (rlp_res u256) { + rlp_res = 0xfffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffc2f + return +} + +fn compute_concat_magic_and_rlp(magic u8, rlp u256) -> (concat_res u264) { + ;; TODO: how to concat? + ;; concat_res = magic, rlp? + concat_res = 0x05fffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffc2f + return +} + +fn keccak(keccak_input u264) -> (keccak_output u256) { + keccak_output = 0xfffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffc2f + return +} + +fn ecrecover(msg u256, y_parity u8, r u256, s u256) -> (ecrecover_result u160) { + ecrecover_result = 0xfffffffffffffffffffffffffffffffefffffc2f + return +} \ No newline at end of file From 00b2a0e093da7b131a029e4587d18b652923694e Mon Sep 17 00:00:00 2001 From: Lorenzo Gentile Date: Fri, 12 Dec 2025 16:44:42 +0100 Subject: [PATCH 5/7] fixed compute_concat_magic_and_rlp --- rlpauth/rlpauth.zkasm | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/rlpauth/rlpauth.zkasm b/rlpauth/rlpauth.zkasm index 27a3dc81..9af7b26b 100644 --- a/rlpauth/rlpauth.zkasm +++ b/rlpauth/rlpauth.zkasm @@ -72,10 +72,10 @@ fn compute_rlp(chain_id u256, address u160, nonce u64) -> (rlp_res u256) { return } -fn compute_concat_magic_and_rlp(magic u8, rlp u256) -> (concat_res u264) { +fn compute_concat_magic_and_rlp(magic u8, rlp_res u256) -> (concat_res u264) { ;; TODO: how to concat? - ;; concat_res = magic, rlp? - concat_res = 0x05fffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffc2f + ;; concat_res = magic, rlp_res? + concat_res = (magic * 2^256) + rlp_res return } From 3e0db9480d38e5cbfdc0c137539f71f3dff6bbec Mon Sep 17 00:00:00 2001 From: Lorenzo Gentile Date: Sun, 14 Dec 2025 15:59:13 +0100 Subject: [PATCH 6/7] ras --- rlpauth/rlpauth.zkasm | 2 -- 1 file changed, 2 deletions(-) diff --git a/rlpauth/rlpauth.zkasm b/rlpauth/rlpauth.zkasm index 9af7b26b..c34e1111 100644 --- a/rlpauth/rlpauth.zkasm +++ b/rlpauth/rlpauth.zkasm @@ -73,8 +73,6 @@ fn compute_rlp(chain_id u256, address u160, nonce u64) -> (rlp_res u256) { } fn compute_concat_magic_and_rlp(magic u8, rlp_res u256) -> (concat_res u264) { - ;; TODO: how to concat? - ;; concat_res = magic, rlp_res? concat_res = (magic * 2^256) + rlp_res return } From a96f7199fb8a8173f6d62fd379386c47312611bf Mon Sep 17 00:00:00 2001 From: Lorenzo Gentile Date: Sun, 14 Dec 2025 19:02:45 +0100 Subject: [PATCH 7/7] added tests for functions in rlpauth.zkasm --- rlpauth/test/compute_concat_magic_and_rlp.json | 1 + rlpauth/test/compute_rlp.json | 3 +++ 2 files changed, 4 insertions(+) create mode 100644 rlpauth/test/compute_concat_magic_and_rlp.json create mode 100644 rlpauth/test/compute_rlp.json diff --git a/rlpauth/test/compute_concat_magic_and_rlp.json b/rlpauth/test/compute_concat_magic_and_rlp.json new file mode 100644 index 00000000..3c86f2ee --- /dev/null +++ b/rlpauth/test/compute_concat_magic_and_rlp.json @@ -0,0 +1 @@ +{ "compute_concat_magic_and_rlp": { "magic": [0], "rlp_res": [0], "concat_res": [0]} } \ No newline at end of file diff --git a/rlpauth/test/compute_rlp.json b/rlpauth/test/compute_rlp.json new file mode 100644 index 00000000..54785fbf --- /dev/null +++ b/rlpauth/test/compute_rlp.json @@ -0,0 +1,3 @@ + +{ "compute_rlp": { "chain_id": [0], "address": [0], "nonce": [0], "rlp_res": [115792089237316195423570985008687907853269984665640564039457584007908834671663]} } +