feat: fix contract issues with key rotation, introduce get npk_m_hash_at #6541
There are no files selected for viewing
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,5 +1,5 @@ | ||
| use dep::protocol_types::{ | ||
| header::Header, abis::key_validation_request::KeyValidationRequest, address::AztecAddress, | ||
| constants::CANONICAL_KEY_REGISTRY_ADDRESS, grumpkin_point::GrumpkinPoint, | ||
| storage::map::derive_storage_slot_in_map | ||
| }; | ||
|
|
@@ -17,8 +17,28 @@ pub fn get_npk_m(context: &mut PrivateContext, address: AztecAddress) -> Grumpki | |
| get_master_key(context, address, NULLIFIER_INDEX) | ||
| } | ||
|
|
||
| // For historical access, we move the fetching of the header to the top level to minimize redundant fetching / proving validity of the header. | ||
| pub fn get_npk_m_at( | ||
|
Contributor
There was a problem hiding this comment. This function is only called in |
||
| context: &mut PrivateContext, | ||
| address: AztecAddress, | ||
| block_number: u32, | ||
| header: Header | ||
| ) -> GrumpkinPoint { | ||
| assert_eq(block_number, header.global_variables.block_number as u32); | ||
|
Contributor
There was a problem hiding this comment. This feels strange, why do you want to pass the Just a small thing that popped up in my mind. As we seem to generally want to supply multiple ways to execute these functions on the header, should we take a look at having them as a trait on the header? In that way, you would get the header that you are interested in for data, and then you can use the "getters". let header = context.get_header_at(block_number);
let npk_m = header.get_npk_m(context, address);
// and for historical access to public state
let storage = header.public_storage_historical_read(address, storage_slot);@nventuro what are you thoughts? Should allow us to get rid of some code and think it is similar or better ux, but your call 🫡 If to change like this, might be better to handle in separate PR since we have the flow a few places that was otherwise untouched here. Think this could essentially get rid of almost all of the |
||
| get_master_key_at(context, address, NULLIFIER_INDEX, header) | ||
| } | ||
|
|
||
| pub fn get_npk_m_hash(context: &mut PrivateContext, address: AztecAddress) -> Field { | ||
| get_npk_m(context, address).hash() | ||
| } | ||
|
|
||
| pub fn get_npk_m_hash_at( | ||
| context: &mut PrivateContext, | ||
| address: AztecAddress, | ||
| block_number: u32, | ||
| header: Header | ||
| ) -> Field { | ||
| get_npk_m_at(context, address, block_number, header).hash() | ||
| } | ||
|
|
||
| pub fn get_ivpk_m(context: &mut PrivateContext, address: AztecAddress) -> GrumpkinPoint { | ||
|
|
@@ -40,7 +60,23 @@ fn get_master_key( | |
| address: AztecAddress, | ||
| key_index: Field | ||
| ) -> GrumpkinPoint { | ||
| let (x_coordinate_registry, y_coordinate_registry) = get_registry_with_key_index(context, key_index, address); | ||
|
Contributor
Author
There was a problem hiding this comment. Reorganized some things here
Contributor
There was a problem hiding this comment. The split now made here such that you can use the See comment above, I think we can make some simplifications to get rid of some of all the |
||
| let key = fetch_key_from_registry(x_coordinate_registry, y_coordinate_registry); | ||
| fetch_key_from_oracle_if_zero(key, address, key_index) | ||
| } | ||
|
|
||
| fn get_master_key_at( | ||
| context: &mut PrivateContext, | ||
| address: AztecAddress, | ||
| key_index: Field, | ||
| header: Header | ||
| ) -> GrumpkinPoint { | ||
| let (x_coordinate_registry, y_coordinate_registry) = get_registry_with_key_index(context, key_index, address); | ||
| let key = fetch_key_from_registry_at(x_coordinate_registry, y_coordinate_registry, header); | ||
| fetch_key_from_oracle_if_zero(key, address, key_index) | ||
| } | ||
|
|
||
| fn fetch_key_from_oracle_if_zero(key: GrumpkinPoint, address: AztecAddress, key_index: Field) -> GrumpkinPoint { | ||
| if key.is_zero() { | ||
| // Keys were not registered in registry yet --> fetch key from PXE | ||
| let keys = fetch_and_constrain_keys(address); | ||
|
|
@@ -52,11 +88,11 @@ fn get_master_key( | |
| } | ||
| } | ||
|
|
||
| fn get_registry_with_key_index( | ||
|
Contributor
There was a problem hiding this comment. I don't like much that we need to have this getter and then split the flows into But I think a better name would help here because when I saw the function I though it fetches some value from registry. I think something like
Contributor
There was a problem hiding this comment. Update: Boss came up with how to refactor it here. |
||
| context: &mut PrivateContext, | ||
| key_index: Field, | ||
| address: AztecAddress | ||
| ) -> (SharedMutablePrivateGetter<Field, DELAY>, SharedMutablePrivateGetter<Field, DELAY>) { | ||
| let x_coordinate_map_slot = key_index * 2 + 1; | ||
| let y_coordinate_map_slot = x_coordinate_map_slot + 1; | ||
| let x_coordinate_derived_slot = derive_storage_slot_in_map(x_coordinate_map_slot, address); | ||
|
|
@@ -72,10 +108,29 @@ fn fetch_key_from_registry( | |
| AztecAddress::from_field(CANONICAL_KEY_REGISTRY_ADDRESS), | ||
| y_coordinate_derived_slot | ||
| ); | ||
|
|
||
| (x_coordinate_registry, y_coordinate_registry) | ||
|
Contributor
There was a problem hiding this comment. The wording here makes it sound like it is separate registries, but it is just different coordinates so think I would still keep the naming similar to not make misunderstandings that it is a registry 🤷 |
||
| } | ||
|
|
||
| fn fetch_key_from_registry( | ||
| x_coordinate_registry: SharedMutablePrivateGetter<Field, DELAY>, | ||
| y_coordinate_registry: SharedMutablePrivateGetter<Field, DELAY> | ||
| ) -> GrumpkinPoint { | ||
| let key_x_coordinate = x_coordinate_registry.get_current_value_in_private(); | ||
| let key_y_coordinate = y_coordinate_registry.get_current_value_in_private(); | ||
|
|
||
| GrumpkinPoint::new(key_x_coordinate, key_y_coordinate) | ||
| } | ||
|
|
||
| fn fetch_key_from_registry_at( | ||
| x_coordinate_registry: SharedMutablePrivateGetter<Field, DELAY>, | ||
| y_coordinate_registry: SharedMutablePrivateGetter<Field, DELAY>, | ||
| header: Header | ||
| ) -> GrumpkinPoint { | ||
| let key_x_coordinate = x_coordinate_registry.get_current_value_in_private_at(header.global_variables.block_number as u32, header); | ||
|
Contributor
Author
There was a problem hiding this comment. Using |
||
| let key_y_coordinate = y_coordinate_registry.get_current_value_in_private_at(header.global_variables.block_number as u32, header); | ||
|
|
||
| GrumpkinPoint::new(key_x_coordinate, key_y_coordinate) | ||
| } | ||
|
|
||
| // Passes only when keys were not rotated - is expected to be called only when keys were not registered yet | ||
|
|
||
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,7 +1,7 @@ | ||
| use dep::protocol_types::{hash::pedersen_hash, traits::FromField, address::AztecAddress, header::Header}; | ||
|
|
||
| use crate::history::public_storage::{public_storage_historical_read, _public_storage_historical_read}; | ||
| use crate::context::PrivateContext; | ||
| use crate::public_storage; | ||
| use crate::state_vars::{ | ||
| storage::Storage, | ||
|
|
@@ -34,36 +34,50 @@ impl<T, INITIAL_DELAY> SharedMutablePrivateGetter<T, INITIAL_DELAY> { | |
|
|
||
| pub fn get_current_value_in_private(self) -> T where T: FromField { | ||
| let mut context = self.context; | ||
| let header = context.historical_header; | ||
|
|
||
| let (value_change, delay_change, historical_block_number) = self.historical_read_from_public_storage(header); | ||
| let effective_minimum_delay = delay_change.get_effective_minimum_delay_at(historical_block_number); | ||
| let block_horizon = value_change.get_block_horizon(historical_block_number, effective_minimum_delay); | ||
|
|
||
| context.set_tx_max_block_number(block_horizon); | ||
| value_change.get_current_at(historical_block_number) | ||
| } | ||
|
|
||
| pub fn get_current_value_in_private_at( | ||
| self, | ||
| block_number: u32, | ||
| header: Header | ||
| ) -> T where T: FromField { | ||
| assert_eq(block_number, header.global_variables.block_number as u32); | ||
| // We don't need the delay change because even if we execute this in the future, we are looking at the value | ||
| // from a specific time in the past. | ||
| let (value_change, _, historical_block_number) = self.historical_read_from_public_storage(header); | ||
|
|
||
| value_change.get_current_at(historical_block_number) | ||
| } | ||
|
|
||
| fn historical_read_from_public_storage( | ||
| self, | ||
| header: Header | ||
| ) -> (ScheduledValueChange<T>, ScheduledDelayChange<INITIAL_DELAY>, u32) where T: FromField { | ||
| let value_change_slot = self.get_value_change_storage_slot(); | ||
| let mut raw_value_change_fields = [0; 3]; | ||
| for i in 0..3 { | ||
| raw_value_change_fields[i] = _public_storage_historical_read( | ||
|
Contributor
Author
There was a problem hiding this comment. Made this change because otherwise every time we wanted to read a historical value, we'd have to refetch the header :/. See this comment.
Contributor
There was a problem hiding this comment. I'm not head over heals about the |
||
| value_change_slot + i as Field, | ||
| self.other_contract_address, | ||
| header, | ||
| ); | ||
| } | ||
|
|
||
| let delay_change_slot = self.get_delay_change_storage_slot(); | ||
|
Contributor
Author
There was a problem hiding this comment. Fixing
Contributor
There was a problem hiding this comment. It's weird that this was not caught by a test. I see that it's used in the test contract to read from key registry so it's not the case that it was not caught because it was used to read from the same contract in a test. Given that it's reading delay I would say we never test the case when a delay is non-default. Could you create a separate PR based on master in which you:
Thanks |
||
| let raw_delay_change_fields = [_public_storage_historical_read(delay_change_slot, self.other_contract_address, header)]; | ||
|
|
||
| let value_change = ScheduledValueChange::deserialize(raw_value_change_fields); | ||
| let delay_change = ScheduledDelayChange::deserialize(raw_delay_change_fields); | ||
|
|
||
| let historical_block_number = header.global_variables.block_number as u32; | ||
|
|
||
| (value_change, delay_change, historical_block_number) | ||
| } | ||
|
|
||
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -118,19 +118,13 @@ impl Deck<&mut PrivateContext> { | |
| inserted_cards | ||
| } | ||
|
|
||
| pub fn get_cards<N>(&mut self, cards: [Card; N]) -> [CardNote; N] { | ||
| let options = NoteGetterOptions::with_filter(filter_cards, cards); | ||
| let maybe_notes = self.set.get_notes(options); | ||
| let mut found_cards = [Option::none(); N]; | ||
| for i in 0..maybe_notes.len() { | ||
| if maybe_notes[i].is_some() { | ||
| let card_note = CardNote::from_note(maybe_notes[i].unwrap_unchecked()); | ||
|
Contributor
Author
There was a problem hiding this comment. This is no longer needed because self.set only is pre-scoped to only allow the owner to view their own notes.
Contributor
There was a problem hiding this comment. Once again I feel like the main protection here is the nullifier key as relying on Maps for protection just seems scary to me. @LHerskind or WDYT about using Maps as a guardrail?
Contributor
There was a problem hiding this comment. I think it is the way to do it. Talked with Esau, which is why he went this way. The storage should in my mind not know much about you application logic, but just be considered with the protocol. It should be aware of the protocol required keys, and "how" you nullify, but I see it as the job of the business logic to figure out "when" to nullify -> Jan are allowed to call nullify on the notes of his as defined by the application logic.
Contributor
There was a problem hiding this comment. Ok ok, my alarm went off since it was the first time I saw it specifically used as a guardrail but if we explain it well to devs then it seems fine. |
||
|
|
||
| for j in 0..cards.len() { | ||
| if found_cards[j].is_none() | ||
|
|
@@ -150,8 +144,8 @@ impl Deck<&mut PrivateContext> { | |
| ) | ||
| } | ||
|
|
||
| pub fn remove_cards<N>(&mut self, cards: [Card; N]) { | ||
| let card_notes = self.get_cards(cards); | ||
| for card_note in card_notes { | ||
| self.set.remove(card_note.note); | ||
| } | ||
|
|
||
Uh oh!
There was an error while loading. Please reload this page.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I've exposed this to access this by passing in a header directly. One can make an argument that to keep it consistent with all the other changes I've made, that actually the
public_storage_historical_read_atfunction below should change and take a header as well, and not only a block number; but I wanted to keep changes minimal. Open to opinions though !There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think exposing this is totally fine but would rename it to something without the underscore prefix since that evokes private/internal function.