Barretenberg
The ZK-SNARK library at the core of Aztec
Loading...
Searching...
No Matches
address_derivation.test.cpp
Go to the documentation of this file.
1#include <gmock/gmock.h>
2#include <gtest/gtest.h>
3
4#include "barretenberg/crypto/poseidon2/poseidon2.hpp"
5#include "barretenberg/crypto/poseidon2/poseidon2_params.hpp"
6#include "barretenberg/vm2/common/aztec_types.hpp"
7#include "barretenberg/vm2/constraining/flavor_settings.hpp"
8#include "barretenberg/vm2/constraining/testing/check_relation.hpp"
9#include "barretenberg/vm2/generated/columns.hpp"
10#include "barretenberg/vm2/generated/relations/address_derivation.hpp"
11#include "barretenberg/vm2/generated/relations/lookups_address_derivation.hpp"
12#include "barretenberg/vm2/simulation/events/address_derivation_event.hpp"
13#include "barretenberg/vm2/simulation/events/ecc_events.hpp"
14#include "barretenberg/vm2/simulation/events/event_emitter.hpp"
15#include "barretenberg/vm2/simulation/gadgets/address_derivation.hpp"
16#include "barretenberg/vm2/simulation/lib/contract_crypto.hpp"
17#include "barretenberg/vm2/simulation/standalone/pure_to_radix.hpp"
18#include "barretenberg/vm2/simulation/testing/mock_execution_id_manager.hpp"
19#include "barretenberg/vm2/simulation/testing/mock_gt.hpp"
20#include "barretenberg/vm2/testing/fixtures.hpp"
21#include "barretenberg/vm2/tracegen/address_derivation_trace.hpp"
22#include "barretenberg/vm2/tracegen/ecc_trace.hpp"
23#include "barretenberg/vm2/tracegen/poseidon2_trace.hpp"
24#include "barretenberg/vm2/tracegen/test_trace_container.hpp"
25
26namespace bb::avm2::constraining {
27namespace {
28
29using ::testing::Return;
30using ::testing::StrictMock;
31
32using tracegen::AddressDerivationTraceBuilder;
33using tracegen::EccTraceBuilder;
34using tracegen::Poseidon2TraceBuilder;
35using tracegen::TestTraceContainer;
36
37using simulation::AddressDerivation;
38using simulation::AddressDerivationEvent;
39using simulation::compute_contract_address;
40using simulation::Ecc;
41using simulation::EccAddEvent;
42using simulation::EccAddMemoryEvent;
43using simulation::EventEmitter;
44using simulation::hash_public_keys;
45using simulation::MockExecutionIdManager;
46using simulation::MockGreaterThan;
47using simulation::NoopEventEmitter;
48using simulation::Poseidon2;
49using simulation::Poseidon2HashEvent;
50using simulation::Poseidon2PermutationEvent;
51using simulation::Poseidon2PermutationMemoryEvent;
52using simulation::PureToRadix;
53using simulation::ScalarMulEvent;
54
55using FF = AvmFlavorSettings::FF;
56using C = Column;
57using address_derivation_relation = bb::avm2::address_derivation<FF>;
58using poseidon2_relation = bb::avm2::poseidon2_hash<FF>;
59using ecadd_relation = bb::avm2::ecc<FF>;
60using scalar_mul_relation = bb::avm2::scalar_mul<FF>;
61using poseidon2 = crypto::Poseidon2<crypto::Poseidon2Bn254ScalarFieldParams>;
62
63TEST(AddressDerivationConstrainingTest, EmptyRow)
64{
65 check_relation<address_derivation_relation>(testing::empty_trace());
66}
67
68TEST(AddressDerivationConstrainingTest, Basic)
69{
70 TestTraceContainer trace;
71 AddressDerivationTraceBuilder builder;
72
73 auto instance = testing::random_contract_instance();
74
75 FF salted_initialization_hash = poseidon2::hash(
76 { DOM_SEP__SALTED_INITIALIZATION_HASH, instance.salt, instance.initialization_hash, instance.deployer });
77
78 FF partial_address =
79 poseidon2::hash({ DOM_SEP__PARTIAL_ADDRESS, instance.original_contract_class_id, salted_initialization_hash });
80
81 FF public_keys_hash = hash_public_keys(instance.public_keys);
82 FF preaddress = poseidon2::hash({ DOM_SEP__CONTRACT_ADDRESS_V1, public_keys_hash, partial_address });
83
84 EmbeddedCurvePoint g1 = EmbeddedCurvePoint::one();
85 EmbeddedCurvePoint preaddress_public_key = g1 * Fq(preaddress);
86 EmbeddedCurvePoint address_point = preaddress_public_key + instance.public_keys.incoming_viewing_key;
87
88 builder.process({ { .address = address_point.x(),
89 .instance = instance,
90 .salted_initialization_hash = salted_initialization_hash,
91 .partial_address = partial_address,
92 .public_keys_hash = public_keys_hash,
93 .preaddress = preaddress,
94 .preaddress_public_key = preaddress_public_key,
95 .address_point = address_point } },
96 trace);
97
98 EXPECT_EQ(trace.get_num_rows(), 1);
99 check_relation<address_derivation_relation>(trace);
100}
101
102TEST(AddressDerivationConstrainingTest, WithInteractions)
103{
104 EventEmitter<EccAddEvent> ecadd_event_emitter;
105 EventEmitter<ScalarMulEvent> scalar_mul_event_emitter;
106 NoopEventEmitter<EccAddMemoryEvent> ecc_add_memory_event_emitter;
107 EventEmitter<Poseidon2HashEvent> hash_event_emitter;
108 NoopEventEmitter<Poseidon2PermutationEvent> perm_event_emitter;
109 NoopEventEmitter<Poseidon2PermutationMemoryEvent> perm_mem_event_emitter;
110 EventEmitter<AddressDerivationEvent> address_derivation_event_emitter;
111
112 StrictMock<MockExecutionIdManager> mock_exec_id_manager;
113 EXPECT_CALL(mock_exec_id_manager, get_execution_id)
114 .WillRepeatedly(Return(0)); // Use a fixed execution ID for the test
115 StrictMock<MockGreaterThan> mock_gt;
116 Poseidon2 poseidon2_simulator(
117 mock_exec_id_manager, mock_gt, hash_event_emitter, perm_event_emitter, perm_mem_event_emitter);
118
119 PureToRadix to_radix_simulator;
120 Ecc ecc_simulator(mock_exec_id_manager,
121 mock_gt,
122 to_radix_simulator,
123 ecadd_event_emitter,
124 scalar_mul_event_emitter,
125 ecc_add_memory_event_emitter);
126
127 AddressDerivation address_derivation(poseidon2_simulator, ecc_simulator, address_derivation_event_emitter);
128
129 TestTraceContainer trace({
130 { { C::precomputed_first_row, 1 } },
131 });
132
133 AddressDerivationTraceBuilder builder;
134 Poseidon2TraceBuilder poseidon2_builder;
135 EccTraceBuilder ecc_builder;
136
137 ContractInstance instance = testing::random_contract_instance();
138 AztecAddress address = compute_contract_address(instance);
139 address_derivation.assert_derivation(address, instance);
140
141 builder.process(address_derivation_event_emitter.dump_events(), trace);
142 poseidon2_builder.process_hash(hash_event_emitter.dump_events(), trace);
143 ecc_builder.process_add(ecadd_event_emitter.dump_events(), trace);
144 ecc_builder.process_scalar_mul(scalar_mul_event_emitter.dump_events(), trace);
145
146 check_all_interactions<AddressDerivationTraceBuilder>(trace);
147 check_relation<address_derivation_relation>(trace);
148}
149
150TEST(AddressDerivationConstrainingTest, NegativeWithInteractions)
151{
152 EventEmitter<EccAddEvent> ecadd_event_emitter;
153 EventEmitter<ScalarMulEvent> scalar_mul_event_emitter;
154 NoopEventEmitter<EccAddMemoryEvent> ecc_add_memory_event_emitter;
155 EventEmitter<Poseidon2HashEvent> hash_event_emitter;
156 NoopEventEmitter<Poseidon2PermutationEvent> perm_event_emitter;
157 NoopEventEmitter<Poseidon2PermutationMemoryEvent> perm_mem_event_emitter;
158 EventEmitter<AddressDerivationEvent> address_derivation_event_emitter;
159
160 StrictMock<MockExecutionIdManager> mock_exec_id_manager;
161 EXPECT_CALL(mock_exec_id_manager, get_execution_id)
162 .WillRepeatedly(Return(0)); // Use a fixed execution ID for the test
163 StrictMock<MockGreaterThan> mock_gt;
164 Poseidon2 poseidon2_simulator(
165 mock_exec_id_manager, mock_gt, hash_event_emitter, perm_event_emitter, perm_mem_event_emitter);
166
167 PureToRadix to_radix_simulator;
168 Ecc ecc_simulator(mock_exec_id_manager,
169 mock_gt,
170 to_radix_simulator,
171 ecadd_event_emitter,
172 scalar_mul_event_emitter,
173 ecc_add_memory_event_emitter);
174
175 AddressDerivation address_derivation(poseidon2_simulator, ecc_simulator, address_derivation_event_emitter);
176
177 TestTraceContainer trace({
178 { { C::precomputed_first_row, 1 } },
179 });
180
181 AddressDerivationTraceBuilder builder;
182 Poseidon2TraceBuilder poseidon2_builder;
183 EccTraceBuilder ecc_builder;
184
185 ContractInstance instance = testing::random_contract_instance();
186 AztecAddress address = compute_contract_address(instance);
187 address_derivation.assert_derivation(address, instance);
188
189 builder.process(address_derivation_event_emitter.dump_events(), trace);
190 poseidon2_builder.process_hash(hash_event_emitter.dump_events(), trace);
191 ecc_builder.process_add(ecadd_event_emitter.dump_events(), trace);
192 ecc_builder.process_scalar_mul(scalar_mul_event_emitter.dump_events(), trace);
193
194 check_all_interactions<AddressDerivationTraceBuilder>(trace);
195 check_relation<address_derivation_relation>(trace);
196
197 // Mutate the final address to the wrong value.
198 trace.set(C::address_derivation_address, 0, 1);
199 EXPECT_THROW_WITH_MESSAGE(
200 (check_interaction<AddressDerivationTraceBuilder, lookup_address_derivation_address_ecadd_settings>(trace)),
201 "Failed.*ADDRESS_ECADD. Could not find tuple in destination.");
202
203 // Reset.
204 trace.set(C::address_derivation_address, 0, address);
205 // Mutate the preaddress to the wrong value.
206 trace.set(C::address_derivation_preaddress, 0, 1);
207 // Both the derivation via hash and scalar mul of preaddress * G1 will fail.
208 EXPECT_THROW_WITH_MESSAGE(
209 (check_interaction<AddressDerivationTraceBuilder, lookup_address_derivation_preaddress_poseidon2_settings>(
210 trace)),
211 "Failed.*PREADDRESS_POSEIDON2. Could not find tuple in destination.");
212 EXPECT_THROW_WITH_MESSAGE(
213 (check_interaction<AddressDerivationTraceBuilder, lookup_address_derivation_preaddress_scalar_mul_settings>(
214 trace)),
215 "Failed.*PREADDRESS_SCALAR_MUL. Could not find tuple in destination.");
216}
217
218TEST(AddressDerivationConstrainingTest, NegativeIVKNotOnCurve)
219{
220 TestTraceContainer trace;
221 AddressDerivationTraceBuilder builder;
222
223 auto instance = testing::random_contract_instance();
224
225 // Mutate ivk to a point not on the curve.
226 instance.public_keys.incoming_viewing_key = AffinePoint(1, 2);
227
228 FF salted_initialization_hash = poseidon2::hash(
229 { DOM_SEP__SALTED_INITIALIZATION_HASH, instance.salt, instance.initialization_hash, instance.deployer });
230
231 FF partial_address =
232 poseidon2::hash({ DOM_SEP__PARTIAL_ADDRESS, instance.original_contract_class_id, salted_initialization_hash });
233
234 FF public_keys_hash = hash_public_keys(instance.public_keys);
235 FF preaddress = poseidon2::hash({ DOM_SEP__CONTRACT_ADDRESS_V1, public_keys_hash, partial_address });
236
237 EmbeddedCurvePoint g1 = EmbeddedCurvePoint::one();
238 EmbeddedCurvePoint preaddress_public_key = g1 * Fq(preaddress);
239 EmbeddedCurvePoint address_point = preaddress_public_key + instance.public_keys.incoming_viewing_key;
240
241 builder.process({ { .address = address_point.x(),
242 .instance = instance,
243 .salted_initialization_hash = salted_initialization_hash,
244 .partial_address = partial_address,
245 .public_keys_hash = public_keys_hash,
246 .preaddress = preaddress,
247 .preaddress_public_key = preaddress_public_key,
248 .address_point = address_point } },
249 trace);
250
251 EXPECT_THROW_WITH_MESSAGE(
252 check_relation<address_derivation_relation>(trace, address_derivation_relation::SR_IVK_ON_CURVE_CHECK),
253 "IVK_ON_CURVE_CHECK");
254}
255
256} // namespace
257} // namespace bb::avm2::constraining
address_derivation_event.hpp
address_derivation_trace.hpp
EXPECT_THROW_WITH_MESSAGE
#define EXPECT_THROW_WITH_MESSAGE(code, expectedMessageRegex)
Definition assert.hpp:193
instance
std::shared_ptr< Napi::ThreadSafeFunction > instance
Definition avm_simulate_napi.cpp:128
DOM_SEP__SALTED_INITIALIZATION_HASH
#define DOM_SEP__SALTED_INITIALIZATION_HASH
Definition aztec_constants.hpp:273
DOM_SEP__PARTIAL_ADDRESS
#define DOM_SEP__PARTIAL_ADDRESS
Definition aztec_constants.hpp:275
DOM_SEP__CONTRACT_ADDRESS_V1
#define DOM_SEP__CONTRACT_ADDRESS_V1
Definition aztec_constants.hpp:276
aztec_types.hpp
mock_gt
StrictMock< MockGreaterThan > mock_gt
Definition bc_hashing.test.cpp:59
perm_mem_event_emitter
EventEmitter< Poseidon2PermutationMemoryEvent > perm_mem_event_emitter
Definition bc_hashing.test.cpp:57
perm_event_emitter
EventEmitter< Poseidon2PermutationEvent > perm_event_emitter
Definition bc_hashing.test.cpp:56
hash_event_emitter
EventEmitter< Poseidon2HashEvent > hash_event_emitter
Definition bc_hashing.test.cpp:55
poseidon2_builder
Poseidon2TraceBuilder poseidon2_builder
Definition bc_hashing.test.cpp:62
check_relation.hpp
bb::avm2::address_derivation
Definition address_derivation.hpp:33
bb::avm2::poseidon2_hash
Definition poseidon2_hash.hpp:34
bb::avm2::scalar_mul
Definition scalar_mul.hpp:34
bb::avm2::tracegen::AluTraceBuilder::process
void process(const simulation::EventEmitterInterface< simulation::AluEvent >::Container &events, TraceContainer &trace)
Process the ALU events and populate the ALU relevant columns in the trace.
Definition alu_trace.cpp:410
bb::avm2::tracegen::Poseidon2TraceBuilder::process_hash
void process_hash(const simulation::EventEmitterInterface< simulation::Poseidon2HashEvent >::Container &hash_events, TraceContainer &trace)
Processes the hash events for the Poseidon2 hash function. It populates the columns for the poseidon2...
Definition poseidon2_trace.cpp:105
bb::avm2::tracegen::TraceContainer::set
void set(Column col, uint32_t row, const FF &value)
Definition trace_container.cpp:39
bb::crypto::Poseidon2
Native Poseidon2 hash function implementation.
Definition poseidon2.hpp:22
bb::crypto::Poseidon2< crypto::Poseidon2Bn254ScalarFieldParams >::hash
static FF hash(const std::vector< FF > &input)
Hashes a vector of field elements.
bb::group
group class. Represents an elliptic curve group element. Group is parametrised by Fq and Fr
Definition group.hpp:38
builder
AluTraceBuilder builder
Definition alu.test.cpp:124
trace
TestTraceContainer trace
Definition data_copy.test.cpp:63
contract_crypto.hpp
ecc_events.hpp
ecc_trace.hpp
event_emitter.hpp
flavor_settings.hpp
address_derivation.hpp
lookups_address_derivation.hpp
mock_execution_id_manager.hpp
mock_gt.hpp
bb::avm2::constraining::TEST
TEST(AvmFixedVKTests, FixedVKCommitments)
Test that the fixed VK commitments agree with the ones computed from precomputed columns.
Definition avm_fixed_vk.test.cpp:52
bb::avm2::simulation::hash_public_keys
FF hash_public_keys(const PublicKeys &public_keys)
Definition contract_crypto.cpp:77
bb::avm2::simulation::compute_contract_address
FF compute_contract_address(const ContractInstance &contract_instance)
Definition contract_crypto.cpp:93
bb::avm2::testing::random_contract_instance
ContractInstance random_contract_instance()
Definition fixtures.cpp:159
bb::avm2::testing::empty_trace
TestTraceContainer empty_trace()
Definition fixtures.cpp:153
bb::avm2::EmbeddedCurvePoint
StandardAffinePoint< AvmFlavorSettings::EmbeddedCurve::AffineElement > EmbeddedCurvePoint
Definition field.hpp:12
bb::avm2::Fq
AvmFlavorSettings::G1::Fq Fq
Definition field.hpp:11
bb::avm2::AffinePoint
grumpkin::g1::affine_element AffinePoint
Definition aztec_types.hpp:20
poseidon2_params.hpp
poseidon2_trace.hpp
pure_to_radix.hpp
address_derivation.hpp
test_trace_container.hpp