Merge branch 'develop' into runtime-config-reloading

node-real · Sep 7, 2023 · 1752ffc · 1752ffc
2 parents ce3d79a + db94109
commit 1752ffc
Show file tree

Hide file tree

Showing 87 changed files with 1,796 additions and 1,458 deletions.
diff --git a/cannon/cmd/run.go b/cannon/cmd/run.go
@@ -9,7 +9,6 @@ import (
 
 	"github.com/ethereum/go-ethereum/common"
 	"github.com/ethereum/go-ethereum/common/hexutil"
-	"github.com/ethereum/go-ethereum/crypto"
 	"github.com/ethereum/go-ethereum/log"
 	"github.com/urfave/cli/v2"
 
@@ -331,12 +330,18 @@ func Run(ctx *cli.Context) error {
 		}
 
 		if proofAt(state) {
-			preStateHash := crypto.Keccak256Hash(state.EncodeWitness())
+			preStateHash, err := state.EncodeWitness().StateHash()
+			if err != nil {
+				return fmt.Errorf("failed to hash prestate witness: %w", err)
+			}
 			witness, err := stepFn(true)
 			if err != nil {
 				return fmt.Errorf("failed at proof-gen step %d (PC: %08x): %w", step, state.PC, err)
 			}
-			postStateHash := crypto.Keccak256Hash(state.EncodeWitness())
+			postStateHash, err := state.EncodeWitness().StateHash()
+			if err != nil {
+				return fmt.Errorf("failed to hash poststate witness: %w", err)
+			}
 			proof := &Proof{
 				Step:      step,
 				Pre:       preStateHash,

diff --git a/cannon/cmd/witness.go b/cannon/cmd/witness.go
@@ -5,7 +5,6 @@ import (
 	"os"
 
 	"github.com/ethereum-optimism/optimism/cannon/mipsevm"
-	"github.com/ethereum/go-ethereum/crypto"
 	"github.com/urfave/cli/v2"
 )
 
@@ -31,7 +30,10 @@ func Witness(ctx *cli.Context) error {
 		return fmt.Errorf("invalid input state (%v): %w", input, err)
 	}
 	witness := state.EncodeWitness()
-	h := crypto.Keccak256Hash(witness)
+	h, err := witness.StateHash()
+	if err != nil {
+		return fmt.Errorf("failed to compute witness hash: %w", err)
+	}
 	if output != "" {
 		if err := os.WriteFile(output, witness, 0755); err != nil {
 			return fmt.Errorf("writing output to %v: %w", output, err)

diff --git a/cannon/mipsevm/evm_test.go b/cannon/mipsevm/evm_test.go
@@ -15,7 +15,6 @@ import (
 	"github.com/ethereum/go-ethereum/common/hexutil"
 	"github.com/ethereum/go-ethereum/core/state"
 	"github.com/ethereum/go-ethereum/core/vm"
-	"github.com/ethereum/go-ethereum/crypto"
 	"github.com/ethereum/go-ethereum/eth/tracers/logger"
 	"github.com/stretchr/testify/require"
 
@@ -92,7 +91,10 @@ func (m *MIPSEVM) Step(t *testing.T, stepWitness *StepWitness) []byte {
 	logs := m.evmState.Logs()
 	require.Equal(t, 1, len(logs), "expecting a log with post-state")
 	evmPost := logs[0].Data
-	require.Equal(t, crypto.Keccak256Hash(evmPost), postHash, "logged state must be accurate")
+
+	stateHash, err := StateWitness(evmPost).StateHash()
+	require.NoError(t, err, "state hash could not be computed")
+	require.Equal(t, stateHash, postHash, "logged state must be accurate")
 
 	m.env.StateDB.RevertToSnapshot(snap)
 	t.Logf("EVM step took %d gas, and returned stateHash %s", startingGas-leftOverGas, postHash)

diff --git a/cannon/mipsevm/state.go b/cannon/mipsevm/state.go
@@ -2,11 +2,16 @@ package mipsevm
 
 import (
 	"encoding/binary"
+	"fmt"
 
 	"github.com/ethereum/go-ethereum/common"
 	"github.com/ethereum/go-ethereum/common/hexutil"
+	"github.com/ethereum/go-ethereum/crypto"
 )
 
+// StateWitnessSize is the size of the state witness encoding in bytes.
+var StateWitnessSize = 226
+
 type State struct {
 	Memory *Memory `json:"memory"`
 
@@ -37,7 +42,11 @@ type State struct {
 	LastHint hexutil.Bytes `json:"lastHint,omitempty"`
 }
 
-func (s *State) EncodeWitness() []byte {
+func (s *State) VMStatus() uint8 {
+	return vmStatus(s.Exited, s.ExitCode)
+}
+
+func (s *State) EncodeWitness() StateWitness {
 	out := make([]byte, 0)
 	memRoot := s.Memory.MerkleRoot()
 	out = append(out, memRoot[:]...)
@@ -60,3 +69,41 @@ func (s *State) EncodeWitness() []byte {
 	}
 	return out
 }
+
+type StateWitness []byte
+
+const (
+	VMStatusValid      = 0
+	VMStatusInvalid    = 1
+	VMStatusPanic      = 2
+	VMStatusUnfinished = 3
+)
+
+func (sw StateWitness) StateHash() (common.Hash, error) {
+	if len(sw) != 226 {
+		return common.Hash{}, fmt.Errorf("Invalid witness length. Got %d, expected at least 88", len(sw))
+	}
+
+	hash := crypto.Keccak256Hash(sw)
+	offset := 32*2 + 4*6
+	exitCode := sw[offset]
+	exited := sw[offset+1]
+	status := vmStatus(exited == 1, exitCode)
+	hash[0] = status
+	return hash, nil
+}
+
+func vmStatus(exited bool, exitCode uint8) uint8 {
+	if !exited {
+		return VMStatusUnfinished
+	}
+
+	switch exitCode {
+	case 0:
+		return VMStatusValid
+	case 1:
+		return VMStatusInvalid
+	default:
+		return VMStatusPanic
+	}
+}
diff --git a/cannon/mipsevm/state_test.go b/cannon/mipsevm/state_test.go
@@ -82,6 +82,53 @@ func TestState(t *testing.T) {
 	}
 }
 
+// Run through all permutations of `exited` / `exitCode` and ensure that the
+// correct witness, state hash, and VM Status is produced.
+func TestStateHash(t *testing.T) {
+	cases := []struct {
+		exited   bool
+		exitCode uint8
+	}{
+		{exited: false, exitCode: 0},
+		{exited: false, exitCode: 1},
+		{exited: false, exitCode: 2},
+		{exited: false, exitCode: 3},
+		{exited: true, exitCode: 0},
+		{exited: true, exitCode: 1},
+		{exited: true, exitCode: 2},
+		{exited: true, exitCode: 3},
+	}
+
+	exitedOffset := 32*2 + 4*6
+	for _, c := range cases {
+		state := &State{
+			Memory:   NewMemory(),
+			Exited:   c.exited,
+			ExitCode: c.exitCode,
+		}
+
+		actualWitness := state.EncodeWitness()
+		actualStateHash, err := StateWitness(actualWitness).StateHash()
+		require.NoError(t, err, "Error hashing witness")
+		require.Equal(t, len(actualWitness), StateWitnessSize, "Incorrect witness size")
+
+		expectedWitness := make(StateWitness, 226)
+		memRoot := state.Memory.MerkleRoot()
+		copy(expectedWitness[:32], memRoot[:])
+		expectedWitness[exitedOffset] = c.exitCode
+		var exited uint8
+		if c.exited {
+			exited = 1
+		}
+		expectedWitness[exitedOffset+1] = uint8(exited)
+		require.Equal(t, expectedWitness[:], actualWitness[:], "Incorrect witness")
+
+		expectedStateHash := crypto.Keccak256Hash(actualWitness)
+		expectedStateHash[0] = vmStatus(c.exited, c.exitCode)
+		require.Equal(t, expectedStateHash, actualStateHash, "Incorrect state hash")
+	}
+}
+
 func TestHello(t *testing.T) {
 	elfProgram, err := elf.Open("../example/bin/hello.elf")
 	require.NoError(t, err, "open ELF file")

diff --git a/docs/README.md b/docs/README.md
@@ -6,3 +6,4 @@ The directory layout is divided into the following sub-directories.
 
 - [`postmortems/`](./postmortems/): Timestamped post-mortem documents.
 - [`security-reviews`](./security-reviews/): Audit summaries and other security review documents.
+- [`fault-proof-alpha`](./fault-proof-alpha): Information on the alpha version of the fault proof system.
diff --git a/docs/fault-proof-alpha/README.md b/docs/fault-proof-alpha/README.md
@@ -0,0 +1,16 @@
+## Fault Proofs Alpha
+
+The fault proof alpha is a pre-release version of the OP Stack fault proof system.
+This documentation provides an overview of the system and instructions on how to help
+test the fault proof system.
+
+The overall design of this system along with the APIs and interfaces it exposes are not
+finalized and may change without notice.
+
+### Contents
+
+ * Overview
+ * [Deployment Details](./deployments.md)
+ * [Manual Usage](./manual.md)
+   * [Creating Traces with Cannon](./cannon.md)
+ * [Automation with `op-challenger`](./run-challenger.md)
diff --git a/docs/fault-proof-alpha/cannon.md b/docs/fault-proof-alpha/cannon.md
@@ -0,0 +1,92 @@
+## Generate Traces with `cannon` and `op-program`
+
+Normally, `op-challenger` handles creating the required traces as part of responding to games. However, for manual
+testing it may be useful to manually generate the trace. This can be done by running `cannon` directly.
+
+### Prerequisites
+
+- The cannon pre-state downloaded from [Goerli deployment](./deployments.md#goerli).
+- A Goerli L1 node.
+    - An archive node is not required.
+    - Public RPC providers can be used, however a significant number of requests will need to be made which may exceed
+      rate limits for free plans.
+- An OP-Goerli L2 archive node with `debug` APIs enabled.
+    - An archive node is required to ensure world-state pre-images remain available.
+    - Public RPC providers are generally not usable as they don’t support the `debug_dbGet` RPC method.
+
+### Compilation
+
+To compile the required programs, in the top level of the monorepo run:
+
+```bash
+make cannon-prestate
+```
+
+This will compile the `cannon` executable to `cannon/bin/cannon` as well as the `op-program` executable used to fetch
+pre-image data to `op-program/bin/op-program`.
+
+### Run Cannon
+
+To run cannon to generate a proof use:
+
+```bash
+mkdir -p temp/cannon/proofs temp/cannon/snapshots temp/cannon/preimages
+
+./cannon/bin/cannon run \
+    --pprof.cpu \
+    --info-at '%10000000' \
+    --proof-at '=<TRACE_INDEX>' \
+    --stop-at '=<STOP_INDEX>' \
+    --proof-fmt 'temp/cannon/proofs/%d.json' \
+    --snapshot-at '%1000000000' \
+    --snapshot-fmt 'temp/cannon/snapshots/%d.json.gz' \
+    --input <PRESTATE> \
+    --output temp/cannon/stop-state.json \
+    -- \
+    ./op-program/bin/op-program \
+    --network goerli \
+    --l1 <L1_URL> \
+    --l2 <L2_URL> \
+    --l1.head <L1_HEAD> \
+    --l2.claim <L2_CLAIM> \
+    --l2.head <L2_HEAD> \
+    --l2.blocknumber <L2_BLOCK_NUMBER> \
+    --datadir temp/cannon/preimages \
+    --log.format terminal \
+    --server
+```
+
+The placeholders are:
+
+- `<TRACE_INDEX>` the index in the trace to generate a proof for
+- `<STOP_INDEX>` the index to stop execution at. Typically this is one instruction after `<TRACE_INDEX>` to stop as soon
+  as the required proof has been generated.
+- `<PRESTATE>` the prestate.json downloaded above. Note that this needs to precisely match the prestate used on-chain so
+  must be the downloaded version and not a version built locally.
+- `<L1_URL>` the Goerli L1 JSON RPC endpoint
+- `<L2_URL>` the OP-Goerli L2 archive node JSON RPC endpoint
+- `<L1_HEAD>` the hash of the L1 head block used for the dispute game
+- `<L2_CLAIM>` the output root immediately prior to the disputed root in the L2 output oracle
+- `<L2_HEAD>` the hash of the L2 block that `<L2_CLAIM>`is from
+- `<L2_BLOCK_NUMBER>` the block number that `<L2_CLAIM>` is from
+
+The generated proof will be stored in the `temp/cannon/proofs/` directory. The hash to use as the claim value is
+the `post` field of the generated proof which provides the hash of the cannon state witness after execution of the step.
+
+Since cannon can be very slow to execute, the above command uses the `--snapshot-at` option to generate a snapshot of
+the cannon state every 1000000000 instructions. Once generated, these snapshots can be used as the `--input` to begin
+execution at that step rather than from the very beginning. Generated snapshots are stored in
+the `temp/cannon/snapshots` directory.
+
+See `./cannon/bin/cannon --help` for further information on the options available.
+
+### Trace Extension
+
+Fault dispute games always use a trace with a fixed length of `2 ^ MAX_GAME_DEPTH`. The trace generated by `cannon`
+stops when the client program exits, so this trace must be extended by repeating the hash of the final state in the
+actual trace for all remaining steps. Cannon does not perform this trace extension automatically.
+
+If cannon stops execution before the trace index you requested a proof at, it simply will not generate a proof. When it
+stops executing, it will write its final state to `temp/cannon/stop-state.json` (controlled by the `--output` option).
+The `step` field of this state contains the last step cannon executed. Once the final step is known, rerun cannon to
+generate the proof at that final step and use the `post` hash as the claim value for all later trace indices.
diff --git a/docs/fault-proof-alpha/deployments.md b/docs/fault-proof-alpha/deployments.md
@@ -0,0 +1,24 @@
+## Fault Proof Alpha Deployment Information
+
+### Goerli
+
+Information on the fault proofs alpha deployment to Goerli is not yet available.
+
+### Local Devnet
+
+The local devnet includes a deployment of the fault proof alpha. To start the devnet, in the top level of this repo,
+run:
+
+```bash
+make devnet-up
+```
+
+| Input                | Value                                                       |
+|----------------------|-------------------------------------------------------------|
+| Dispute Game Factory | Run `jq -r .DisputeGameFactoryProxy .devnet/addresses.json` |
+| Absolute Prestate    | `op-program/bin/prestate.json`                              |
+| Max Depth            | 30                                                          |
+| Max Game Duration    | 1200 (20 minutes)                                           |
+
+See the [op-challenger README](../../op-challenger#running-with-cannon-on-local-devnet) for information on
+running `op-challenger` against the local devnet.
Original file line number	Diff line number	Diff line change
Expand Up		@@ -6,3 +6,4 @@ The directory layout is divided into the following sub-directories.

		- [`postmortems/`](./postmortems/): Timestamped post-mortem documents.
		- [`security-reviews`](./security-reviews/): Audit summaries and other security review documents.
		- [`fault-proof-alpha`](./fault-proof-alpha): Information on the alpha version of the fault proof system.