Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: implement checkpoint fraud proofs #4277

Merged
merged 32 commits into from
Aug 12, 2024
Merged
Changes from 1 commit
Commits
Show all changes
32 commits
Select commit Hold shift + click to select a range
999a960
Implement fraud proofs
yorhodes Jun 25, 2023
06457c4
Add premature tests
yorhodes Jun 25, 2023
d29432d
Add fraudulent message ID tests
yorhodes Jun 25, 2023
69878aa
Add fraudulent root tests
yorhodes Jun 25, 2023
65eebf0
Adjust names and modifiers
yorhodes Jun 25, 2023
b6c0dd0
Revert unrelated changes
yorhodes Jun 25, 2023
150b13b
Cover non local checkpoints
yorhodes Jun 28, 2023
f6388b8
Merge branch 'main' into fraud-proofs
yorhodes Jun 28, 2023
6a6fb66
Fix prettier
yorhodes Jun 28, 2023
1444384
Add natspecs
yorhodes Jun 28, 2023
ae7cf71
Add more natspecs
yorhodes Jun 28, 2023
9f52367
Merge branch 'main' into fraud-proofs
yorhodes Jun 29, 2023
7deec02
Merge branch 'main' into fraud-proofs
yorhodes Jun 30, 2023
0fd43f0
Do not use modifiers for coverage
yorhodes Jun 30, 2023
5dd9b71
Add isLocal checkpoint slashing condition
yorhodes Jul 2, 2023
712492e
Make fraud proof interface non local
yorhodes Jul 2, 2023
856e220
Make fraud proof interfaces external
yorhodes Jul 2, 2023
ce0b60b
Remove unused signer fn
yorhodes Jul 10, 2023
3d4ceb3
Merge branch 'main' into fraud-proofs
yorhodes Aug 6, 2024
30a5d75
Update fraud proofs for v3
yorhodes Aug 6, 2024
712b435
Fuzz test msg count and body params
yorhodes Aug 6, 2024
1c08229
Test via inserting raw leaf content
yorhodes Aug 6, 2024
57007b1
Pass first test fixture
yorhodes Aug 7, 2024
ba15c2d
Pass all fixtures
yorhodes Aug 7, 2024
4b223b7
Add changeset
yorhodes Aug 7, 2024
e5490ce
Read file once
yorhodes Aug 7, 2024
9a34318
Store result of fraud proofs for checkpoint digests
yorhodes Aug 7, 2024
6fc5009
Revert storage caching which has race conditions
yorhodes Aug 8, 2024
e543465
Helper for checkpoint merkle tree address
yorhodes Aug 8, 2024
1e20e6a
Fix edge case of index = 0
yorhodes Aug 9, 2024
7cc9e68
Add tests for invalid merkle proofs
yorhodes Aug 9, 2024
d24ba38
Add more premature tests
yorhodes Aug 9, 2024
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
Merge branch 'main' into fraud-proofs
yorhodes committed Aug 6, 2024

Unverified

This user has not yet uploaded their public signing key.
commit 3d4ceb34d7814367488230f05cf92688a177d051
2 changes: 1 addition & 1 deletion .changeset/fast-schools-battle.md
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
---
"@hyperlane-xyz/cli": patch
'@hyperlane-xyz/cli': patch
---

Require at least 1 chain selection in warp init
44 changes: 12 additions & 32 deletions solidity/contracts/libs/CheckpointLib.sol
Original file line number Diff line number Diff line change
@@ -1,13 +1,11 @@
// SPDX-License-Identifier: MIT OR Apache-2.0
pragma solidity >=0.8.0;

// ============ Internal Imports ============
import {TypeCasts} from "./TypeCasts.sol";
import {LegacyCheckpointLib} from "./LegacyCheckpointLib.sol";
import {ECDSA} from "@openzeppelin/contracts/utils/cryptography/ECDSA.sol";

struct Checkpoint {
uint32 origin;
bytes32 originMailbox;
bytes32 merkleTreeHook;
bytes32 root;
uint32 index;
bytes32 messageId;
@@ -17,7 +15,7 @@ library CheckpointLib {
/**
* @notice Returns the digest validators are expected to sign when signing checkpoints.
* @param _origin The origin domain of the checkpoint.
* @param _originmerkleTreeHook The address of the origin merkle tree hook as bytes32.
* @param _merkleTreeHook The address of the origin merkle tree hook as bytes32.
* @param _checkpointRoot The root of the checkpoint.
* @param _checkpointIndex The index of the checkpoint.
* @param _messageId The message ID of the checkpoint.
@@ -26,13 +24,12 @@ library CheckpointLib {
*/
function digest(
uint32 _origin,
bytes32 _originmerkleTreeHook,
bytes32 _merkleTreeHook,
bytes32 _checkpointRoot,
uint32 _checkpointIndex,
bytes32 _messageId
) internal pure returns (bytes32) {
bytes32 _domainHash = domainHash(_origin, _originMailbox);
// TODO: remove ECDSA specific code
bytes32 _domainHash = domainHash(_origin, _merkleTreeHook);
return
ECDSA.toEthSignedMessageHash(
keccak256(
@@ -51,53 +48,36 @@ library CheckpointLib {
* @param checkpoint The checkpoint (struct) to hash.
* @return The digest of the checkpoint.
*/
function digest(Checkpoint calldata checkpoint)
internal
pure
returns (bytes32)
{
function digest(
Checkpoint calldata checkpoint
) internal pure returns (bytes32) {
return
digest(
checkpoint.origin,
checkpoint.originMailbox,
checkpoint.merkleTreeHook,
checkpoint.root,
checkpoint.index,
checkpoint.messageId
);
}

/**
* @notice Returns the mailbox address for the checkpoint.
* @param checkpoint The checkpoint (struct).
* @return The (20 byte EVM) address of the mailbox.
*/
function mailbox(Checkpoint calldata checkpoint)
internal
pure
returns (address)
{
return TypeCasts.bytes32ToAddress(checkpoint.originMailbox);
}

/**
* @notice Returns the domain hash that validators are expected to use
* when signing checkpoints.
* @param _origin The origin domain of the checkpoint.
* @param _originmerkleTreeHook The address of the origin merkle tree as bytes32.
* @param _merkleTreeHook The address of the origin merkle tree as bytes32.
* @return The domain hash.
*/
function domainHash(
uint32 _origin,
bytes32 _originmerkleTreeHook
bytes32 _merkleTreeHook
) internal pure returns (bytes32) {
// Including the origin merkle tree address in the signature allows the slashing
// protocol to enroll multiple trees. Otherwise, a valid signature for
// tree A would be indistinguishable from a fraudulent signature for tree B.
// The slashing protocol should slash if validators sign attestations for
// anything other than a whitelisted tree.
return
keccak256(
abi.encodePacked(_origin, _originmerkleTreeHook, "HYPERLANE")
);
keccak256(abi.encodePacked(_origin, _merkleTreeHook, "HYPERLANE"));
}
}
You are viewing a condensed version of this merge commit. You can view the full changes here.