fix pad sig lookup

scroll-tech · Oct 28, 2024 · b12de56 · b12de56
1 parent 40f5d6c
commit b12de56
Show file tree

Hide file tree

Showing 5 changed files with 19 additions and 13 deletions.
diff --git a/zkevm-circuits/src/sig_circuit.rs b/zkevm-circuits/src/sig_circuit.rs
@@ -1072,9 +1072,10 @@ impl<F: Field> SigCircuit<F> {
 
                 let assigned_ecdsas_r1 = signatures_r1
                     .iter()
-                    // .chain(std::iter::repeat(
-                    //     &SignData::<Fq_R1,Secp256r1Affine>::default()))
-                    // .take(self.max_verify_r1)
+                    .chain(std::iter::repeat(
+                        &SignData::<Fq_R1, Secp256r1Affine>::default(),
+                    ))
+                    .take(self.max_verify_r1)
                     .map(|sign_data| self.assign_ecdsa_generic(&mut ctx, ecdsa_r1_chip, sign_data))
                     .collect::<Result<Vec<AssignedECDSA<F, FpChipR1<F>>>, Error>>()?;
 
@@ -1122,7 +1123,6 @@ impl<F: Field> SigCircuit<F> {
                     // finalize the current lookup table before moving to next phase
                     // can only finalize one chip like ecdsa_k1_chip.
                     ecdsa_k1_chip.finalize(&mut ctx);
-                    ecdsa_r1_chip.finalize(&mut ctx);
                     ctx.print_stats(&["ECDSA context"]);
                     ctx.next_phase();
                 }
@@ -1162,7 +1162,7 @@ impl<F: Field> SigCircuit<F> {
                     Vec<AssignedSignatureVerify<F>>,
                 ) = signatures_r1
                     .iter()
-                     .chain(std::iter::repeat(&SignData::<Fq_R1,Secp256r1Affine>::default()))
+                    .chain(std::iter::repeat(&SignData::<Fq_R1,Secp256r1Affine>::default()))
                     .take(self.max_verify_r1)
                     .zip_eq(assigned_ecdsas_r1.iter())
                     .zip_eq(sign_data_r1_decomposed.iter())
@@ -1186,7 +1186,6 @@ impl<F: Field> SigCircuit<F> {
                 // append keccak & sig values of r1
                 assigned_keccak_values.extend(assigned_keccak_values_r1);
                 assigned_sig_values.extend(assigned_sig_values_r1);
-
                 // ================================================
                 // step 4: deferred keccak checks
                 // ================================================

diff --git a/zkevm-circuits/src/sig_circuit/dev.rs b/zkevm-circuits/src/sig_circuit/dev.rs
@@ -56,8 +56,16 @@ impl<F: Field> Circuit<F> for SigCircuit<F> {
     ) -> Result<(), Error> {
         let challenges = config.challenges.values(&layouter);
         self.synthesize_sub(&config.sign_verify, &challenges, &mut layouter)?;
-        let mut keccak_inputs_sign = keccak_inputs_sign_verify(&self.signatures_k1);
-        let keccak_inputs_r1 = keccak_inputs_sign_verify(&self.signatures_r1);
+        let mut sig_k1_with_dummy = self.signatures_k1.clone();
+        sig_k1_with_dummy.push(SignData::<Fq_K1, Secp256k1Affine>::default());
+
+        let mut keccak_inputs_sign = keccak_inputs_sign_verify(&sig_k1_with_dummy);
+
+        let mut sig_r1_with_dummy = self.signatures_r1.clone();
+        sig_r1_with_dummy.push(SignData::<Fq_R1, Secp256r1Affine>::default());
+
+        let keccak_inputs_r1 = keccak_inputs_sign_verify(&sig_r1_with_dummy);
+
         keccak_inputs_sign.extend(keccak_inputs_r1);
 
         config.sign_verify.keccak_table.dev_load(

diff --git a/zkevm-circuits/src/sig_circuit/test.rs b/zkevm-circuits/src/sig_circuit/test.rs
@@ -253,7 +253,6 @@ fn p256_sign_verify() {
         let (sk, pk) = gen_key_pair_r1(&mut rng);
         let msg = gen_msg(&mut rng);
         let msg_hash = secp256r1::Fq::zero();
-        println!("original pk {:?}", pk);
 
         let (r, s, v) = sign_r1_with_rng(&mut rng, sk, msg_hash);
         let is_valid_r1 = verify(pk, r, s, msg_hash, None);
@@ -267,7 +266,7 @@ fn p256_sign_verify() {
         });
 
         let k = LOG_TOTAL_NUM_ROWS as u32;
-        run::<Fr>(k, 1_usize, 1_usize, vec![], signatures);
+        run::<Fr>(k, 0_usize, 1_usize, vec![], signatures);
 
         log::debug!("end of testing for msg_hash = 0");
     }
@@ -289,7 +288,7 @@ fn p256_sign_verify() {
         });
 
         let k = LOG_TOTAL_NUM_ROWS as u32;
-        run::<Fr>(k, 1, 1, vec![], signatures);
+        run::<Fr>(k, 1, 2, vec![], signatures);
 
         log::debug!("end of testing for msg_hash = 1");
     }

diff --git a/zkevm-circuits/src/tx_circuit.rs b/zkevm-circuits/src/tx_circuit.rs
@@ -4052,7 +4052,6 @@ impl<F: Field> TxCircuit<F> {
                     })
                 }
             })
-            //  TODO: add p256 signature here ?
             .collect::<Result<Vec<SignData<secp256k1::Fq, Secp256k1Affine>>, Error>>()?;
         // Keccak inputs from SignVerify Chip
         let sign_verify_inputs = keccak_inputs_sign_verify(&sign_datas);

diff --git a/zkevm-circuits/src/witness/keccak.rs b/zkevm-circuits/src/witness/keccak.rs
@@ -75,6 +75,7 @@ pub fn keccak_inputs(block: &Block) -> Result<Vec<Vec<u8>>, Error> {
 
 /// Generate the keccak inputs required by the SignVerify Chip from the
 /// signature datas.
+/// dummy sigdata is not filled in this helper, make sure to pad dummy data outside if needed.
 pub fn keccak_inputs_sign_verify<
     Fp: PrimeField<Repr = [u8; 32]> + halo2_base::utils::ScalarField,
     Fq: PrimeField<Repr = [u8; 32]> + halo2_base::utils::ScalarField,
@@ -83,7 +84,7 @@ pub fn keccak_inputs_sign_verify<
     sigs: &[SignData<Fq, Affine>],
 ) -> Vec<Vec<u8>> {
     let mut inputs = Vec::new();
-    //let dummy_sign_data = SignData::<Fq, Affine>::default();
+
     for sig in sigs {
         let pk_le = pk_bytes_le_generic(&sig.pk);
         let pk_be = pk_bytes_swap_endianness(&pk_le);