wip dd

zkBob · Dec 14, 2023 · 4ea2a15 · 4ea2a15
1 parent c0108de
commit 4ea2a15
Show file tree

Hide file tree

Showing 2 changed files with 169 additions and 29 deletions.
diff --git a/src/zkbob/manager/MPCWrapper.sol b/src/zkbob/manager/MPCWrapper.sol
@@ -3,48 +3,72 @@ import "../../../src/zkbob/ZkBobPool.sol";
 import "../../utils/Ownable.sol";
 import "../utils/CustomABIDecoder.sol";
 
-contract MPCWrapper is Ownable, CustomABIDecoder {
+import "../../interfaces/IZkBobPool.sol";
 
+contract MPCWrapper is Ownable, CustomABIDecoder {
     address[] private signers;
 
     address operator;
 
     address public immutable pool;
 
-    constructor(
-        address _operator,
-        address _pool
-    ) {
+    constructor(address _operator, address _pool) {
         pool = _pool;
         _setOperator(_operator);
     }
 
-    function _setOperator(address _operator) internal  {
+    /**
+     * @dev Throws if called by any account other than the current relayer operator.
+     */
+    modifier onlyOperator() {
+        require(operator == _msgSender(), "ZkBobPool: not an operator");
+        _;
+    }
+
+    function _setOperator(address _operator) internal {
         operator = _operator;
     }
+
     function setOperator(address _operator) external onlyOwner {
         _setOperator(_operator);
     }
 
-
     function setSigners(address[] calldata _signers) external onlyOwner {
         signers = _signers;
     }
 
-    modifier requiresProofVerification() {
-        require(isVerified(), "MPCWrapper: proof verification failed");
+    modifier paramsVerified(
+        uint8 count,
+        bytes calldata signatures
+    ) {
+        require(count == signers.length, "MPCWrapper: wrong quorum");
+        uint256 length = msg.data.length - count * 64 - 1; //
+        bytes calldata message;
+        assembly 
+        {
+            message.offset:= 4 //we don't take the selector
+            message.length:= length
+        }
+        require(checkQuorum(count, signatures,message));
         _;
     }
-
-    function isVerified() internal view  returns (bool) {
+    modifier calldataVerified() {
         (uint8 count, bytes calldata signatures) = _mpc_signatures();
-        uint256 _signersCount = signers.length;
-        require(count == _signersCount, "MPCWrapper: wrong quorum");
+        require(count == signers.length, "MPCWrapper: wrong quorum");
+        require(checkQuorum(count, signatures, _mpc_message()));
+        _;
+    }
+
+    function checkQuorum(
+        uint8 count,
+        bytes calldata signatures,
+        bytes calldata message
+    ) internal returns (bool) {
         uint256 offset = 0;
         assembly {
             offset := signatures.offset
         }
-        for (uint256 index = 0; index < _signersCount; index++) {
+        for (uint256 index = 0; index < signers.length; index++) {
             bytes32 r;
             bytes32 vs;
             assembly {
@@ -53,7 +77,7 @@ contract MPCWrapper is Ownable, CustomABIDecoder {
                 offset := add(offset, 64)
             }
             address signer = ECDSA.recover(
-                ECDSA.toEthSignedMessageHash(keccak256(_mpc_message())),
+                ECDSA.toEthSignedMessageHash(keccak256(message)),
                 r,
                 vs
             );
@@ -63,13 +87,34 @@ contract MPCWrapper is Ownable, CustomABIDecoder {
         }
         return true;
     }
-
-    function transact() external requiresProofVerification {
+    function transact() external calldataVerified {
         return propagate();
     }
 
-    function appendDirectDeposit() external requiresProofVerification {
-        return propagate();
+    function appendDirectDepositsMPC(
+        uint256 _root_after,
+        uint256[] calldata _indices,
+        uint256 _out_commit,
+        uint256[8] calldata _batch_deposit_proof,
+        uint256[8] calldata _tree_proof,
+        uint8 mpc_count,
+        bytes calldata signatures
+    )
+        external
+        paramsVerified(
+            mpc_count,
+            signatures
+        )
+
+    {
+        require(true);
+        // IZkBobPool(pool).appendDirectDeposits(
+        //     _root_after,
+        //     _indices,
+        //     _out_commit,
+        //     _batch_deposit_proof,
+        //     _tree_proof
+        // );
     }
 
     function propagate() internal {
@@ -82,7 +127,15 @@ contract MPCWrapper is Ownable, CustomABIDecoder {
 
             // Call the implementation.
             // out and outsize are 0 because we don't know the size yet.
-            let result := call(gas(), contractAddress, 0, 0,calldatasize(), 0, 0)
+            let result := call(
+                gas(),
+                contractAddress,
+                0,
+                0,
+                calldatasize(),
+                0,
+                0
+            )
 
             // Copy the returned data.
             returndatacopy(0, 0, returndatasize())
@@ -97,5 +150,4 @@ contract MPCWrapper is Ownable, CustomABIDecoder {
             }
         }
     }
-
 }
diff --git a/test/zkbob/manager/MPCWrapper.t.sol b/test/zkbob/manager/MPCWrapper.t.sol
@@ -6,6 +6,8 @@ import "../../shared/Env.t.sol";
 
 import "../../shared/ForkTests.t.sol";
 
+import "../../../src/zkbob/manager/MPCWrapper.sol";
+
 contract MPCOperatorManagerTest is
     AbstractZkBobPoolTest,
     AbstractPolygonForkTest
@@ -25,12 +27,15 @@ contract MPCOperatorManagerTest is
 
     function testDepositMPC() public {
         vm.prank(user1);
-        IERC20(token).approve(address(pool),1 ether);
+        IERC20(token).approve(address(pool), 1 ether);
         bytes memory data = withMPC(_encodeDeposit(0.1 ether, 0.01 ether)); //752
         _transactMPC(data);
     }
+
     function testPermitDepositMPC() public {
-        bytes memory data = withMPC(_encodePermitDeposit(0.1 ether, 0.01 ether)); //752
+        bytes memory data = withMPC(
+            _encodePermitDeposit(0.1 ether, 0.01 ether)
+        ); //752
         _transactMPC(data);
     }
 
@@ -42,16 +47,99 @@ contract MPCOperatorManagerTest is
         require(status, "transact() reverted");
     }
 
-    function withMPC(bytes memory data) internal returns (bytes memory){
+    function withMPC(bytes memory data) internal returns (bytes memory) {
         (address signer1Addr, uint256 signer1Key) = makeAddrAndKey("signer1");
         (address signer2Addr, uint256 signer2Key) = makeAddrAndKey("signer2");
-        return abi.encodePacked(
-            data,
-            uint8(2),//753
-            sign(data, signer1Key),//817
-            sign(data, signer2Key)//881
+        return
+            abi.encodePacked(
+                data,
+                uint8(2), //753
+                sign(data, signer1Key), //817
+                sign(data, signer2Key) //881
+            );
+    }
+
+    function testAppendDirectDepositsMPC() public {
+        _setUpDD();
+
+        address wrapper = operatorManager.operator();
+
+        vm.startPrank(user1);
+        _directDeposit(10 ether / D, user2, zkAddress);
+        _directDeposit(5 ether / D, user2, zkAddress);
+        vm.stopPrank();
+
+        uint256[] memory indices = new uint256[](2);
+        indices[0] = 0;
+        indices[1] = 1;
+        address verifier = address(pool.batch_deposit_verifier());
+        uint256 outCommitment = _randFR();
+        bytes memory data = abi.encodePacked(
+            outCommitment,
+            bytes10(0xc2767ac851b6b1e19eda), // first deposit receiver zk address (42 bytes)
+            bytes32(
+                0x2f6f6ef223959602c05afd2b73ea8952fe0a10ad19ed665b3ee5a0b0b9e4e3ef
+            ),
+            uint64(9.9 ether / D / denominator), // first deposit amount
+            bytes10(0xc2767ac851b6b1e19eda), // second deposit receiver zk address (42 bytes)
+            bytes32(
+                0x2f6f6ef223959602c05afd2b73ea8952fe0a10ad19ed665b3ee5a0b0b9e4e3ef
+            ),
+            uint64(4.9 ether / D / denominator), // second deposit amount
+            new bytes(14 * 50)
+        );
+        // vm.expectCall(
+        //     verifier,
+        //     abi.encodeWithSelector(
+        //         IBatchDepositVerifier.verifyProof.selector,
+        //         [uint256(keccak256(data)) %
+        //             21888242871839275222246405745257275088548364400416034343698204186575808495617]
+        //     )
+        // );
+        // vm.expectEmit(true, false, false, true);
+        emit CompleteDirectDepositBatch(indices);
+        bytes memory message = abi.encodePacked(
+            bytes4(0x02000001), // uint16(2) in little endian ++ MESSAGE_PREFIX_DIRECT_DEPOSIT_V1
+            uint64(0), // first deposit nonce
+            bytes10(0xc2767ac851b6b1e19eda), // first deposit receiver zk address (42 bytes)
+            bytes32(
+                0x2f6f6ef223959602c05afd2b73ea8952fe0a10ad19ed665b3ee5a0b0b9e4e3ef
+            ),
+            uint64(9.9 ether / D / denominator), // first deposit amount
+            uint64(1), // second deposit nonce
+            bytes10(0xc2767ac851b6b1e19eda), // second deposit receiver zk address (42 bytes)
+            bytes32(
+                0x2f6f6ef223959602c05afd2b73ea8952fe0a10ad19ed665b3ee5a0b0b9e4e3ef
+            ),
+            uint64(4.9 ether / D / denominator) // second deposit amount
         );
+        // vm.expectEmit(true, false, false, true);
+        emit Message(128, bytes32(0), message);
+        vm.prank(user2);
+        bytes memory mpcMessage = abi.encodePacked(
+            _randFR(),
+            indices,
+            outCommitment,
+            _randProof(),
+            _randProof()
+        );
+
+        (, uint256 signer1Key) = makeAddrAndKey("signer1");
+        (, uint256 signer2Key) = makeAddrAndKey("signer2");
+
+
+        MPCWrapper(wrapper).appendDirectDepositsMPC(
+            _randFR(),
+            indices,
+            outCommitment,
+            _randProof(),
+            _randProof(),
+            2,
+            abi.encodePacked(sign(mpcMessage, signer1Key), sign(mpcMessage, signer2Key))
+        );
+
     }
+
     function sign(
         bytes memory data,
         uint256 key