@crisp-e3/contracts 0.5.10 → 0.5.11
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/contracts/CRISPProgram.sol +26 -13
- package/contracts/CRISPVerifier.sol +2164 -2142
- package/contracts/Mocks/MockEnclave.sol +9 -8
- package/package.json +4 -4
|
@@ -49,13 +49,11 @@ contract CRISPProgram is IE3Program, Ownable {
|
|
|
49
49
|
HonkVerifier private immutable honkVerifier;
|
|
50
50
|
|
|
51
51
|
// Mappings
|
|
52
|
-
mapping(address => bool) public authorizedContracts;
|
|
53
52
|
mapping(uint256 e3Id => RoundData) e3Data;
|
|
54
53
|
|
|
55
54
|
// Errors
|
|
56
55
|
error CallerNotAuthorized();
|
|
57
56
|
error E3AlreadyInitialized();
|
|
58
|
-
error E3DoesNotExist();
|
|
59
57
|
error EnclaveAddressZero();
|
|
60
58
|
error Risc0VerifierAddressZero();
|
|
61
59
|
error InvalidHonkVerifier();
|
|
@@ -67,6 +65,9 @@ contract CRISPProgram is IE3Program, Ownable {
|
|
|
67
65
|
error SlotIsEmpty();
|
|
68
66
|
error MerkleRootNotSet();
|
|
69
67
|
error InvalidNumOptions();
|
|
68
|
+
error InputDeadlinePassed(uint256 e3Id, uint256 deadline);
|
|
69
|
+
error KeyNotPublished(uint256 e3Id);
|
|
70
|
+
error E3NotAcceptingInputs(uint256 e3Id);
|
|
70
71
|
|
|
71
72
|
// Events
|
|
72
73
|
event InputPublished(uint256 indexed e3Id, bytes encryptedVote, uint256 index);
|
|
@@ -84,7 +85,6 @@ contract CRISPProgram is IE3Program, Ownable {
|
|
|
84
85
|
enclave = _enclave;
|
|
85
86
|
risc0Verifier = _risc0Verifier;
|
|
86
87
|
honkVerifier = _honkVerifier;
|
|
87
|
-
authorizedContracts[address(_enclave)] = true;
|
|
88
88
|
imageId = _imageId;
|
|
89
89
|
}
|
|
90
90
|
|
|
@@ -126,7 +126,7 @@ contract CRISPProgram is IE3Program, Ownable {
|
|
|
126
126
|
bytes calldata,
|
|
127
127
|
bytes calldata customParams
|
|
128
128
|
) external returns (bytes32) {
|
|
129
|
-
if (
|
|
129
|
+
if (msg.sender != address(enclave) && msg.sender != owner()) revert CallerNotAuthorized();
|
|
130
130
|
if (e3Data[e3Id].paramsHash != bytes32(0)) revert E3AlreadyInitialized();
|
|
131
131
|
|
|
132
132
|
// decode custom params to get the number of options
|
|
@@ -135,7 +135,7 @@ contract CRISPProgram is IE3Program, Ownable {
|
|
|
135
135
|
|
|
136
136
|
// we need to know the number of options for decoding the tally
|
|
137
137
|
e3Data[e3Id].numOptions = numOptions;
|
|
138
|
-
// we want to save the credit
|
|
138
|
+
// we want to save the credit mode so it can be verified on chain by everyone
|
|
139
139
|
e3Data[e3Id].creditMode = creditMode;
|
|
140
140
|
|
|
141
141
|
e3Data[e3Id].paramsHash = keccak256(e3ProgramParams);
|
|
@@ -147,9 +147,24 @@ contract CRISPProgram is IE3Program, Ownable {
|
|
|
147
147
|
}
|
|
148
148
|
|
|
149
149
|
/// @inheritdoc IE3Program
|
|
150
|
-
function
|
|
151
|
-
|
|
152
|
-
|
|
150
|
+
function publishInput(uint256 e3Id, bytes memory data) external {
|
|
151
|
+
E3 memory e3 = enclave.getE3(e3Id);
|
|
152
|
+
|
|
153
|
+
// check that we are in the correct stage
|
|
154
|
+
IEnclave.E3Stage stage = enclave.getE3Stage(e3Id);
|
|
155
|
+
if (stage != IEnclave.E3Stage.KeyPublished) {
|
|
156
|
+
revert KeyNotPublished(e3Id);
|
|
157
|
+
}
|
|
158
|
+
|
|
159
|
+
// check that we are not past the input deadline
|
|
160
|
+
if (block.timestamp > e3.inputWindow[1]) {
|
|
161
|
+
revert InputDeadlinePassed(e3Id, e3.inputWindow[1]);
|
|
162
|
+
}
|
|
163
|
+
|
|
164
|
+
// check that we are within the input window
|
|
165
|
+
if (block.timestamp < e3.inputWindow[0]) {
|
|
166
|
+
revert E3NotAcceptingInputs(e3Id);
|
|
167
|
+
}
|
|
153
168
|
|
|
154
169
|
// We need to ensure that the CRISP admin set the merkle root of the census.
|
|
155
170
|
if (e3Data[e3Id].merkleRoot == 0) revert MerkleRootNotSet();
|
|
@@ -163,9 +178,6 @@ contract CRISPProgram is IE3Program, Ownable {
|
|
|
163
178
|
|
|
164
179
|
(uint40 voteIndex, bytes32 previousEncryptedVoteCommitment) = _processVote(e3Id, slotAddress, encryptedVoteCommitment);
|
|
165
180
|
|
|
166
|
-
// Fetch E3 to get committee public key
|
|
167
|
-
E3 memory e3 = enclave.getE3(e3Id);
|
|
168
|
-
|
|
169
181
|
// Set the public inputs for the proof. Order must match Noir circuit.
|
|
170
182
|
bytes32[] memory noirPublicInputs = new bytes32[](7);
|
|
171
183
|
noirPublicInputs[0] = previousEncryptedVoteCommitment;
|
|
@@ -244,12 +256,13 @@ contract CRISPProgram is IE3Program, Ownable {
|
|
|
244
256
|
|
|
245
257
|
/// @inheritdoc IE3Program
|
|
246
258
|
function verify(uint256 e3Id, bytes32 ciphertextOutputHash, bytes memory proof) external view override returns (bool) {
|
|
247
|
-
|
|
259
|
+
bytes32 paramsHash = getParamsHash(e3Id);
|
|
260
|
+
|
|
248
261
|
bytes32 inputRoot = bytes32(e3Data[e3Id].votes._root(TREE_DEPTH));
|
|
249
262
|
bytes memory journal = new bytes(396); // (32 + 1) * 4 * 3
|
|
250
263
|
|
|
251
264
|
_encodeLengthPrefixAndHash(journal, 0, ciphertextOutputHash);
|
|
252
|
-
_encodeLengthPrefixAndHash(journal, 132,
|
|
265
|
+
_encodeLengthPrefixAndHash(journal, 132, paramsHash);
|
|
253
266
|
_encodeLengthPrefixAndHash(journal, 264, inputRoot);
|
|
254
267
|
|
|
255
268
|
risc0Verifier.verify(proof, imageId, sha256(journal));
|