@lodestar/prover 1.35.0-dev.8ea34e52ba → 1.35.0-dev.91dadf81de

package/src/utils/verification.ts

@@ -0,0 +1,112 @@
+import {Logger} from "@lodestar/utils";
+import {ProofProvider} from "../proof_provider/proof_provider.js";
+import {ELBlock, ELProof, HexString, JsonRpcRequest} from "../types.js";
+import {bufferToHex} from "./conversion.js";
+import {getELBlock, getELCode, getELProof} from "./execution.js";
+import {ELRpcProvider} from "./rpc_provider.js";
+import {isValidAccount, isValidBlock, isValidCodeHash, isValidStorageKeys} from "./validation.js";
+
+type VerificationResult<T> = {data: T; valid: true} | {valid: false; data?: undefined};
+
+export async function verifyAccount({
+  address,
+  proofProvider,
+  logger,
+  rpc,
+  block,
+}: {
+  address: HexString;
+  rpc: ELRpcProvider;
+  proofProvider: ProofProvider;
+  logger: Logger;
+  block?: number | string;
+}): Promise<VerificationResult<ELProof>> {
+  try {
+    const executionPayload = await proofProvider.getExecutionPayload(block ?? "latest");
+    const proof = await getELProof(rpc, [address, [], bufferToHex(executionPayload.blockHash)]);
+    const validAccount = await isValidAccount({
+      address: address,
+      stateRoot: executionPayload.stateRoot,
+      proof,
+      logger,
+    });
+
+    // If account is invalid don't check the storage
+    const validStorage = validAccount && (await isValidStorageKeys({storageKeys: [], proof, logger}));
+
+    if (validAccount && validStorage) {
+      return {data: proof, valid: true};
+    }
+
+    return {valid: false};
+  } catch (err) {
+    logger.error("Error while verifying account", {address}, err as Error);
+    return {valid: false};
+  }
+}
+
+export async function verifyCode({
+  address,
+  proofProvider,
+  logger,
+  rpc,
+  codeHash,
+  block,
+}: {
+  address: HexString;
+  rpc: ELRpcProvider;
+  proofProvider: ProofProvider;
+  logger: Logger;
+  codeHash: HexString;
+  block?: number | string;
+}): Promise<VerificationResult<string>> {
+  try {
+    const executionPayload = await proofProvider.getExecutionPayload(block ?? "latest");
+    const code = await getELCode(rpc, [address, bufferToHex(executionPayload.blockHash)]);
+
+    if (await isValidCodeHash({codeHash, codeResponse: code, logger})) {
+      return {data: code, valid: true};
+    }
+    return {valid: false};
+  } catch (err) {
+    logger.error("Error while verifying code", {address}, err as Error);
+    return {valid: false};
+  }
+}
+
+export async function verifyBlock({
+  payload,
+  proofProvider,
+  logger,
+  rpc,
+}: {
+  payload: JsonRpcRequest<[block: string | number, hydrated: boolean]>;
+  rpc: ELRpcProvider;
+  proofProvider: ProofProvider;
+  logger: Logger;
+}): Promise<VerificationResult<ELBlock>> {
+  try {
+    const blockNumber = payload.params[0];
+    const executionPayload = await proofProvider.getExecutionPayload(blockNumber);
+    const block = await getELBlock(rpc, [blockNumber, true]); // Always request hydrated blocks as we need access to `transactions` details
+
+    // If response is not valid from the EL we don't need to verify it
+    if (!block) return {data: block, valid: false};
+
+    if (
+      await isValidBlock({
+        logger,
+        block,
+        executionPayload,
+        config: proofProvider.config,
+      })
+    ) {
+      return {data: block, valid: true};
+    }
+
+    return {valid: false};
+  } catch (err) {
+    logger.error("Error while verifying block", {block: payload.params[0]}, err as Error);
+    return {valid: false};
+  }
+}

package/src/utils/version.ts

@@ -0,0 +1,74 @@
+import fs from "node:fs";
+import path from "node:path";
+import {fileURLToPath} from "node:url";
+import {findUpSync} from "find-up";
+import {readAndGetGitData} from "./gitData/index.js";
+
+// Global variable __dirname no longer available in ES6 modules.
+// Solutions: https://stackoverflow.com/questions/46745014/alternative-for-dirname-in-node-js-when-using-es6-modules
+const __dirname = path.dirname(fileURLToPath(import.meta.url));
+
+type VersionJson = {
+  /** "0.28.2" */
+  version: string;
+};
+
+const BRANCH_IGNORE = /^(HEAD|master|unstable|main)$/;
+
+/**
+ * Gathers all information on package version including Git data.
+ * @returns a version string, e.g.
+ * - Stable release: `v0.36.0/80c248bb`
+ * - Dev release: `v0.36.0-dev.80c248bb/80c248bb`
+ * - Test branch: `v0.36.0/developer-feature/80c248bb`
+ */
+export function getVersionData(): {
+  version: string;
+  commit: string;
+} {
+  const parts: string[] = [];
+
+  /** Returns local version from `lerna.json` or `package.json` as `"0.28.2"` */
+  const localVersion = readCliPackageJson() || readVersionFromLernaJson();
+  if (localVersion) {
+    parts.push(`v${localVersion}`);
+  }
+
+  const {branch, commit} = readAndGetGitData();
+
+  // Add branch only if not present and not an ignore value
+  if (branch && !BRANCH_IGNORE.test(branch)) parts.push(branch);
+
+  // Add commit only if present. 7 characters to be consistent with Github
+  if (commit) {
+    const commitShort = commit.slice(0, 7);
+    // Don't add commit if it's already in the version string (dev versions)
+    if (!localVersion || !localVersion.includes(commitShort)) {
+      parts.push(commitShort);
+    }
+  }
+
+  return {
+    // Guard against empty parts array
+    version: parts.length > 0 ? parts.join("/") : "unknown",
+    commit,
+  };
+}
+
+/** Read version information from lerna.json */
+function readVersionFromLernaJson(): string | undefined {
+  const filePath = findUpSync("lerna.json", {cwd: __dirname});
+  if (!filePath) return undefined;
+
+  const lernaJson = JSON.parse(fs.readFileSync(filePath, "utf8")) as VersionJson;
+  return lernaJson.version;
+}
+
+/** Read version information from package.json */
+function readCliPackageJson(): string | undefined {
+  const filePath = findUpSync("package.json", {cwd: __dirname});
+  if (!filePath) return undefined;
+
+  const packageJson = JSON.parse(fs.readFileSync(filePath, "utf8")) as VersionJson;
+  return packageJson.version;
+}

package/src/verified_requests/eth_call.ts

@@ -0,0 +1,50 @@
+import {ELVerifiedRequestHandler} from "../interfaces.js";
+import {ELApiParams, ELApiReturn} from "../types.js";
+import {bufferToHex} from "../utils/conversion.js";
+import {createVM, executeVMCall, getVMWithState} from "../utils/evm.js";
+import {
+  getErrorResponseForRequestWithFailedVerification,
+  getResponseForRequest,
+  getVerificationFailedMessage,
+} from "../utils/json_rpc.js";
+
+export const eth_call: ELVerifiedRequestHandler<ELApiParams["eth_call"], ELApiReturn["eth_call"]> = async ({
+  rpc,
+  payload,
+  logger,
+  proofProvider,
+}) => {
+  const {
+    params: [tx, block],
+  } = payload;
+  // We assume that standard tx validation already been done by the caller (web3, ethers.js, etc.)
+  const executionPayload = await proofProvider.getExecutionPayload(block ?? "latest");
+
+  try {
+    // TODO: Optimize the creation of the evm
+    const vm = await createVM({proofProvider});
+    const vmWithState = await getVMWithState({
+      rpc,
+      executionPayload,
+      tx,
+      vm,
+      logger,
+    });
+    const result = await executeVMCall({
+      vm: vmWithState,
+      tx,
+      rpc,
+      executionPayload,
+      network: proofProvider.network,
+    });
+
+    return getResponseForRequest(payload, bufferToHex(result.returnValue));
+  } catch (err) {
+    logger.error(
+      "Request could not be verified.",
+      {method: payload.method, params: JSON.stringify(payload.params)},
+      err as Error
+    );
+    return getErrorResponseForRequestWithFailedVerification(payload, getVerificationFailedMessage("eth_call"));
+  }
+};

package/src/verified_requests/eth_estimateGas.ts

@@ -0,0 +1,49 @@
+import {ELVerifiedRequestHandler} from "../interfaces.js";
+import {ELApiParams, ELApiReturn} from "../types.js";
+import {bigIntToHex} from "../utils/conversion.js";
+import {createVM, executeVMTx, getVMWithState} from "../utils/evm.js";
+import {
+  getErrorResponseForRequestWithFailedVerification,
+  getResponseForRequest,
+  getVerificationFailedMessage,
+} from "../utils/json_rpc.js";
+
+export const eth_estimateGas: ELVerifiedRequestHandler<
+  ELApiParams["eth_estimateGas"],
+  ELApiReturn["eth_estimateGas"]
+> = async ({rpc, payload, logger, proofProvider}) => {
+  const {
+    params: [tx, block],
+  } = payload;
+  // We assume that standard tx validation already been done by the caller (web3, ethers.js, etc.)
+  const executionPayload = await proofProvider.getExecutionPayload(block ?? "latest");
+
+  try {
+    // TODO: Optimize the creation of the evm
+    const vm = await createVM({proofProvider});
+    const vmWithState = await getVMWithState({
+      rpc,
+      executionPayload,
+      tx,
+      vm,
+      logger,
+    });
+
+    const result = await executeVMTx({
+      vm: vmWithState,
+      tx,
+      rpc,
+      executionPayload,
+      network: proofProvider.network,
+    });
+
+    return getResponseForRequest(payload, bigIntToHex(result.totalGasSpent));
+  } catch (err) {
+    logger.error(
+      "Request could not be verified.",
+      {method: payload.method, params: JSON.stringify(payload.params)},
+      err as Error
+    );
+    return getErrorResponseForRequestWithFailedVerification(payload, getVerificationFailedMessage("eth_estimateGas"));
+  }
+};

package/src/verified_requests/eth_getBalance.ts

@@ -0,0 +1,26 @@
+import {ELVerifiedRequestHandler} from "../interfaces.js";
+import {
+  getErrorResponseForRequestWithFailedVerification,
+  getResponseForRequest,
+  getVerificationFailedMessage,
+} from "../utils/json_rpc.js";
+import {verifyAccount} from "../utils/verification.js";
+
+export const eth_getBalance: ELVerifiedRequestHandler<[address: string, block?: number | string], string> = async ({
+  rpc,
+  payload,
+  logger,
+  proofProvider,
+}) => {
+  const {
+    params: [address, block],
+  } = payload;
+  const result = await verifyAccount({proofProvider, logger, rpc, address, block});
+
+  if (result.valid) {
+    return getResponseForRequest(payload, result.data.balance);
+  }
+
+  logger.error("Request could not be verified.", {method: payload.method, params: JSON.stringify(payload.params)});
+  return getErrorResponseForRequestWithFailedVerification(payload, getVerificationFailedMessage("eth_getBalance"));
+};

package/src/verified_requests/eth_getBlockByHash.ts

@@ -0,0 +1,24 @@
+import {ELVerifiedRequestHandler} from "../interfaces.js";
+import {ELBlock} from "../types.js";
+import {
+  getErrorResponseForRequestWithFailedVerification,
+  getResponseForRequest,
+  getVerificationFailedMessage,
+} from "../utils/json_rpc.js";
+import {verifyBlock} from "../utils/verification.js";
+
+export const eth_getBlockByHash: ELVerifiedRequestHandler<[block: string, hydrated: boolean], ELBlock> = async ({
+  rpc,
+  payload,
+  logger,
+  proofProvider,
+}) => {
+  const result = await verifyBlock({payload, proofProvider, logger, rpc});
+
+  if (result.valid) {
+    return getResponseForRequest(payload, result.data);
+  }
+
+  logger.error("Request could not be verified.", {method: payload.method, params: JSON.stringify(payload.params)});
+  return getErrorResponseForRequestWithFailedVerification(payload, getVerificationFailedMessage("eth_getBlockByHash"));
+};

package/src/verified_requests/eth_getBlockByNumber.ts

@@ -0,0 +1,25 @@
+import {ELVerifiedRequestHandler} from "../interfaces.js";
+import {ELBlock} from "../types.js";
+import {
+  getErrorResponseForRequestWithFailedVerification,
+  getResponseForRequest,
+  getVerificationFailedMessage,
+} from "../utils/json_rpc.js";
+import {verifyBlock} from "../utils/verification.js";
+
+export const eth_getBlockByNumber: ELVerifiedRequestHandler<
+  [block: string | number, hydrated: boolean],
+  ELBlock
+> = async ({rpc, payload, logger, proofProvider}) => {
+  const result = await verifyBlock({payload, proofProvider, logger, rpc});
+
+  if (result.valid) {
+    return getResponseForRequest(payload, result.data);
+  }
+
+  logger.error("Request could not be verified.", {method: payload.method, params: JSON.stringify(payload.params)});
+  return getErrorResponseForRequestWithFailedVerification(
+    payload,
+    getVerificationFailedMessage("eth_getBlockByNumber")
+  );
+};

package/src/verified_requests/eth_getCode.ts

@@ -0,0 +1,50 @@
+import {ELVerifiedRequestHandler} from "../interfaces.js";
+import {
+  getErrorResponseForRequestWithFailedVerification,
+  getResponseForRequest,
+  getVerificationFailedMessage,
+} from "../utils/json_rpc.js";
+import {verifyAccount, verifyCode} from "../utils/verification.js";
+
+export const eth_getCode: ELVerifiedRequestHandler<[address: string, block?: number | string], string> = async ({
+  rpc,
+  payload,
+  logger,
+  proofProvider,
+}) => {
+  const {
+    params: [address, block],
+  } = payload;
+  // TODO: When batch requests are supported merged these two requests into one
+  const accountProof = await verifyAccount({
+    proofProvider,
+    logger,
+    rpc,
+    address,
+    block,
+  });
+
+  if (!accountProof.valid) {
+    logger.error("Request could not be verified.", {method: payload.method, params: JSON.stringify(payload.params)});
+    return getErrorResponseForRequestWithFailedVerification(
+      payload,
+      "account for eth_getCode request can not be verified."
+    );
+  }
+
+  const codeProof = await verifyCode({
+    proofProvider,
+    logger,
+    rpc,
+    address,
+    block,
+    codeHash: accountProof.data.codeHash,
+  });
+
+  if (codeProof.valid) {
+    return getResponseForRequest(payload, codeProof.data);
+  }
+
+  logger.error("Request could not be verified.", {method: payload.method, params: JSON.stringify(payload.params)});
+  return getErrorResponseForRequestWithFailedVerification(payload, getVerificationFailedMessage("eth_getCode"));
+};

package/src/verified_requests/eth_getTransactionCount.ts

@@ -0,0 +1,26 @@
+import {ELVerifiedRequestHandler} from "../interfaces.js";
+import {
+  getErrorResponseForRequestWithFailedVerification,
+  getResponseForRequest,
+  getVerificationFailedMessage,
+} from "../utils/json_rpc.js";
+import {verifyAccount} from "../utils/verification.js";
+
+export const eth_getTransactionCount: ELVerifiedRequestHandler<
+  [address: string, block?: number | string],
+  string
+> = async ({rpc, payload, logger, proofProvider}) => {
+  const {
+    params: [address, block],
+  } = payload;
+  const result = await verifyAccount({proofProvider, logger, rpc, address, block});
+  if (result.valid) {
+    return getResponseForRequest(payload, result.data.nonce);
+  }
+
+  logger.error("Request could not be verified.", {method: payload.method, params: JSON.stringify(payload.params)});
+  return getErrorResponseForRequestWithFailedVerification(
+    payload,
+    getVerificationFailedMessage("eth_getTransactionCount")
+  );
+};

package/src/web3_provider.ts

@@ -0,0 +1,58 @@
+import {LogLevel} from "@lodestar/logger";
+import {getBrowserLogger} from "@lodestar/logger/browser";
+import {Logger} from "@lodestar/utils";
+import {AnyWeb3Provider, ELRequestHandler, VerifiedExecutionInitOptions} from "./interfaces.js";
+import {ProofProvider} from "./proof_provider/proof_provider.js";
+import {processAndVerifyRequest} from "./utils/process.js";
+import {ELRpcProvider} from "./utils/rpc_provider.js";
+import {Web3ProviderInspector} from "./web3_provider_inspector.js";
+
+export type Web3ProviderTypeHandler<T extends AnyWeb3Provider> = (
+  provider: T,
+  proofProvider: ProofProvider,
+  logger: Logger
+) => {provider: T; handler: ELRpcProvider["handler"]};
+
+export function createVerifiedExecutionProvider<
+  T extends AnyWeb3Provider,
+  Mutate extends undefined | boolean = true,
+  Return = {provider: Mutate extends undefined | true ? T : ELRpcProvider; proofProvider: ProofProvider},
+>(provider: T, opts: VerifiedExecutionInitOptions<Mutate>): Return {
+  const signal = opts.signal ?? new AbortController().signal;
+  const logger = opts.logger ?? getBrowserLogger({level: opts.logLevel ?? LogLevel.info});
+  const mutateProvider = opts.mutateProvider === undefined;
+  const customProviderTypes = opts.providerTypes ?? [];
+
+  const providerInspector = Web3ProviderInspector.initWithDefault({logger});
+  for (const providerType of customProviderTypes.reverse()) {
+    providerInspector.register(providerType, {index: 0});
+  }
+  const providerType = providerInspector.detect(provider);
+  logger.debug(`Provider is detected as '${providerType.name}' provider.`);
+
+  const proofProvider = ProofProvider.init({
+    ...opts,
+    signal,
+    logger,
+  });
+
+  const nonVerifiedHandler = providerType.handler(provider);
+  const nonVerifiedRpc = new ELRpcProvider(nonVerifiedHandler, logger);
+
+  nonVerifiedRpc.verifyCompatibility().catch((err) => {
+    logger.error(err);
+    logger.error("Due to compatibility issues, verified execution may not work properly.");
+  });
+
+  const verifiedHandler: ELRequestHandler = function newVerifiedHandler(payload) {
+    return processAndVerifyRequest({payload, rpc: nonVerifiedRpc, logger, proofProvider});
+  };
+
+  if (mutateProvider) {
+    providerType.mutateProvider(provider, verifiedHandler);
+    return {provider, proofProvider} as Return;
+  }
+
+  // Verified RPC
+  return {provider: new ELRpcProvider(verifiedHandler, logger), proofProvider} as Return;
+}

package/src/web3_provider_inspector.ts

@@ -0,0 +1,88 @@
+import {Logger} from "@lodestar/logger";
+import {AnyWeb3Provider, Web3ProviderType} from "./interfaces.js";
+import eip1193ProviderType from "./provider_types/eip1193_provider_type.js";
+import ethersProviderType from "./provider_types/ethers_provider_type.js";
+import legacyProviderType from "./provider_types/legacy_provider_type.js";
+import web3jsProviderType from "./provider_types/web3_js_provider_type.js";
+
+export class Web3ProviderInspector {
+  protected providerTypes: Web3ProviderType<AnyWeb3Provider>[] = [];
+  logger: Logger;
+
+  protected constructor(opts: {logger: Logger}) {
+    this.logger = opts.logger;
+  }
+
+  static initWithDefault(opts: {logger: Logger}): Web3ProviderInspector {
+    const inspector = new Web3ProviderInspector(opts);
+    inspector.register(web3jsProviderType, {index: 0});
+    inspector.register(ethersProviderType, {index: 1});
+    inspector.register(eip1193ProviderType, {index: 2});
+    inspector.register(legacyProviderType, {index: 3});
+
+    return inspector;
+  }
+
+  getProviderTypes(): Web3ProviderType<AnyWeb3Provider>[] {
+    // Destruct so user can not mutate the output
+    return [...this.providerTypes];
+  }
+
+  register(providerType: Web3ProviderType<AnyWeb3Provider>, opts?: {index?: number}): void {
+    // If user does not provider index, we will register the provider type to last
+    let index = opts?.index ?? this.providerTypes.length;
+
+    // If index is larger, let's add type at the end
+    if (index > this.providerTypes.length) {
+      index = this.providerTypes.length;
+    }
+
+    // If a lower index is provided let's add type at the start
+    if (index < 0) {
+      index = 0;
+    }
+
+    if (this.providerTypes.map((p) => p.name).includes(providerType.name)) {
+      throw new Error(`Provider type '${providerType.name}' is already registered.`);
+    }
+
+    // If some provider type is already register on that index, we will make space for new
+    if (this.providerTypes.at(index)) {
+      this.logger.debug(
+        `A provider type '${this.providerTypes[index].name}' already existed at index '${index}', now moved down.`
+      );
+      this.providerTypes.splice(index, 0, providerType);
+    }
+
+    this.logger.debug(`Registered provider type "${providerType.name}" at index ${index}`);
+    this.providerTypes[index] = providerType;
+  }
+
+  unregister(indexOrName: string | number): void {
+    if (typeof indexOrName === "number") {
+      if (indexOrName > this.providerTypes.length || indexOrName < 0) {
+        throw new Error(`Provider type at index '${indexOrName}' is not registered.`);
+      }
+      this.providerTypes.splice(indexOrName, 1);
+      return;
+    }
+
+    const index = this.providerTypes.findIndex((p) => p.name === indexOrName);
+    if (index < 0) {
+      throw Error(`Provider type '${indexOrName}' is not registered.`);
+    }
+    this.providerTypes.splice(index, 1);
+  }
+
+  detect(provider: AnyWeb3Provider): Web3ProviderType<AnyWeb3Provider> {
+    for (const providerType of Object.values(this.providerTypes)) {
+      if (providerType.matched(provider)) {
+        return providerType;
+      }
+    }
+
+    throw new Error(
+      `Given provider could not be detected of any type. Supported types are ${Object.keys(this.providerTypes).join()}`
+    );
+  }
+}