@proto-kit/protocol 0.1.1-develop.153

package/src/model/transaction/ProtocolTransaction.ts

@@ -0,0 +1,25 @@
+import { Bool, Field, PublicKey, Signature, Struct, UInt64 } from "snarkyjs";
+
+export class ProtocolTransaction extends Struct({
+  methodId: Field,
+  nonce: UInt64,
+  sender: PublicKey,
+  argsHash: Field,
+  signature: Signature,
+}) {
+  public static getSignatureData(args: {
+    methodId: Field;
+    nonce: UInt64;
+    argsHash: Field;
+  }): Field[] {
+    return [args.methodId, ...args.nonce.toFields(), args.argsHash];
+  }
+
+  public getSignatureData(): Field[] {
+    return ProtocolTransaction.getSignatureData(this);
+  }
+
+  public validateSignature(): Bool {
+    return this.signature.verify(this.sender, this.getSignatureData());
+  }
+}

package/src/model/transaction/RuntimeTransaction.ts

@@ -0,0 +1,34 @@
+import { Field, Poseidon, PublicKey, Struct, UInt64 } from "snarkyjs";
+
+import { ProtocolTransaction } from "./ProtocolTransaction";
+
+/**
+ * This struct is used to expose transaction information to the runtime method
+ * execution. This class has not all data included in transactions on purpose.
+ * For example, we don't want to expose the signature or args as fields.
+ */
+export class RuntimeTransaction extends Struct({
+  nonce: UInt64,
+  sender: PublicKey,
+  argsHash: Field,
+}) {
+  public static fromProtocolTransaction({
+    nonce,
+    sender,
+    argsHash,
+  }: ProtocolTransaction): RuntimeTransaction {
+    return new RuntimeTransaction({
+      nonce,
+      sender,
+      argsHash,
+    });
+  }
+
+  public hash(): Field {
+    return Poseidon.hash([
+      ...this.nonce.toFields(),
+      ...this.sender.toFields(),
+      this.argsHash,
+    ]);
+  }
+}

package/src/protocol/Protocol.ts

@@ -0,0 +1,129 @@
+import {
+  log,
+  ModuleContainer,
+  ModulesConfig,
+  ModulesRecord,
+  StringKeyOf,
+  TypedClass,
+} from "@proto-kit/common";
+import { DependencyContainer } from "tsyringe";
+
+import {
+  BlockProvable,
+  BlockProverPublicInput,
+  BlockProverPublicOutput,
+} from "../prover/block/BlockProvable";
+import { StateTransitionProver } from "../prover/statetransition/StateTransitionProver";
+import {
+  StateTransitionProvable,
+  StateTransitionProverPublicInput,
+  StateTransitionProverPublicOutput,
+} from "../prover/statetransition/StateTransitionProvable";
+import { BlockProver } from "../prover/block/BlockProver";
+
+import { ProtocolModule } from "./ProtocolModule";
+
+export type GenericProtocolModuleRecord = ModulesRecord<
+  TypedClass<ProtocolModule<any, any>>
+>;
+
+interface BlockProverType
+  extends ProtocolModule<BlockProverPublicInput, BlockProverPublicOutput>,
+    BlockProvable {}
+
+interface StateTransitionProverType
+  extends ProtocolModule<
+      StateTransitionProverPublicInput,
+      StateTransitionProverPublicOutput
+    >,
+    StateTransitionProvable {}
+
+export interface ProtocolCustomModulesRecord {
+  BlockProver: TypedClass<BlockProverType>;
+  StateTransitionProver: TypedClass<StateTransitionProverType>;
+}
+
+export interface ProtocolModulesRecord
+  extends GenericProtocolModuleRecord,
+    ProtocolCustomModulesRecord {}
+
+export interface ProtocolDefinition<Modules extends ProtocolModulesRecord> {
+  modules: Modules;
+  // config: ModulesConfig<Modules>
+}
+
+export class Protocol<
+  Modules extends ProtocolModulesRecord
+> extends ModuleContainer<Modules> {
+  // .from() to create Protocol
+  public static from<Modules extends ProtocolModulesRecord>(
+    modules: ProtocolDefinition<Modules>
+  ) {
+    const protocol = new Protocol(modules);
+
+    // Set empty config for all modules, since we don't have that feature yet
+    // eslint-disable-next-line max-len
+    // eslint-disable-next-line @typescript-eslint/no-explicit-any,@typescript-eslint/no-unsafe-assignment
+    const emptyConfig = Object.keys(modules.modules).reduce<any>(
+      (agg, item: string) => {
+        // eslint-disable-next-line @typescript-eslint/no-unsafe-member-access
+        agg[item] = {};
+        // eslint-disable-next-line @typescript-eslint/no-unsafe-return
+        return agg;
+      },
+      {}
+    );
+    // eslint-disable-next-line @typescript-eslint/consistent-type-assertions
+    protocol.configure(emptyConfig as ModulesConfig<Modules>);
+
+    return protocol;
+  }
+
+  protected decorateModule(
+    moduleName: StringKeyOf<Modules>,
+    containedModule: InstanceType<Modules[StringKeyOf<Modules>]>
+  ) {
+    log.debug(`Decorated ${moduleName}`);
+    containedModule.protocol = this;
+
+    super.decorateModule(moduleName, containedModule);
+  }
+
+  public get dependencyContainer(): DependencyContainer {
+    return this.container;
+  }
+
+  private isModule(
+    moduleName: keyof Modules
+  ): moduleName is StringKeyOf<Modules> {
+    return this.definition.modules[moduleName] !== undefined;
+  }
+
+  public get blockProver(): BlockProvable {
+    // Why do I resolve directly here?
+    // I don't know exactly but generics don't let me use .resolve()
+    return this.container.resolve<InstanceType<Modules["BlockProver"]>>(
+      "BlockProver"
+    );
+  }
+
+  public get stateTransitionProver(): StateTransitionProvable {
+    return this.container.resolve<
+      InstanceType<Modules["StateTransitionProver"]>
+    >("StateTransitionProver");
+  }
+}
+
+export const VanillaProtocol = {
+  create(): Protocol<{
+    StateTransitionProver: typeof StateTransitionProver;
+    BlockProver: typeof BlockProver;
+  }> {
+    return Protocol.from({
+      modules: {
+        StateTransitionProver,
+        BlockProver,
+      },
+    });
+  },
+};

package/src/protocol/ProtocolModule.ts

@@ -0,0 +1,27 @@
+import {
+  AreProofsEnabled,
+  Configurable,
+  ZkProgrammable,
+} from "@proto-kit/common";
+
+import type { Protocol, ProtocolModulesRecord } from "./Protocol";
+import { noop } from "lodash";
+
+export abstract class ProtocolModule<PublicInput, PublicOutput>
+  extends ZkProgrammable<PublicInput, PublicOutput>
+  implements Configurable<unknown>
+{
+  public config = {};
+
+  public protocol?: Protocol<ProtocolModulesRecord>;
+
+  public get appChain(): AreProofsEnabled | undefined {
+    return this.protocol?.dependencyContainer.resolve<AreProofsEnabled>(
+      "AppChain"
+    );
+  }
+
+  public constructor() {
+    super();
+  }
+}

package/src/prover/block/BlockProvable.ts

@@ -0,0 +1,45 @@
+import { Field, Proof, Struct, UInt64 } from "snarkyjs";
+
+import { StateTransitionProof } from "../statetransition/StateTransitionProvable";
+import { MethodPublicOutput } from "../../model/MethodPublicOutput";
+import { ZkProgrammable } from "@proto-kit/common";
+import { ProtocolTransaction } from "../../model/transaction/ProtocolTransaction";
+import { NetworkState } from "../../model/network/NetworkState";
+
+export class BlockProverPublicInput extends Struct({
+  transactionsHash: Field,
+  stateRoot: Field,
+  networkStateHash: Field,
+}) {}
+
+export class BlockProverPublicOutput extends Struct({
+  transactionsHash: Field,
+  stateRoot: Field,
+}) {}
+
+export type BlockProverProof = Proof<
+  BlockProverPublicInput,
+  BlockProverPublicOutput
+>;
+
+export class BlockProverExecutionData extends Struct({
+  transaction: ProtocolTransaction,
+  networkState: NetworkState,
+  // accountstate
+}) {}
+
+export interface BlockProvable
+  extends ZkProgrammable<BlockProverPublicInput, BlockProverPublicOutput> {
+  proveTransaction: (
+    publicInput: BlockProverPublicInput,
+    stateProof: StateTransitionProof,
+    appProof: Proof<void, MethodPublicOutput>,
+    executionData: BlockProverExecutionData
+  ) => BlockProverPublicOutput;
+
+  merge: (
+    publicInput: BlockProverPublicInput,
+    proof1: BlockProverProof,
+    proof2: BlockProverProof
+  ) => BlockProverPublicOutput;
+}

package/src/prover/block/BlockProver.ts

@@ -0,0 +1,302 @@
+/* eslint-disable max-lines */
+import { Experimental, Field, type Proof, Provable, SelfProof } from "snarkyjs";
+import { inject, injectable } from "tsyringe";
+import {
+  PlainZkProgram,
+  provableMethod,
+  WithZkProgrammable,
+  ZkProgrammable,
+} from "@proto-kit/common";
+
+import { DefaultProvableHashList } from "../../utils/ProvableHashList";
+import { MethodPublicOutput } from "../../model/MethodPublicOutput";
+import { ProtocolModule } from "../../protocol/ProtocolModule";
+import {
+  StateTransitionProof,
+  StateTransitionProverPublicInput,
+  StateTransitionProverPublicOutput,
+} from "../statetransition/StateTransitionProvable";
+import { RuntimeTransaction } from "../../model/transaction/RuntimeTransaction";
+
+import {
+  BlockProvable,
+  BlockProverExecutionData,
+  BlockProverProof,
+  BlockProverPublicInput,
+  BlockProverPublicOutput,
+} from "./BlockProvable";
+
+const errors = {
+  stateProofNotStartingAtZero: () =>
+    "StateProof not starting ST-commitment at zero",
+
+  stateTransitionsHashNotEqual: () =>
+    "StateTransition list commitments are not equal",
+
+  propertyNotMatching: (propertyName: string) => `${propertyName} not matching`,
+
+  stateRootNotMatching: (step: string) => `StateRoots not matching ${step}`,
+
+  transactionsHashNotMatching: (step: string) =>
+    `transactions hash not matching ${step}`,
+};
+
+export interface BlockProverState {
+  // The current state root of the block prover
+  stateRoot: Field;
+
+  /**
+   * The current commitment of the transaction-list which
+   * will at the end equal the bundle hash
+   */
+  transactionsHash: Field;
+
+  /**
+   * The network state which gives access to values such as blockHeight
+   * This value is the same for the whole batch (L2 block)
+   */
+  networkStateHash: Field;
+}
+
+/**
+ * BlockProver class, which aggregates a AppChainProof and
+ * a StateTransitionProof into a single BlockProof, that can
+ * then be merged to be committed to the base-layer contract
+ */
+@injectable()
+export class BlockProver
+  extends ProtocolModule<BlockProverPublicInput, BlockProverPublicOutput>
+  implements BlockProvable
+{
+  public constructor(
+    @inject("StateTransitionProver")
+    private readonly stateTransitionProver: ZkProgrammable<
+      StateTransitionProverPublicInput,
+      StateTransitionProverPublicOutput
+    >,
+    @inject("Runtime")
+    private readonly runtime: WithZkProgrammable<void, MethodPublicOutput>
+  ) {
+    super();
+  }
+
+  /**
+   * Applies and checks the two proofs and applies the corresponding state
+   * changes to the given state
+   *
+   * @param state The from-state of the BlockProver
+   * @param stateTransitionProof
+   * @param appProof
+   * @returns The new BlockProver-state to be used as public output
+   */
+  public applyTransaction(
+    state: BlockProverState,
+    stateTransitionProof: Proof<
+      StateTransitionProverPublicInput,
+      StateTransitionProverPublicOutput
+    >,
+    appProof: Proof<void, MethodPublicOutput>,
+    { transaction, networkState }: BlockProverExecutionData
+  ): BlockProverState {
+    appProof.verify();
+    stateTransitionProof.verify();
+
+    const stateTo = { ...state };
+
+    // eslint-disable-next-line no-warning-comments
+    // TODO Check methodId?
+
+    // Checks for the stateTransitionProof and appProof matching
+    stateTransitionProof.publicInput.stateTransitionsHash.assertEquals(
+      Field(0),
+      errors.stateProofNotStartingAtZero()
+    );
+
+    appProof.publicOutput.stateTransitionsHash.assertEquals(
+      stateTransitionProof.publicOutput.stateTransitionsHash,
+      errors.stateTransitionsHashNotEqual()
+    );
+
+    // Apply state if status success
+    state.stateRoot.assertEquals(
+      stateTransitionProof.publicInput.stateRoot,
+      errors.propertyNotMatching("from state root")
+    );
+    stateTo.stateRoot = Provable.if(
+      appProof.publicOutput.status,
+      stateTransitionProof.publicOutput.stateRoot,
+      stateTransitionProof.publicInput.stateRoot
+    );
+
+    // Check transaction signature
+    transaction
+      .validateSignature()
+      .assertTrue("Transaction signature not valid");
+
+    // Check if the methodId is correct
+    // to do
+
+    // Check transaction integrity against appProof
+    const blockTransactionHash =
+      RuntimeTransaction.fromProtocolTransaction(transaction).hash();
+
+    blockTransactionHash.assertEquals(
+      appProof.publicOutput.transactionHash,
+      "Transactions provided in AppProof and BlockProof do not match"
+    );
+
+    // Check network state integrity against appProof
+    state.networkStateHash.assertEquals(
+      appProof.publicOutput.networkStateHash,
+      "Network state does not match state used in AppProof"
+    );
+    state.networkStateHash.assertEquals(
+      networkState.hash(),
+      "Network state provided to BlockProver does not match the publicInput"
+    );
+
+    // Append tx to transaction list
+    const transactionList = new DefaultProvableHashList(
+      Field,
+      state.transactionsHash
+    );
+
+    const { transactionHash } = appProof.publicOutput;
+    transactionList.push(transactionHash);
+
+    stateTo.transactionsHash = transactionList.commitment;
+
+    return stateTo;
+  }
+
+  @provableMethod()
+  public proveTransaction(
+    publicInput: BlockProverPublicInput,
+    stateProof: StateTransitionProof,
+    appProof: Proof<void, MethodPublicOutput>,
+    executionData: BlockProverExecutionData
+  ): BlockProverPublicOutput {
+    const state: BlockProverState = {
+      transactionsHash: publicInput.transactionsHash,
+      stateRoot: publicInput.stateRoot,
+      networkStateHash: publicInput.networkStateHash,
+    };
+
+    this.applyTransaction(state, stateProof, appProof, executionData);
+
+    return new BlockProverPublicOutput({
+      stateRoot: state.stateRoot,
+      transactionsHash: state.transactionsHash,
+    });
+  }
+
+  @provableMethod()
+  public merge(
+    publicInput: BlockProverPublicInput,
+    proof1: BlockProverProof,
+    proof2: BlockProverProof
+  ): BlockProverPublicOutput {
+    proof1.verify();
+    proof2.verify();
+
+    // Check state
+    publicInput.stateRoot.assertEquals(
+      proof1.publicInput.stateRoot,
+      errors.stateRootNotMatching("publicInput.from -> proof1.from")
+    );
+    proof1.publicOutput.stateRoot.assertEquals(
+      proof2.publicInput.stateRoot,
+      errors.stateRootNotMatching("proof1.to -> proof2.from")
+    );
+
+    // Check transaction list
+    publicInput.transactionsHash.assertEquals(
+      proof1.publicInput.transactionsHash,
+      errors.transactionsHashNotMatching("publicInput.from -> proof1.from")
+    );
+    proof1.publicOutput.transactionsHash.assertEquals(
+      proof2.publicInput.transactionsHash,
+      errors.transactionsHashNotMatching("proof1.to -> proof2.from")
+    );
+
+    return new BlockProverPublicOutput({
+      stateRoot: proof2.publicOutput.stateRoot,
+      transactionsHash: proof2.publicOutput.transactionsHash,
+    });
+  }
+
+  /**
+   * Creates the BlockProver ZkProgram.
+   * Recursive linking of proofs is done via the previously
+   * injected StateTransitionProver and the required AppChainProof class
+   */
+  public zkProgramFactory(): PlainZkProgram<
+    BlockProverPublicInput,
+    BlockProverPublicOutput
+  > {
+    const StateTransitionProofClass =
+      this.stateTransitionProver.zkProgram.Proof;
+    const RuntimeProofClass = this.runtime.zkProgrammable.zkProgram.Proof;
+
+    const proveTransaction = this.proveTransaction.bind(this);
+    const merge = this.merge.bind(this);
+
+    const program = Experimental.ZkProgram({
+      publicInput: BlockProverPublicInput,
+      publicOutput: BlockProverPublicOutput,
+
+      methods: {
+        proveTransaction: {
+          privateInputs: [
+            StateTransitionProofClass,
+            RuntimeProofClass,
+            BlockProverExecutionData,
+          ],
+
+          method(
+            publicInput: BlockProverPublicInput,
+            stateProof: StateTransitionProof,
+            appProof: Proof<void, MethodPublicOutput>,
+            executionData: BlockProverExecutionData
+          ) {
+            return proveTransaction(
+              publicInput,
+              stateProof,
+              appProof,
+              executionData
+            );
+          },
+        },
+
+        merge: {
+          privateInputs: [
+            SelfProof<BlockProverPublicInput, BlockProverPublicOutput>,
+            SelfProof<BlockProverPublicInput, BlockProverPublicOutput>,
+          ],
+
+          method(
+            publicInput: BlockProverPublicInput,
+            proof1: BlockProverProof,
+            proof2: BlockProverProof
+          ) {
+            return merge(publicInput, proof1, proof2);
+          },
+        },
+      },
+    });
+
+    const methods = {
+      proveTransaction: program.proveTransaction,
+      merge: program.merge,
+    };
+
+    const SelfProofClass = Experimental.ZkProgram.Proof(program);
+
+    return {
+      compile: program.compile.bind(program),
+      verify: program.verify.bind(program),
+      Proof: SelfProofClass,
+      methods,
+    };
+  }
+}

package/src/prover/statetransition/StateTransitionProvable.ts

@@ -0,0 +1,40 @@
+import { Field, Proof, Struct } from "snarkyjs";
+import { ZkProgrammable } from "@proto-kit/common";
+
+import { StateTransitionProvableBatch } from "../../model/StateTransitionProvableBatch";
+
+import { StateTransitionWitnessProviderReference } from "./StateTransitionWitnessProviderReference";
+
+export class StateTransitionProverPublicInput extends Struct({
+  stateTransitionsHash: Field,
+  stateRoot: Field,
+}) {}
+
+export class StateTransitionProverPublicOutput extends Struct({
+  stateTransitionsHash: Field,
+  stateRoot: Field,
+}) {}
+
+export type StateTransitionProof = Proof<
+  StateTransitionProverPublicInput,
+  StateTransitionProverPublicOutput
+>;
+
+export interface StateTransitionProvable
+  extends ZkProgrammable<
+    StateTransitionProverPublicInput,
+    StateTransitionProverPublicOutput
+  > {
+  witnessProviderReference: StateTransitionWitnessProviderReference;
+
+  runBatch: (
+    publicInput: StateTransitionProverPublicInput,
+    batch: StateTransitionProvableBatch
+  ) => StateTransitionProverPublicOutput;
+
+  merge: (
+    publicInput: StateTransitionProverPublicInput,
+    proof1: StateTransitionProof,
+    proof2: StateTransitionProof
+  ) => StateTransitionProverPublicOutput;
+}