zkevm-rom 0.0.1-security → 6.0.1

package/main/opcodes/comparison.zkasm

@@ -0,0 +1,446 @@
+/**
+ * @link [https://www.evm.codes/#10?fork=berlin]
+ * @zk-counters
+ *  - 1 binary
+ *  - 20 steps
+ * @process-opcode
+ *  - stack input: [a, b]
+ *  - stack output: [a < b]
+ */
+opLT:
+    ; checks zk-counters
+    %MAX_CNT_BINARY - CNT_BINARY - 1 :JMPN(outOfCountersBinary)
+    %MAX_CNT_STEPS - STEP - 20       :JMPN(outOfCountersStep)
+
+    ; check stack underflow
+    SP - 2          :JMPN(stackUnderflow)
+
+    ; check out-of-gas
+    GAS - %GAS_FASTEST_STEP => GAS    :JMPN(outOfGas)
+
+    ; read two items from stack
+    SP - 1 => SP
+    $ => A          :MLOAD(SP--) ; [a => A]
+    $ => B          :MLOAD(SP) ; [a => B]
+
+    ; call binary:lessThan state machine
+    ; and push the result into the stack
+    $               :LT, MSTORE(SP++), JMP(readCode) ; [(a < b) => SP]
+
+/**
+ * @link [https://www.evm.codes/#11?fork=berlin]
+ * @zk-counters
+ *  - 1 binary
+ *  - 20 steps
+ * @process-opcode
+ *  - stack input: [a, b]
+ *  - stack output: [a > b]
+ */
+opGT:
+    ; checks zk-counters
+    %MAX_CNT_BINARY - CNT_BINARY - 1 :JMPN(outOfCountersBinary)
+    %MAX_CNT_STEPS - STEP -       20 :JMPN(outOfCountersStep)
+
+    ; check stack underflow
+    SP - 2          :JMPN(stackUnderflow)
+
+    ; check out-of-gas
+    GAS - %GAS_FASTEST_STEP => GAS    :JMPN(outOfGas)
+
+    ; read two items from the stack
+    SP - 1 => SP
+    $ => B          :MLOAD(SP--) ; [a => B]
+    $ => A          :MLOAD(SP) ; [b => A]
+
+    ; call binary:lessThan state machine
+    ; and push the result into the stack
+    $               :LT, MSTORE(SP++), JMP(readCode) ; [(b < a) => SP]
+
+/**
+ * @link [https://www.evm.codes/#12?fork=berlin]
+ * @zk-counters
+ *  - 1 binary
+ *  - 20 steps
+ * @process-opcode
+ *  - stack input: [a, b]
+ *  - stack output: [signed(a < b)]
+ */
+opSLT:
+    ; checks zk-counters
+    %MAX_CNT_BINARY - CNT_BINARY - 1 :JMPN(outOfCountersBinary)
+    %MAX_CNT_STEPS - STEP - 20       :JMPN(outOfCountersStep)
+
+    ; check stack underflow
+    SP - 2          :JMPN(stackUnderflow)
+
+    ; check out-of-gas
+    GAS - %GAS_FASTEST_STEP => GAS    :JMPN(outOfGas)
+
+    ; read two items from the stack
+    SP - 1 => SP
+    $ => A          :MLOAD(SP--) ; [a => A]
+    $ => B          :MLOAD(SP) ; [b => B]
+
+    ; call binary:SignedLessThan state machine
+    ; and push the result into the stack
+    $               :SLT, MSTORE(SP++), JMP(readCode) ; [signed(a < b) => SP]
+
+/**
+ * @link [https://www.evm.codes/#13?fork=berlin]
+ * @zk-counters
+ *  - 1 binary
+ *  - 20 steps
+ * @process-opcode
+ *  - stack input: [a, b]
+ *  - stack output: [signed(a > b)]
+ */
+opSGT:
+    ; checks zk-counters
+    %MAX_CNT_BINARY - CNT_BINARY - 1 :JMPN(outOfCountersBinary)
+    %MAX_CNT_STEPS - STEP - 20       :JMPN(outOfCountersStep)
+
+    ; check stack underflow
+    SP - 2          :JMPN(stackUnderflow)
+
+    ; check out-of-gas
+    GAS - %GAS_FASTEST_STEP => GAS    :JMPN(outOfGas)
+
+    ; read two items from the stack
+    SP - 1 => SP
+    $ => B          :MLOAD(SP--) ; [a => B]
+    $ => A          :MLOAD(SP) ; [b => A]
+
+    ; call binary:SignedLessThan state machine
+    ; and push the result into the stack
+    $               :SLT, MSTORE(SP++), JMP(readCode) ; [signed(b < a) => SP]
+
+/**
+ * @link [https://www.evm.codes/#14?fork=berlin]
+ * @zk-counters
+ *  - 1 binary
+ *  - 20 steps
+ * @process-opcode
+ *  - stack input: [a, b]
+ *  - stack output: [a == b]
+ */
+opEQ:
+    ; checks zk-counters
+    %MAX_CNT_BINARY - CNT_BINARY - 1 :JMPN(outOfCountersBinary)
+    %MAX_CNT_STEPS - STEP - 20       :JMPN(outOfCountersStep)
+
+    ; check stack underflow
+    SP - 2          :JMPN(stackUnderflow)
+
+    ; check out-of-gas
+    GAS - %GAS_FASTEST_STEP => GAS    :JMPN(outOfGas)
+
+    ; read two items from the stack
+    SP - 1 => SP
+    $ => A          :MLOAD(SP--) ; [a => A]
+    $ => B          :MLOAD(SP) ; [b => B]
+
+    ; call binary:Equal state machine
+    ; and push the result into the stack
+    $               :EQ, MSTORE(SP++), JMP(readCode) ; [(a == b) => SP]
+
+/**
+ * @link [https://www.evm.codes/#15?fork=berlin]
+ * @zk-counters
+ *  - 1 binary
+ *  - 20 steps
+ * @process-opcode
+ *  - stack input: [a]
+ *  - stack output: [a == 0]
+ */
+opISZERO:
+    ; checks zk-counters
+    %MAX_CNT_BINARY - CNT_BINARY - 1 :JMPN(outOfCountersBinary)
+    %MAX_CNT_STEPS - STEP - 20       :JMPN(outOfCountersStep)
+
+    ; check stack underflow
+    SP - 1          :JMPN(stackUnderflow)
+
+    ; check out-of-gas
+    GAS - %GAS_FASTEST_STEP => GAS    :JMPN(outOfGas)
+
+    ; read one item from stack
+    $ => A          :MLOAD(SP-1) ; [a => B]
+    0 => B
+
+    ; call binary:Equal state machine
+    ; and push the result into the stack
+    $               :EQ, MSTORE(SP-1), JMP(readCode) ; [(a == 0) ==> SP]
+
+/**
+ * @link [https://www.evm.codes/#16?fork=berlin]
+ * @zk-counters
+ *  - 1 binary
+ *  - 20 steps
+ * @process-opcode
+ *  - stack input: [a, b]
+ *  - stack output: [a & b]
+ */
+opAND:
+    ; checks zk-counters
+    %MAX_CNT_BINARY - CNT_BINARY - 1 :JMPN(outOfCountersBinary)
+    %MAX_CNT_STEPS - STEP - 20       :JMPN(outOfCountersStep)
+
+    ; check stack underflow
+    SP - 2          :JMPN(stackUnderflow)
+
+    ; check out-of-gas
+    GAS - %GAS_FASTEST_STEP => GAS    :JMPN(outOfGas)
+
+    ; read two items from the stack
+    SP - 1 => SP
+    $ => A          :MLOAD(SP--) ; [a => A]
+    $ => B          :MLOAD(SP) ; [b => B]
+
+    ; call binary:And state machine
+    ; and push the result into the stack
+    $               :AND, MSTORE(SP++), JMP(readCode) ; [ a & b => SP]
+
+/**
+ * @link [https://www.evm.codes/#17?fork=berlin]
+ * @zk-counters
+ *  - 1 binary
+ *  - 20 steps
+ * @process-opcode
+ *  - stack input: [a, b]
+ *  - stack output: [a | b]
+ */
+opOR:
+    ; checks zk-counters
+    %MAX_CNT_BINARY - CNT_BINARY - 1 :JMPN(outOfCountersBinary)
+    %MAX_CNT_STEPS - STEP - 20       :JMPN(outOfCountersStep)
+
+    ; check stack underflow
+    SP - 2          :JMPN(stackUnderflow)
+
+    ; check out-of-gas
+    GAS - %GAS_FASTEST_STEP => GAS    :JMPN(outOfGas)
+
+    ; read two items from the stack
+    SP - 1 => SP
+    $ => A          :MLOAD(SP--)
+    $ => B          :MLOAD(SP)
+
+    ; call binary:Or state machine
+    ; and push the result into the stack
+    $               :OR, MSTORE(SP++), JMP(readCode) ; [ a | b => SP]
+
+/**
+ * @link [https://www.evm.codes/#18?fork=berlin]
+ * @zk-counters
+ *  - 1 binary
+ *  - 20 steps
+ * @process-opcode
+ *  - stack input: [a, b]
+ *  - stack output: [a ^ b]
+ */
+opXOR:
+    ; checks zk-counters
+    %MAX_CNT_BINARY - CNT_BINARY - 1 :JMPN(outOfCountersBinary)
+    %MAX_CNT_STEPS - STEP - 20       :JMPN(outOfCountersStep)
+
+    ; check stack underflow
+    SP - 2          :JMPN(stackUnderflow)
+
+    ; check out-of-gas
+    GAS - %GAS_FASTEST_STEP => GAS    :JMPN(outOfGas)
+
+    ; read two items from the stack
+    SP - 1 => SP
+    $ => A          :MLOAD(SP--) ; [a => A]
+    $ => B          :MLOAD(SP) ; [b => B]
+
+    ; call binary:Xor state machine
+    ; and push the result into the stack
+    $               :XOR,MSTORE(SP++), JMP(readCode) ; [ a ^ b => SP]
+
+/**
+ * @link [https://www.evm.codes/#19?fork=berlin]
+ * @zk-counters
+ *  - 1 binary
+ *  - 20 steps
+ * @process-opcode
+ *  - stack input: [a]
+ *  - stack output: [ ~a ]
+ */
+opNOT:
+    ; checks zk-counters
+    %MAX_CNT_BINARY - CNT_BINARY - 1 :JMPN(outOfCountersBinary)
+    %MAX_CNT_STEPS - STEP - 20       :JMPN(outOfCountersStep)
+
+    ; check stack underflow
+    SP - 1          :JMPN(stackUnderflow)
+
+    ; check out-of-gas
+    GAS - %GAS_FASTEST_STEP => GAS    :JMPN(outOfGas)
+
+    ; read one item from the stack
+    $ => A          :MLOAD(SP-1)
+
+    0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffn => B ; 2**256 - 1 =>
+    $ => A          :XOR,MSTORE(SP-1), JMP(readCode) ; [ NOT a => SP]
+
+/**
+ * @link [https://www.evm.codes/#1a?fork=berlin]
+ * @zk-counters
+ *  - 30 steps
+ *  - 2 binary
+ * @process-opcode
+ *  - stack input: [byte offset, 32-byte value]
+ *  - stack output: [byte]
+ */
+opBYTE:
+    ; checks zk-counters
+    %MAX_CNT_STEPS - STEP - 30 :JMPN(outOfCountersStep)
+    %MAX_CNT_BINARY - CNT_BINARY - 2 :JMPN(outOfCountersBinary)
+
+    ; check stack underflow
+    SP - 2          :JMPN(stackUnderflow)
+
+    ; check out-of-gas
+    GAS - %GAS_FASTEST_STEP => GAS    :JMPN(outOfGas)
+
+    ; read two items from the stack
+    SP - 1 => SP
+    $ => B          :MLOAD(SP--) ; [byte offset => B]
+    $ => C          :MLOAD(SP) ; [32-byte value => C]
+
+    ; if the byte offset is out of range --> go to opBYTE0
+    31 => A
+    $ => D          :SUB, JMPC(opBYTE0)
+
+    ; call util function
+    C => A
+                    :CALL(SHRarith) ; in: [A: value, D: #bytes to right shift] out: [A: shifted result]
+
+    ; call binary:and state machine and push to the stack
+    255 => B
+    $               :AND, MSTORE(SP++), JMP(readCode) ; [ A & 255 => SP]
+
+opBYTE0:
+    0               :MSTORE(SP++), JMP(readCode) ; [ 0 => SP]
+
+/**
+ * @link [https://www.evm.codes/#1c?fork=berlin]
+ * @zk-counters
+ *  - 20 steps
+ * @process-opcode
+ *  - stack input: [shift, value]
+ *  - stack output: [value >> shift]
+ */
+opSHR:
+    ; checks zk-counters
+    %MAX_CNT_STEPS - STEP - 20         :JMPN(outOfCountersStep)
+
+    ; check stack underflow
+    SP - 2              :JMPN(stackUnderflow)
+
+    ; check out-of-gas
+    GAS - %GAS_FASTEST_STEP => GAS      :JMPN(outOfGas)
+
+    ; read two items from the stack
+    SP - 1 => SP
+    $ => D          :MLOAD(SP--) ; [shift => D]
+    ; call SHRarithBit util
+    $ => A          :MLOAD(SP), CALL(SHRarithBit)   ; [value => A]; [ A >> D => A]
+    A               :MSTORE(SP++), JMP(readCode) ; [ A => SP]
+
+/**
+ * @link [https://www.evm.codes/#1b?fork=berlin]
+ * @zk-counters
+ *  - 20 steps
+ * @process-opcode
+ *  - stack input: [shift, value]
+ *  - stack output: [value << shift]
+ */
+opSHL:
+    ; checks zk-counters
+    %MAX_CNT_STEPS - STEP - 20         :JMPN(outOfCountersStep)
+
+    ; check stack underflow
+    SP - 2              :JMPN(stackUnderflow)
+
+    ; check out-of-gas
+    GAS - %GAS_FASTEST_STEP => GAS      :JMPN(outOfGas)
+
+    ; read two items from the stack
+    SP - 1 => SP
+    $ => D          :MLOAD(SP--)
+    $ => A          :MLOAD(SP)
+
+    ; CALL shl util
+                    :CALL(SHLarithBit)  ; [ A << D => A]
+    A               :MSTORE(SP++), JMP(readCode) ; [A => SP]
+
+/**
+ * @link [https://www.evm.codes/#1d?fork=berlin]
+ * @zk-counters
+ *  - 5 binary
+ *  - 100 steps
+ * @process-opcode
+ *  - stack input: [shift, value]
+ *  - stack output: [value >> shift (signed)]
+ */
+opSAR:
+    ; checks zk-counters
+    %MAX_CNT_BINARY - CNT_BINARY - 5   :JMPN(outOfCountersBinary)
+    %MAX_CNT_STEPS - STEP - 100         :JMPN(outOfCountersStep)
+
+    ; check stack underflow
+    SP - 2              :JMPN(stackUnderflow)
+
+    ; check out-of-gas
+    GAS - %GAS_FASTEST_STEP => GAS      :JMPN(outOfGas)
+
+    ; read two items from the stack
+    SP - 1 => SP
+    $ => C          :MLOAD(SP--) ; [shift (bits) => C]
+    $ => A          :MLOAD(SP) ; [value => A]
+
+    ; Sign of A [1 if negative, 0 positive] in E
+    0 => B
+    $ => E          :SLT ; [sign(A) => E]
+
+    ; check shift is less than 256 bits
+    A => D ; [value => D]
+    C => B ; [shift (bits) => B]
+    256 => A
+    $               :LT, JMPC(maxShiftSAR)
+
+    ; compute result depending on sign
+    E               :JMPZ(positiveValue, negativeValue)
+
+positiveValue:
+    ; call SHRarithBit util
+    D => A
+    C => D          :CALL(SHRarithBit) ; [shift (bits) => D]; [ A >> D => A]
+                    :JMP(endSAR)
+
+negativeValue:
+    D => A
+    %MAX_UINT_256 => B
+    $ => A          :XOR ; [~A => A]
+    C => D          :CALL(SHRarithBit) ; [shift (bits) => D]; [ A >> D => A]
+    $ => A          :XOR, JMP(endSAR) ; [~A => A]
+
+endSAR:
+    ; check shifted result is greater than 0
+    0 => B
+    $               :EQ, JMPC(maxShiftSAR)
+    A               :MSTORE(SP++), JMP(readCode)   ; [(value >> shift (signed)) => SP]
+
+
+; return 0 if sign is positive. return %MAX_UINT_256 if sign is negative
+maxShiftSAR:
+    0 => D ; [sign positive: 0 => D]
+
+    ; check sign negative or positive
+    E                      :JMPZ(endMaxShiftSAR)
+    %MAX_UINT_256 => D ; [sign negative: MAX_UINT_256 => D]
+
+endMaxShiftSAR:
+    D                       :MSTORE(SP++), JMP(readCode) ; [(value >> shift (signed)) => SP]

package/main/opcodes/context-information.zkasm

@@ -0,0 +1,169 @@
+/**
+ * @link [https://www.evm.codes/#30?fork=berlin]
+ * @zk-counters
+ *  - 20 steps
+ * @process-opcode
+ *  - stack input: []
+ *  - stack output: [address]
+ */
+opADDRESS:
+    ; checks zk-counters
+    %MAX_CNT_STEPS - STEP - 20 :JMPN(outOfCountersStep)
+    ; check out-of-gas
+    GAS - %GAS_QUICK_STEP => GAS    :JMPN(outOfGas)
+    ; check is a create
+    $ => A          :MLOAD(isCreateContract), JMPNZ(opADDRESSdeploy)
+    ; load current storage address
+    $ => A          :MLOAD(storageAddr), JMP(opADDRESSend)
+
+opADDRESSdeploy:
+    ; load create contract address
+    $ => A          :MLOAD(createContractAddress)
+
+opADDRESSend:
+    A               :MSTORE(SP++); [address(A) => SP]
+    ; check stack overflow
+    %MAX_STACK_SIZE - SP       :JMPN(stackOverflow, readCode)
+
+/**
+ * @link [https://www.evm.codes/#47?fork=berlin]
+ * @zk-counters
+ *  - %MAX_CNT_POSEIDON_SLOAD_SSTORE poseidon
+ *  - 10 steps
+ * @process-opcode
+ *  - stack input: []
+ *  - stack output: [balance]
+ */
+opSELFBALANCE:
+    ; checks zk-counters
+    %MAX_CNT_POSEIDON_G - CNT_POSEIDON_G - %MAX_CNT_POSEIDON_SLOAD_SSTORE :JMPN(outOfCountersPoseidon)
+    %MAX_CNT_STEPS - STEP - 10 :JMPN(outOfCountersStep)
+    ; check out-of-gas
+    GAS - %GAS_FAST_STEP => GAS    :JMPN(outOfGas)
+
+    $ => A          :MLOAD(storageAddr)
+    ; set key for smt balance query
+    0 => B,C
+    ; balance in D
+    $ => D          :SLOAD
+    D               :MSTORE(SP++); [balance(D) => SP]
+    ; check stack overflow
+    %MAX_STACK_SIZE - SP       :JMPN(stackOverflow, readCode)
+
+/**
+ * @link [https://www.evm.codes/#31?fork=berlin]
+ * @zk-counters
+ *  - %MAX_CNT_POSEIDON_SLOAD_SSTORE poseidon
+ *  - 10 steps
+ * @process-opcode
+ *  - stack input: [address]
+ *  - stack output: [balance]
+ */
+opBALANCE:
+    ; checks zk-counters
+    %MAX_CNT_POSEIDON_G - CNT_POSEIDON_G - %MAX_CNT_POSEIDON_SLOAD_SSTORE :JMPN(outOfCountersPoseidon)
+    %MAX_CNT_STEPS - STEP - 10 :JMPN(outOfCountersStep)
+    ; check stack underflow
+    SP - 1          :JMPN(stackUnderflow)
+    ; Mask address to 20 bytes
+    $ => A          :MLOAD(SP-1), CALL(maskAddress); [address => A]; in: [A: address] out: [A: masked address]
+    ; set key for smt balance query
+    0 => B,C
+    ; balance in D
+    $ => D          :SLOAD
+    D               :MSTORE(SP-1), CALL(isColdAddress); [balance(D) => SP]; in: [A: address] out: [D: 0 if warm, 1 if cold]
+    ; check out-of-gas
+    GAS - %WARM_STORAGE_READ_GAS - D * %COLD_ACCOUNT_ACCESS_COST_REDUCED => GAS    :JMPN(outOfGas, readCode)
+
+/**
+ * @link [https://www.evm.codes/#32?fork=berlin]
+ * @zk-counters
+ *  - 10 steps
+ * @process-opcode
+ *  - stack input: []
+ *  - stack output: [address]
+ */
+opORIGIN:
+    ; checks zk-counters
+    %MAX_CNT_STEPS - STEP - 10 :JMPN(outOfCountersStep)
+    ; check out-of-gas
+    GAS-%GAS_QUICK_STEP => GAS    :JMPN(outOfGas)
+
+    $ => A          :MLOAD(txSrcOriginAddr)
+    A               :MSTORE(SP++); [address(A) => SP]
+    ; check stack overflow
+    %MAX_STACK_SIZE - SP       :JMPN(stackOverflow, readCode)
+
+/**
+ * @link [https://www.evm.codes/#33?fork=berlin]
+ * @zk-counters
+ *  - 10 steps
+ * @process-opcode
+ *  - stack input: []
+ *  - stack output: [address]
+ */
+opCALLER:
+    ; checks zk-counters
+    %MAX_CNT_STEPS - STEP - 10 :JMPN(outOfCountersStep)
+    ; check out-of-gas
+    GAS - %GAS_QUICK_STEP => GAS    :JMPN(outOfGas)
+
+    $ => A          :MLOAD(txSrcAddr)
+    A               :MSTORE(SP++); [address(A) => SP]
+    ; check stack overflow
+    %MAX_STACK_SIZE - SP       :JMPN(stackOverflow, readCode)
+
+/**
+ * @link [https://www.evm.codes/#34?fork=berlin]
+ * @zk-counters
+ *  - 10 steps
+ * @process-opcode
+ *  - stack input: []
+ *  - stack output: [value]
+ */
+opCALLVALUE:
+    ; checks zk-counters
+    %MAX_CNT_STEPS - STEP - 10 :JMPN(outOfCountersStep)
+    ; check out-of-gas
+    GAS - %GAS_QUICK_STEP => GAS    :JMPN(outOfGas)
+
+    $ => A          :MLOAD(txValue)
+    A               :MSTORE(SP++); [value(A) => SP]
+    ; check stack overflow
+    %MAX_STACK_SIZE - SP       :JMPN(stackOverflow, readCode)
+
+/**
+ * @link [https://www.evm.codes/#3A?fork=berlin]
+ * @zk-counters
+ *  - 10 steps
+ * @process-opcode
+ *  - stack input: []
+ *  - stack output: [price]
+ */
+opGASPRICE:
+    ; checks zk-counters
+    %MAX_CNT_STEPS - STEP - 10 :JMPN(outOfCountersStep)
+    ; check out-of-gas
+    GAS - %GAS_QUICK_STEP => GAS    :JMPN(outOfGas)
+
+    $ => A          :MLOAD(txGasPrice)
+    A               :MSTORE(SP++); [price(A) => SP]
+    ; check stack overflow
+    %MAX_STACK_SIZE - SP       :JMPN(stackOverflow, readCode)
+
+/**
+ * @link [https://www.evm.codes/#5A?fork=berlin]
+ * @zk-counters
+ *  - 10 steps
+ * @process-opcode
+ *  - stack input: []
+ *  - stack output: [gas]
+ */
+opGAS:
+    ; checks zk-counters
+    %MAX_CNT_STEPS - STEP - 10 :JMPN(outOfCountersStep)
+    ; check out-of-gas
+    GAS - %GAS_QUICK_STEP => GAS  :JMPN(outOfGas)
+    GAS             :MSTORE(SP++); [gas(GAS) => SP]
+    ; check stack overflow
+    %MAX_STACK_SIZE - SP       :JMPN(stackOverflow, readCode)