core/vm: implement secp256r1 verifier precompiled

This commit is contained in:
Ulaş Erdoğan 2023-05-08 04:12:57 +03:00
parent fb89b61cdc
commit a8c0a2e05c
3 changed files with 68 additions and 9 deletions

View File

@ -28,6 +28,7 @@ import (
"github.com/ethereum/go-ethereum/crypto/blake2b" "github.com/ethereum/go-ethereum/crypto/blake2b"
"github.com/ethereum/go-ethereum/crypto/bls12381" "github.com/ethereum/go-ethereum/crypto/bls12381"
"github.com/ethereum/go-ethereum/crypto/bn256" "github.com/ethereum/go-ethereum/crypto/bn256"
"github.com/ethereum/go-ethereum/crypto/secp256r1"
"github.com/ethereum/go-ethereum/params" "github.com/ethereum/go-ethereum/params"
"golang.org/x/crypto/ripemd160" "golang.org/x/crypto/ripemd160"
) )
@ -79,15 +80,15 @@ var PrecompiledContractsIstanbul = map[common.Address]PrecompiledContract{
// PrecompiledContractsBerlin contains the default set of pre-compiled Ethereum // PrecompiledContractsBerlin contains the default set of pre-compiled Ethereum
// contracts used in the Berlin release. // contracts used in the Berlin release.
var PrecompiledContractsBerlin = map[common.Address]PrecompiledContract{ var PrecompiledContractsBerlin = map[common.Address]PrecompiledContract{
common.BytesToAddress([]byte{1}): &ecrecover{}, common.BytesToAddress([]byte{1}): &ecrecover{},
common.BytesToAddress([]byte{2}): &sha256hash{}, common.BytesToAddress([]byte{2}): &sha256hash{},
common.BytesToAddress([]byte{3}): &ripemd160hash{}, common.BytesToAddress([]byte{3}): &ripemd160hash{},
common.BytesToAddress([]byte{4}): &dataCopy{}, common.BytesToAddress([]byte{4}): &dataCopy{},
common.BytesToAddress([]byte{5}): &bigModExp{eip2565: true}, common.BytesToAddress([]byte{5}): &bigModExp{eip2565: true},
common.BytesToAddress([]byte{6}): &bn256AddIstanbul{}, common.BytesToAddress([]byte{6}): &bn256AddIstanbul{},
common.BytesToAddress([]byte{7}): &bn256ScalarMulIstanbul{}, common.BytesToAddress([]byte{7}): &bn256ScalarMulIstanbul{},
common.BytesToAddress([]byte{8}): &bn256PairingIstanbul{}, common.BytesToAddress([]byte{8}): &bn256PairingIstanbul{},
common.BytesToAddress([]byte{9}): &blake2F{}, common.BytesToAddress([]byte{9}): &blake2F{},
} }
// PrecompiledContractsBLS contains the set of pre-compiled Ethereum // PrecompiledContractsBLS contains the set of pre-compiled Ethereum
@ -104,6 +105,12 @@ var PrecompiledContractsBLS = map[common.Address]PrecompiledContract{
common.BytesToAddress([]byte{18}): &bls12381MapG2{}, common.BytesToAddress([]byte{18}): &bls12381MapG2{},
} }
// PrecompiledContractsEcverify contains the precompiled Ethereum
// contract specified in EIP-N. This is exported for testing purposes.
var PrecompiledContractsEcverify = map[common.Address]PrecompiledContract{
common.BytesToAddress([]byte{19}): &ecverify{},
}
var ( var (
PrecompiledAddressesBerlin []common.Address PrecompiledAddressesBerlin []common.Address
PrecompiledAddressesIstanbul []common.Address PrecompiledAddressesIstanbul []common.Address
@ -1048,3 +1055,33 @@ func (c *bls12381MapG2) Run(input []byte) ([]byte, error) {
// Encode the G2 point to 256 bytes // Encode the G2 point to 256 bytes
return g.EncodePoint(r), nil return g.EncodePoint(r), nil
} }
// ECVERIFY (secp256r1 signature verification)
// implemented as a native contract
type ecverify struct{}
// RequiredGas returns the gas required to execute the precompiled contract
func (c *ecverify) RequiredGas(input []byte) uint64 {
return params.EcverifyGas
}
// Run executes the precompiled contract, returning the output and the used gas
func (c *ecverify) Run(input []byte) ([]byte, error) {
// Required input length is 160 bytes
const ecverifyInputLength = 160
// "input" is (hash, r, s, x, y), each 32 bytes
input = common.RightPadBytes(input, ecverifyInputLength)
// Extract the hash, r, s, x, y from the input
hash := input[0:32]
r, s := new(big.Int).SetBytes(input[32:64]), new(big.Int).SetBytes(input[64:96])
x, y := new(big.Int).SetBytes(input[96:128]), new(big.Int).SetBytes(input[128:160])
// Verify the secp256r1 signature
if result, err := secp256r1.Verify(hash, r, s, x, y); err != nil {
return nil, err
} else {
return result, nil
}
}

View File

@ -65,6 +65,7 @@ var allPrecompiles = map[common.Address]PrecompiledContract{
common.BytesToAddress([]byte{16}): &bls12381Pairing{}, common.BytesToAddress([]byte{16}): &bls12381Pairing{},
common.BytesToAddress([]byte{17}): &bls12381MapG1{}, common.BytesToAddress([]byte{17}): &bls12381MapG1{},
common.BytesToAddress([]byte{18}): &bls12381MapG2{}, common.BytesToAddress([]byte{18}): &bls12381MapG2{},
common.BytesToAddress([]byte{19}): &ecverify{},
} }
// EIP-152 test vectors // EIP-152 test vectors
@ -391,3 +392,15 @@ func BenchmarkPrecompiledBLS12381G2MultiExpWorstCase(b *testing.B) {
} }
benchmarkPrecompiled("0f", testcase, b) benchmarkPrecompiled("0f", testcase, b)
} }
// Benchmarks the sample inputs from the ECVERIFY precompile.
func BenchmarkPrecompiledEcverify(bench *testing.B) {
t := precompiledTest{
Input: "2cf24dba5fb0a30e26e83b2ac5b9e29e1b161e5c1fa7425e73043362938b98243744ca2b25ce52b927841120de9d5e5a454acabea2ebacaa1f76850934cb0c7c818200fa5e4b4607eeea9593071a6097b132d77c10661c441b5a66eb36856e1251c078c2c1367932e25bf657f6b2e378a26a27e238196295e1c59e2225d372fe603c229d85ea9eb0b090274c59a0600becd11d0df3f91fe44677977119c4ff03",
Expected: "0000000000000000000000000000000000000000000000000000000000000001",
Name: "ecverify",
}
benchmarkPrecompiled("13", t, bench)
}
func TestPrecompiledEcverify(t *testing.T) { testJson("ecverify", "13", t) }

View File

@ -0,0 +1,9 @@
[
{
"Input": "2cf24dba5fb0a30e26e83b2ac5b9e29e1b161e5c1fa7425e73043362938b98243744ca2b25ce52b927841120de9d5e5a454acabea2ebacaa1f76850934cb0c7c818200fa5e4b4607eeea9593071a6097b132d77c10661c441b5a66eb36856e1251c078c2c1367932e25bf657f6b2e378a26a27e238196295e1c59e2225d372fe603c229d85ea9eb0b090274c59a0600becd11d0df3f91fe44677977119c4ff03",
"Expected": "0000000000000000000000000000000000000000000000000000000000000001",
"Gas": 3450,
"Name": "CallEcverify",
"NoBenchmark": false
}
]