Add more block validations, separate validation from actual execution

Author: bewakes

crates/asm/common/src/error.rs

@@ -18,6 +18,12 @@ where
     pub actual: T,
 }
 
+impl<T: Debug + Display> Mismatched<T> {
+    pub fn new(expected: T, actual: T) -> Self {
+        Self { expected, actual }
+    }
+}
+
 /// Errors that can occur while working with ASM subprotocols.
 #[derive(Debug, Error)]
 pub enum AsmError {

crates/chainexec/src/executor.rs

@@ -1,7 +1,7 @@
 //! Chain executor.
 
 use strata_chaintsn::{
-    context::{BlockHeaderContext, L2HeaderAndParent, StateAccessor},
+    context::{BlockHeaderContext, StateAccessor},
     transition::process_block,
 };
 use strata_primitives::prelude::*;

crates/services/stf-runner/src/block.rs

@@ -1,7 +1,9 @@
 use sha2::{Digest, Sha256};
 use strata_asm_common::AsmLogEntry;
 use strata_primitives::{
+    block_credential::CredRule,
     buf::{Buf32, Buf64},
+    crypto::verify_schnorr_sig,
     params::RollupParams,
 };
 
@@ -28,6 +30,7 @@ pub struct OLBlockHeader {
     slot: Slot,
     epoch: Epoch,
     parent_blockid: OLBlockId,
+    logs_root: Buf32,
     body_root: Buf32,
     state_root: Buf32,
 }
@@ -39,7 +42,6 @@ type Epoch = u64;
 /// The body portion of an OL block containing the actual data
 #[derive(Debug, Clone)]
 pub struct OLBlockBody {
-    logs: Vec<OLLog>,
     txs: Option<Vec<Transaction>>,
     l1update: Option<L1Update>,
 }
@@ -78,7 +80,7 @@ pub struct TransactionExtra {
 #[derive(Debug, Clone)]
 pub struct L1Update {
     /// The state root before applying updates from L1
-    inner_state_root: Buf32,
+    unsealed_state_root: Buf32,
     /// L1 height the manifests are read upto
     new_l1_height: u32,
     /// Manifests from last l1_height to the new_l1_height
@@ -114,46 +116,57 @@ impl OLBlock {
         &self.body
     }
 
-    pub fn validate_block_header(
+    /// Check the continuity of block header
+    pub fn validate_block_header_continuity(
         &self,
-        _params: &RollupParams,
+        params: &RollupParams,
         prev_header: &OLBlockHeader,
     ) -> Result<(), String> {
-        let current_header = self.signed_header.header();
+        self.validate_block_signature(params)?;
 
-        if current_header.slot() > 0 {
-            if current_header.slot() != prev_header.slot() + 1 {
-                return Err(format!("Invalid block slot {}", current_header.slot()));
+        let cur_header = self.signed_header.header();
+
+        if cur_header.slot() > 0 {
+            if cur_header.slot() != prev_header.slot() + 1 {
+                return Err(format!("Invalid block slot {}", cur_header.slot()));
             }
-            if *current_header.parent_blockid() != prev_header.compute_header_root() {
+            if *cur_header.parent_blockid() != prev_header.compute_header_root() {
                 return Err("Invalid parent block ID".to_string());
             }
         }
 
         // Check epoch progression - epoch should not decrease and increase only by 1 at max
-        let same_epoch = current_header.epoch() == prev_header.epoch();
-        let valid_increment = current_header.epoch() == prev_header.epoch() + 1;
-        if current_header.epoch() != 0 && (same_epoch || valid_increment) {
+        let epoch_diff = cur_header.epoch() as i64 - prev_header.epoch() as i64;
+        let valid_increment = epoch_diff == 0 || epoch_diff == 1;
+        if cur_header.epoch() != 0 && !valid_increment {
             return Err(format!(
                 "Epoch regression: current {} < previous {}",
-                current_header.epoch, prev_header.epoch
+                cur_header.epoch, prev_header.epoch
             ));
         }
 
         // Check timestamp progression - should not go backwards.
         // FIXME: might need to use some threshold like bitcoin.
-        if current_header.timestamp < prev_header.timestamp {
+        if cur_header.timestamp < prev_header.timestamp {
             return Err(format!(
                 "Timestamp regression: current {} < previous {}",
-                current_header.timestamp, prev_header.timestamp
+                cur_header.timestamp, prev_header.timestamp
             ));
         }
 
-        // Basic sanity checks
-        if current_header.body_root == Buf32::zero() {
-            return Err("Invalid body root (zero hash)".to_string());
-        }
+        Ok(())
+    }
 
+    pub fn validate_block_signature(&self, params: &RollupParams) -> Result<(), String> {
+        let seq_pubkey = match params.cred_rule {
+            CredRule::SchnorrKey(key) => key,
+            CredRule::Unchecked => return Ok(()),
+        };
+        let digest = self.signed_header().header().compute_header_root();
+
+        if !verify_schnorr_sig(self.signed_header().signature(), &digest, &seq_pubkey) {
+            return Err("Invalid block signature".to_string());
+        }
         Ok(())
     }
 }
@@ -178,6 +191,7 @@ impl OLBlockHeader {
         slot: Slot,
         epoch: Epoch,
         parent_blockid: OLBlockId,
+        logs_root: Buf32,
         body_root: Buf32,
         state_root: Buf32,
     ) -> Self {
@@ -186,6 +200,7 @@ impl OLBlockHeader {
             slot,
             epoch,
             parent_blockid,
+            logs_root,
             body_root,
             state_root,
         }
@@ -207,6 +222,10 @@ impl OLBlockHeader {
         &self.parent_blockid
     }
 
+    pub fn logs_root(&self) -> &Buf32 {
+        &self.logs_root
+    }
+
     pub fn body_root(&self) -> &Buf32 {
         &self.body_root
     }
@@ -215,6 +234,7 @@ impl OLBlockHeader {
         &self.state_root
     }
 
+    // NOTE: this will possibly be redundant once we have SSZ
     pub fn compute_header_root(&self) -> Buf32 {
         let mut hasher = Sha256::new();
 
@@ -231,20 +251,8 @@ impl OLBlockHeader {
 }
 
 impl OLBlockBody {
-    pub fn new(
-        logs: Vec<OLLog>,
-        txs: Option<Vec<Transaction>>,
-        l1update: Option<L1Update>,
-    ) -> Self {
-        Self {
-            logs,
-            txs,
-            l1update,
-        }
-    }
-
-    pub fn logs(&self) -> &[OLLog] {
-        &self.logs
+    pub fn new(txs: Option<Vec<Transaction>>, l1update: Option<L1Update>) -> Self {
+        Self { txs, l1update }
     }
 
     pub fn txs(&self) -> &Option<Vec<Transaction>> {
@@ -254,6 +262,30 @@ impl OLBlockBody {
     pub fn l1update(&self) -> &Option<L1Update> {
         &self.l1update
     }
+
+    // NOTE: this will be redundant after ssz
+    pub fn compute_root(&self) -> Buf32 {
+        let mut hasher = Sha256::new();
+        if let Some(txs) = self.txs() {
+            for tx in txs {
+                hasher.update(tx.type_id().to_be_bytes());
+                match &tx.payload {
+                    TransactionPayload::GenericAccountMessage { target, payload } => {
+                        hasher.update(target.as_slice());
+                        hasher.update(payload);
+                    }
+                    TransactionPayload::SnarkAccountUpdate { target, update } => {
+                        hasher.update(target.as_slice());
+                        hasher.update(&update.witness);
+                        hasher.update(update.data.seq_no.to_be_bytes());
+                        // TODO: other fields, maybe wait for ssz?
+                        todo!()
+                    }
+                }
+            }
+        }
+        Buf32::new(hasher.finalize().into())
+    }
 }
 
 impl Transaction {
@@ -307,14 +339,14 @@ impl TransactionExtra {
 impl L1Update {
     pub fn new(inner_state_root: Buf32, new_l1_height: u32, manifests: Vec<AsmManifest>) -> Self {
         Self {
-            inner_state_root,
+            unsealed_state_root: inner_state_root,
             new_l1_height,
             manifests,
         }
     }
 
     pub fn inner_state_root(&self) -> &Buf32 {
-        &self.inner_state_root
+        &self.unsealed_state_root
     }
 
     pub fn new_l1_height(&self) -> u32 {
@@ -355,4 +387,14 @@ impl OLLog {
     pub fn payload(&self) -> &[u8] {
         &self.payload
     }
+
+    // NOTE: This will also be redundant after SSZ
+    pub(crate) fn compute_root(logs: &[Self]) -> Buf32 {
+        let mut hasher = Sha256::new();
+        for log in logs {
+            hasher.update(log.account_serial().to_be_bytes());
+            hasher.update(log.payload());
+        }
+        Buf32::new(hasher.finalize().into())
+    }
 }

crates/services/stf-runner/src/ledger.rs

@@ -117,16 +117,14 @@ impl LedgerProvider for InMemoryVectorLedger {
         // For now, recompute every time (inefficient but correct)
         let mut hasher = Sha256::new();
 
-        let mut sorted_accounts: Vec<_> = self.account_states.keys().collect();
-        sorted_accounts.sort();
-
-        for account_id in sorted_accounts {
-            hasher.update(account_id.as_ref());
-            if let Some(state) = self.account_states.get(account_id) {
-                hasher.update(state.serial.to_be_bytes());
-                hasher.update(state.ty.to_be_bytes());
-                hasher.update(state.balance.to_be_bytes());
-            }
+        let mut sorted_accounts: Vec<_> = self.account_states.iter().collect();
+        sorted_accounts.sort_by_key(|(k, _)| **k);
+
+        for (acct_id, state) in sorted_accounts {
+            hasher.update(acct_id.as_slice());
+            hasher.update(state.serial.to_be_bytes());
+            hasher.update(state.ty.to_be_bytes());
+            hasher.update(state.balance.to_be_bytes());
         }
 
         Ok(Buf32::new(hasher.finalize().into()))