qa -> testnet (bnb-chain#84)

* Changed hash func from keccak to sha256 for block commitment

* update nameHash to address

* add NftContentType of NFT

* add NftContentType of NFT

* update Address []byte to string

* add ChangePubKey deal with

* Added gkr for merkle proof

* add NftContentType,GetAccountIndex,GetToAccountIndex

* isTransferTx to isChangePubKey

* add l1Sig

* add l1Sig

* add l1 account index

* adjust pubdata sort

* update L1Address string to []byte

* update after address

* update accountDelta

* update NftContentType int64

* update NftContentType int64

* Replaced poseidon with mimc gkr for node hash calculation

* update NftContentType int8

* update NbAccountsPerTx to 5

* update L1Signature

* add GetPubKey

* remove L1Signature

* check Sig

* Adjust the double signature logic in the crypto part

* remove mark code

* Adjust the double signature logic in the crypto part

* check Sig

* check full exit

* check full exit

* check full exit

* update NftContentType init64

* remove withdraw NftContentType

* update  NftContentType int64

* check full exit

* check full exit

* check l1 address

* Change all poseidon to mimc with gkr, include inside smt

* Bump gnark lib

* create account when transfer nft

* AllocateGKRCircuit while setting witness

* Debug unsatisfied constraint

* Debug unsatisfied constraint

* Testing Gkr mimc

* create account when transfer nft

* Zns 2 l2 offer (#2)

* add offer Chanel

* add offer Chanel

* add offer Chanel

* add offer Chanel

* deal with CallData length

* add check field

---------

Co-authored-by: toni.x <toni.x@binance.com>

* update offer Protocol

* update offer Protocol

* Enlarge bN to 19

* Revert "Enlarge bN to 19"

This reverts commit 3e1dc6a.

* Remove obsolete sparse_merkle.go

* fix: generation problems

* Enlarge bN to 19

* add protocol account (#3) (#5)

Co-authored-by: toni.x <toni.x@binance.com>

* Adapted zkbnb-crypto for gnark v0.8.0

* Adapted zkbnb-crypto for gnark v0.8.0, added support for split ccs file loading

* change bN to 17

* cancel offer accountIndex error information

* change bN to 15

* Adapted zkbnb-crypto for gnark v0.8.0, added support for split ccs file loading

* update channel

* change bN to 16

* Added support for persisting r1cs len

* Added support for persisting r1cs len

* Added support for persisting r1cs len

* fixed mimc hash calculation

* fixed empty asset root

* added different batch sizes

* Fix gkr under 0.8

* added different batch sizes

* update NftContentType

* Replace Deprecated GetNbVariables()

* Fix README.md

* Ignore generated files

* update NftContentType

* update NftContentType

* updated gnark version

* Bump gnark, gkr ontop 0.8

* debug gkr

* Tmp fix commitment

* rollback asset root

* UnpackAmount

* updated gnark versions

* updated gnark version

* lazify + change to getNbR1C

* amount precision check

* hack to fix creation of r1cs

* Bump gnark

* Bump gnark & gnark-crypto

* Choose bN from block size

* check whether offer id is too high

* check whether offer id is too high

* Fix AssertIsLessOrEqual and enlarge bN

* mintnft toaddress not exist

* mintnft toaddress not exist

* mintnft toaddress not exist

* mintnft toaddress not exist

* mintnft toaddress not exist

* Use BlockCommitment for AssertValid

* Use bnb-chain gnark, gkr mimc function to zkbnb

* Use golang 1.18

* test solve under block size 1

* fixes mimc call data hash calculation

* Fixes signature generation after crypto lib update (#9)

* Fixes signature generation after crypto lib update (#10)

* fix maxOfferId  too high

* added flag to not generate pk and vk (#11)

* added flag to not generate pk and vk

* changed flag name

* changed flag name

* adjust account index

* addressed audit review

* addressed audit review (#12)

* adjust account index

* addressed audit review

* addressed audit review

* fixed wrong assert

* addressed audit review

* addressed audit review

* addressed audit review

* rollback unnecessary changes

* Revert "Bugfix/audit changes"

---------

Co-authored-by: toni.x <toni.x@binance.com>
Co-authored-by: markc <mark.c@binance.com>
Co-authored-by: Smith S <smith.s@binance.com>
Co-authored-by: qct <tango.qct@gmail.com>
Co-authored-by: toni <98298250+15000785133@users.noreply.github.com>
Co-authored-by: garyxiong123 <502238410@qq.com>

.gitignore

@@ -20,6 +20,8 @@
 
 */.idea/
 
+*.save
+*.r1cslen
 *.pk*
 *.vk*
 *.sol

README.md

@@ -6,13 +6,13 @@
 ## Getting Started
 ### Exporting groth16 proving/verifying key, verifier contract
 
-
-```
-cd circuit/solidity;
-
-go test -run TestExportSolGroth16  -count=1 -timeout 99999s
+```shell
+go test -v ./circuit/solidity -run "^TestExportSol$" -timeout 600m -blocksizes 1 -batchsize 100000
 ```
-After this command is finished, there will be 3 generated files: `zkbnb.pk_groth16`, `zkbnb.vk_groth16` and `ZkBNBVerifier.sol`
+After this command is finished, there will be generated files: 
+* R1CS files `*.r1cs.*.save` 
+* PK VK files `*.pk.*.save`, `*.vk.save` 
+* Verifier contract `ZkBNBVerifier*.sol`
 
 
 ### Exporting plonk proving/verifying key, verifier contract

circuit/asset_delta.go

@@ -249,7 +249,7 @@ func GetAssetDeltasAndNftDeltaFromMintNft(
 	txInfo MintNftTxConstraints,
 ) (deltas [NbAccountsPerTx][NbAccountAssetsPerAccount]AccountAssetDeltaConstraints,
 	nftDelta NftDeltaConstraints,
-	gasDeltas [NbGasAssetsPerTx]GasDeltaConstraints) {
+	gasDeltas [NbGasAssetsPerTx]GasDeltaConstraints, accountDelta AccountDeltaConstraints) {
 	// from account
 	deltas[0] = [NbAccountAssetsPerAccount]AccountAssetDeltaConstraints{
 		{
@@ -276,7 +276,10 @@ func GetAssetDeltasAndNftDeltaFromMintNft(
 		CollectionId:        txInfo.CollectionId,
 	}
 	gasDeltas = GetGasDeltas(txInfo.GasFeeAssetId, txInfo.GasFeeAssetAmount)
-	return deltas, nftDelta, gasDeltas
+	accountDelta = AccountDeltaConstraints{
+		L1Address: txInfo.ToL1Address,
+	}
+	return deltas, nftDelta, gasDeltas, accountDelta
 }
 
 func GetAssetDeltasAndNftDeltaFromTransferNft(

circuit/block_constraints.go

@@ -18,7 +18,7 @@
 package circuit
 
 import (
-	"github.com/consensys/gnark/std/hash/poseidon"
+	"github.com/consensys/gnark/std/gkr/gkr"
 	"github.com/consensys/gnark/std/hash/sha256"
 	"log"
 
@@ -38,6 +38,7 @@ type BlockConstraints struct {
 	Gas             GasConstraints
 	GasAssetIds     []int64
 	GasAccountIndex int64
+	GKRs            gkr.GkrCircuit
 }
 
 func (circuit BlockConstraints) Define(api API) error {
@@ -51,6 +52,7 @@ func (circuit BlockConstraints) Define(api API) error {
 	if err != nil {
 		return err
 	}
+	circuit.GKRs.AssertValid(api, circuit.BlockCommitment)
 	return nil
 }
 
@@ -155,7 +157,7 @@ func VerifyBlock(
 		log.Println("unable to verify gas, err:", err)
 		return err
 	}
-	newStateRoot := poseidon.Poseidon(api, roots[:]...)
+	newStateRoot := types.MimcWithGkr(api, roots[:]...)
 	types.IsVariableEqual(api, needGas, block.NewStateRoot, newStateRoot)
 
 	notNeedGas := api.Xor(1, needGas)
@@ -164,12 +166,13 @@ func VerifyBlock(
 	pendingCommitmentData[count] = onChainOpsCount
 	outputBytesCount := blockInfoCount*32 + (types.PubDataBitsSizePerTx*block.TxsCount)/8
 	pubDataBytes, _ := api.Compiler().NewHint(types.PubDataToBytes, outputBytesCount, pendingCommitmentData[:]...)
+
 	commitment := sha256.Sha256Api(api, pubDataBytes[:]...)
 	api.AssertIsEqual(commitment, block.BlockCommitment)
 	return nil
 }
 
-func SetBlockWitness(oBlock *Block) (witness BlockConstraints, err error) {
+func SetBlockWitness(oBlock *Block, bN int) (witness BlockConstraints, err error) {
 	witness = BlockConstraints{
 		BlockNumber:     oBlock.BlockNumber,
 		CreatedAt:       oBlock.CreatedAt,
@@ -191,6 +194,7 @@ func SetBlockWitness(oBlock *Block) (witness BlockConstraints, err error) {
 		log.Println("fail to set gas witness: ", err.Error())
 		return witness, err
 	}
+	witness.GKRs.AllocateGKRCircuit(bN)
 	return witness, nil
 }
 

circuit/constraints_test.go

@@ -8,15 +8,6 @@ import (
 	"testing"
 )
 
-func TestTransactionConstraintsCount(t *testing.T) {
-	var txCircuit TxConstraints
-	r1cs, err := frontend.Compile(ecc.BN254.ScalarField(), r1cs.NewBuilder, &txCircuit, frontend.IgnoreUnconstrainedInputs())
-	if err != nil {
-		fmt.Println("error occured ", err)
-	}
-	fmt.Println("tx circuit constraints number is ", r1cs.GetNbConstraints())
-}
-
 func TestBlockConstraintsCounts(t *testing.T) {
 	var blockCircuit BlockConstraints
 	blockCircuit.TxsCount = 1
@@ -29,6 +20,7 @@ func TestBlockConstraintsCounts(t *testing.T) {
 	blockCircuit.GasAssetIds = gasAssetIds
 	blockCircuit.GasAccountIndex = gasAccountIndex
 	blockCircuit.Gas = GetZeroGasConstraints(gasAssetIds)
+	blockCircuit.GKRs.AllocateGKRCircuit(11)
 
 	r1cs, err := frontend.Compile(ecc.BN254.ScalarField(), r1cs.NewBuilder, &blockCircuit, frontend.IgnoreUnconstrainedInputs())
 	if err != nil {