add view function of proveBatchState

[anylots]

1. Add a view function proveBatchState to Rollup.sol.

Summary by CodeRabbit

• New Features

  • Added a public batch proof verification so committed batch states can be validated via cryptographic proofs.

• Tests

  • Added an integration test that submits a committed batch with a proof and verifies the new proof-validation flow.

[coderabbitai]

📝 Walkthrough

Walkthrough

A new public view function proveCommittedBatchState was added to the Rollup contract to verify a ZK proof for a committed batch: it loads batch header data, derives index and hash, checks the committed hash, and calls internal proof verification.

Changes

Cohort / File(s)	Summary
Rollup contract contracts/contracts/l1/rollup/Rollup.sol	Added public view function proveCommittedBatchState(bytes calldata _batchHeader, bytes calldata _batchProof) that loads batch header, derives batch index and hash, verifies the provided batch hash against committed state, and invokes internal _verifyProof.
Tests contracts/contracts/test/Rollup.t.sol	Added test_proveCommittedBatchState() to exercise the new proveCommittedBatchState flow using verifier and stalled-state mocks, committing a batch with proof and invoking the new method.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Suggested labels

enhancement

Suggested reviewers

• panos-xyz

Poem

🐰 I found a batch beneath a log,
A little proof, a tiny cog.
I nudged the header, checked the hash,
Hopped home singing—verification's a splash! ✨

🚥 Pre-merge checks | ✅ 2 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Title check	⚠️ Warning	The title mentions 'proveBatchState' but the actual implementation adds 'proveCommittedBatchState', a more specific function for committed batch verification.	Update the title to 'add view function proveCommittedBatchState' to accurately reflect the implemented function name.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch prove-state-view

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

🧹 Nitpick comments (1)

contracts/contracts/l1/rollup/Rollup.sol (1)

671-679: Use external for this view helper (slightly cheaper).

proveCommittedBatchState isn’t called internally, so external saves a tiny bit of gas and clarifies API intent.

♻️ Proposed tweak

-    function proveCommittedBatchState(bytes calldata _batchHeader, bytes calldata _batchProof) public view {
+    function proveCommittedBatchState(bytes calldata _batchHeader, bytes calldata _batchProof) external view {

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@contracts/contracts/l1/rollup/Rollup.sol` around lines 671 - 679, The
function proveCommittedBatchState is declared public view but is never called
internally; change its visibility to external view to save gas and clarify the
API. Update the function signature for proveCommittedBatchState to use external
instead of public and confirm there are no internal callers (search for
proveCommittedBatchState references) before committing; no other logic changes
are needed—leave the internal helpers (_loadBatchHeader,
BatchHeaderCodecV0.getBatchIndex, committedBatches check, and _verifyProof)
untouched.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Nitpick comments:
In `@contracts/contracts/l1/rollup/Rollup.sol`:
- Around line 671-679: The function proveCommittedBatchState is declared public
view but is never called internally; change its visibility to external view to
save gas and clarify the API. Update the function signature for
proveCommittedBatchState to use external instead of public and confirm there are
no internal callers (search for proveCommittedBatchState references) before
committing; no other logic changes are needed—leave the internal helpers
(_loadBatchHeader, BatchHeaderCodecV0.getBatchIndex, committedBatches check, and
_verifyProof) untouched.

---

ℹ️ Review info

Configuration used: defaults

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 7efc270 and 1411a2f.

📒 Files selected for processing (1)

• contracts/contracts/l1/rollup/Rollup.sol

[coderabbitai]

🧹 Nitpick comments (2)

contracts/contracts/test/Rollup.t.sol (2)

628-630: The hardcoded 640-byte proof is never validated — simplify to a lightweight placeholder.

_mockVerifierCall() (line 593) installs a persistent hevm.mockCall on verifyAggregateProof. That mock remains active for the entire test, so the verifier call inside proveCommittedBatchState at line 630 is intercepted and the proof bytes are never inspected. The large literal gives a misleading impression that a real ZK proof is being exercised. Every other test in this contract uses hex"deadbeef" for this reason.

♻️ Simplify proof literal

-        bytes
-            memory proof = hex"ffea2d2e...00000000";
-        rollup.proveCommittedBatchState(batchHeader1, proof);
+        rollup.proveCommittedBatchState(batchHeader1, hex"deadbeef");

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@contracts/contracts/test/Rollup.t.sol` around lines 628 - 630, The test uses
a large hardcoded proof bytes literal passed to rollup.proveCommittedBatchState
while _mockVerifierCall installs a persistent hevm.mockCall that intercepts
verifyAggregateProof, so the proof is never validated; replace the long 640-byte
hex with a lightweight placeholder (e.g. hex"deadbeef") where the proof variable
is defined and passed to proveCommittedBatchState, keeping the call to
_mockVerifierCall, verifyAggregateProof, and proveCommittedBatchState unchanged
so the test remains clear and concise.

---

591-631: Add negative test cases for proveCommittedBatchState.

test_proveCommittedBatchState only exercises the happy path. The new function contains several validation checks (committed hash existence, header consistency, verifier call) that are not covered by any failure-path test. Consider adding cases such as:

• Calling with a batch header whose hash is not in committedBatches (should revert with a committed-hash mismatch error).
• Calling after the batch has been finalized and its committed state pruned (if applicable per the contract's cleanup logic).
• Passing a header whose derived index/hash does not match the stored committed hash.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@contracts/contracts/test/Rollup.t.sol` around lines 591 - 631, Add
failing-path tests for proveCommittedBatchState: create tests that call
rollup.proveCommittedBatchState with (1) a batch header whose hash is not in
committedBatches and assert the call reverts with the committed-hash mismatch
error, (2) a header whose derived index/hash does not match the stored committed
hash (use a mismatched prevStateRoot/postStateRoot or a non-matching batchHeader
produced by _createMatchingBatchHeader) and assert revert, and (3) a scenario
where the batch was finalized/pruned (finalizeBatch then attempt
proveCommittedBatchState) and assert the appropriate revert; reuse setup helpers
like _mockVerifierCall and _mockMessageQueueStalled and reference functions
proveCommittedBatchState, test_proveCommittedBatchState, committedBatches,
batchHeader1 to locate where to add these new tests.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Nitpick comments:
In `@contracts/contracts/test/Rollup.t.sol`:
- Around line 628-630: The test uses a large hardcoded proof bytes literal
passed to rollup.proveCommittedBatchState while _mockVerifierCall installs a
persistent hevm.mockCall that intercepts verifyAggregateProof, so the proof is
never validated; replace the long 640-byte hex with a lightweight placeholder
(e.g. hex"deadbeef") where the proof variable is defined and passed to
proveCommittedBatchState, keeping the call to _mockVerifierCall,
verifyAggregateProof, and proveCommittedBatchState unchanged so the test remains
clear and concise.
- Around line 591-631: Add failing-path tests for proveCommittedBatchState:
create tests that call rollup.proveCommittedBatchState with (1) a batch header
whose hash is not in committedBatches and assert the call reverts with the
committed-hash mismatch error, (2) a header whose derived index/hash does not
match the stored committed hash (use a mismatched prevStateRoot/postStateRoot or
a non-matching batchHeader produced by _createMatchingBatchHeader) and assert
revert, and (3) a scenario where the batch was finalized/pruned (finalizeBatch
then attempt proveCommittedBatchState) and assert the appropriate revert; reuse
setup helpers like _mockVerifierCall and _mockMessageQueueStalled and reference
functions proveCommittedBatchState, test_proveCommittedBatchState,
committedBatches, batchHeader1 to locate where to add these new tests.

---

ℹ️ Review info

Configuration used: defaults

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 1411a2f and a756c4e.

📒 Files selected for processing (1)

• contracts/contracts/test/Rollup.t.sol