feat(prover): upgrade SP1 from v5.2.4 to v6.2.0

[chengwenxi]

Summary

• Upgrade SP1 zkVM dependencies (sp1-sdk, sp1-zkvm, sp1-verifier) from v5.2.4 to v6.2.0
• Migrate all prover call sites to SP1 v6's fully-async API
• Update precompile patch tags (k256, p256, bls12_381) to v6.2.0 variants
• Remove deprecated patches (sha2, sha3, substrate-bn) that are no longer needed in v6

Dependency changes

Package	Before	After
sp1-sdk / sp1-zkvm / sp1-verifier	v5.2.4	v6.2.0
k256 patch	patch-k256-13.4-sp1-5.0.0	patch-k256-13.4-sp1-6.2.0
p256 patch	patch-p256-13.2-sp1-5.0.0	patch-p256-13.2-sp1-6.2.0
bls12_381 patch	branch=main	tag=patch-0.8.0-sp1-6.2.0
cfg-if	1.0.0	1.0.4
sha2 / sha3 / bn patches	present	removed (not needed in v6)

API migration

SP1 v6 moves to a fully-async model. Key changes:

// v5 (sync)
let client = ProverClient::builder().cpu().build();
let (pk, vk) = client.setup(elf);
let (vals, report) = client.execute(elf, &stdin).run()?;
let proof = client.prove(&pk, &stdin).plonk().run()?;
client.verify(&proof, &vk)?;

// v6 (async)
let client = ProverClient::builder().cpu().build().await;
let pk = client.setup(Elf::Static(elf)).await?;
let vk = pk.verifying_key();
let (vals, report) = client.execute(Elf::Static(elf), stdin).await?;
let proof = client.prove(&pk, stdin).plonk().await?;
client.verify(&proof, vk, None)?;

• BatchProver::default() replaced with BatchProver::new().await
• Prover::new() in the server queue made async
• #[tokio::main] added to test host binaries; tokio with macros feature added to their Cargo.toml

Notes

• protoc (protobuf compiler) is now a build-time requirement for SP1 v6. Install via brew install protobuf on macOS.
• Cargo.lock updated to resolve transitive dependency conflicts (libc ≥ 0.2.180, rustc_version ≥ 0.4.1).

Test plan

• cargo check --workspace --features local passes cleanly
• Run morph-prove binary with --devnet flag to verify execution path
• Run morph-prove binary with --prove flag to verify proof generation

🤖 Generated with Claude Code

Summary by CodeRabbit

• Chores
  • Upgraded SP1 SDK to v6.2.0, bumped dependencies, and enabled Tokio features across crates; migrated prover binaries and server to async/await.
• Tests
  • Converted host and unit tests to async Tokio runtimes and updated test harnesses to async proving/verification.
• Contracts
  • Updated on-chain verifier contracts and local verifier constants to accept the new proof layout and expanded public-input shape.
• Documentation
  • README updated for SP1 v6 setup and Docker build instructions.

[claude]

Claude Code Review

This repository is configured for manual code reviews. Comment @claude review to trigger a review and subscribe this PR to future pushes, or @claude review once for a one-time review.

_{Tip: disable this comment in your organization's Code Review settings.}

[coderabbitai]

Note

Reviews paused

It looks like this branch is under active development. To avoid overwhelming you with review comments due to an influx of new commits, CodeRabbit has automatically paused this review. You can configure this behavior by changing the reviews.auto_review.auto_pause_after_reviewed_commits setting.

Use the following commands to manage reviews:

• @coderabbitai resume to resume automatic reviews.
• @coderabbitai review to trigger a single review.

Use the checkboxes below for quick actions:

• ▶️ Resume reviews
• 🔍 Trigger review

📝 Walkthrough

Walkthrough

This PR upgrades on-chain and local PLONK verifier constants and changes SP1 verifier proof parsing: proofs now include exitCode, vkRoot, and nonce, public-inputs expand to five elements, vk root is validated, and Verify is invoked on a shifted proof slice; related verifier constants are updated accordingly.

Changes

Verifier constants and SP1 verify flow

Layer / File(s)	Summary
PLONK verifier constant blocks prover/contracts/src/PlonkVerifier.sol, prover/bin/shadow-prove/contracts/src/libs/PlonkVerifier.sol, contracts/contracts/libraries/verifier/PlonkVerifier.sol	Replaced hardcoded PLONK verifying-key parameter blocks: VK_NB_PUBLIC_INPUTS, VK_DOMAIN_SIZE, VK_INV_DOMAIN_SIZE, VK_OMEGA, commitment coordinates (VK_QL_COM..VK_QK_COM), SRS VK_S1/S2/S3 constants, VK_QCP_0, and VK_INDEX_COMMIT_API_0.
SP1Verifier: proof parsing, inputs, and vk root checks contracts/contracts/libraries/verifier/SP1VerifierPlonk.sol, prover/contracts/src/SP1VerifierPlonk.sol, prover/bin/shadow-prove/contracts/src/libs/SP1VerifierPlonk.sol	Adds errors InvalidExitCode/InvalidVkRoot, updates VERSION() and VERIFIER_HASH(), implements VK_ROOT(), parses exitCode, vkRoot, nonce from proofBytes, requires exitCode == 0 and vkRoot == VK_ROOT(), expands inputs from 2→5, and forwards proofBytes[100:] to this.Verify.

Sequence Diagram

sequenceDiagram
  participant Caller
  participant SP1Verifier
  participant PlonkVerifier
  Caller->>SP1Verifier: verifyProof(programVKey, publicValues, proofBytes)
  SP1Verifier->>SP1Verifier: parse exitCode, vkRoot, nonce, publicValuesDigest
  SP1Verifier->>SP1Verifier: require(exitCode == 0) / require(vkRoot == VK_ROOT())
  SP1Verifier->>PlonkVerifier: this.Verify(proofBytes[100:], inputs[5])
  PlonkVerifier-->>SP1Verifier: verification result
  SP1Verifier-->>Caller: valid/invalid or revert with InvalidExitCode/InvalidVkRoot/InvalidProof

Loading

Estimated code review effort

🎯 4 (Complex) | ⏱️ ~45 minutes

Possibly related PRs

• morph-l2/morph#819: Updates the same programVkey fields in deployment configs.
• morph-l2/morph#895: Also changes programVkey values across deploy-config files.
• morph-l2/morph#821: Overlaps on server queue/proof processing changes related to prover initialization and proving loop.

Suggested reviewers

• Web3Jumb0
• anylots

Poem

🐰 Hopping through bytes and a verifier's song,

I parse exit codes and check vk roots strong,
Five inputs now dance where once there were two,
Proofs slice forward, contracts sing anew,
Tiny paws applaud — the on-chain hops along.

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 71.43% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The PR title clearly and concisely describes the main objective: upgrading SP1 from v5.2.4 to v6.2.0, which is the primary change across the codebase.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch feat/upgrade-sp1-to-v6

Tip

💬 Introducing Slack Agent: The best way for teams to turn conversations into code.

Slack Agent is built on CodeRabbit's deep understanding of your code, so your team can collaborate across the entire SDLC without losing context.

• Generate code and open pull requests
• Plan features and break down work
• Investigate incidents and troubleshoot customer tickets together
• Automate recurring tasks and respond to alerts with triggers
• Summarize progress and report instantly

Built for teams:

• Shared memory across your entire org—no repeating context
• Per-thread sandboxes to safely plan and execute work
• Governance built-in—scoped access, auditability, and budget controls

One agent for your entire SDLC. Right inside Slack.

👉 Get started

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 3

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@prover/bin/host/src/lib.rs`:
- Around line 41-42: BatchProver::new currently panics via expect during prover
initialization; change its signature from pub async fn new() -> Self to pub
async fn new() -> Result<Self, E> (choose an appropriate error type or Box<dyn
Error>) and remove all expect calls around creating prover_client and the
subsequent initialization (the blocks that create/await prover_client and the
later 56-61 expect usages); instead propagate errors using ? (or map_err to your
chosen error) so callers can handle/retry, and update any call sites to handle
the Result. Ensure you reference and modify the prover_client construction and
any other expect-wrapped operations inside BatchProver::new to return errors
rather than panic.

In `@prover/bin/server/src/server.rs`:
- Line 90: The current startup unconditionally unwraps
Prover::new(Arc::clone(&PROVE_QUEUE)).await which will panic on failure; change
this to handle the Result from Prover::new instead of unwrap: call
Prover::new(...).await, match or if let Err(e) for the error case, log the error
with the app logger (e.g., tracing::error or processLogger) including the error
details and then follow a controlled failure path (exit with a non-zero code or
trigger a retry/backoff loop) and on Ok(p) assign to the mutable prover
variable; reference symbols: Prover::new, PROVE_QUEUE, and the prover binding so
you can locate and replace the unwrap.

In `@prover/tests/algebra/host/src/main.rs`:
- Around line 77-88: The test test_verify_plonk currently builds keys but never
asserts proof validity; update the test to produce a proof and call the verifier
using the generated proving key/verification key: after creating client and pk
(via ProverClient::from_env().await and
client.setup(Elf::Static(dev_elf)).await.unwrap()) use the prover API to create
a proof (e.g., call the method that generates a proof using pk or a Prover
struct), then call the verification method with vk (pk.verifying_key()) or the
client.verify API and assert the result is true (or unwrap/expect on
verification success) so the test fails when proofs are invalid. Ensure the new
calls are awaited and any errors are unwrapped/expect()-ed to fail the test on
invalid proofs.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 0d49c927-665b-470b-8692-b1d8fa0e602f

📥 Commits

Reviewing files that changed from the base of the PR and between 58c70f9 and ce1e59a.

⛔ Files ignored due to path filters (1)

• prover/Cargo.lock is excluded by !**/*.lock

📒 Files selected for processing (16)

• prover/Cargo.toml
• prover/bin/host/Cargo.toml
• prover/bin/host/src/lib.rs
• prover/bin/host/src/main.rs
• prover/bin/host/src/vkey.rs
• prover/bin/server/src/queue.rs
• prover/bin/server/src/server.rs
• prover/tests/algebra/host/Cargo.toml
• prover/tests/algebra/host/src/main.rs
• prover/tests/bls12381/client/Cargo.toml
• prover/tests/bls12381/host/Cargo.toml
• prover/tests/bls12381/host/src/main.rs
• prover/tests/keccak256/host/Cargo.toml
• prover/tests/keccak256/host/src/main.rs
• prover/tests/zstd/host/Cargo.toml
• prover/tests/zstd/host/src/main.rs