Add entropy to memory state to protect privacy

[nategraf]

A Merkle root of the memory state is included in the ReceiptMetadata, and so is made public to the verifier. Without adding entropy, this leaks a commitment to the end memory state that may reveal information about the program state including inputs.

This PR adds 128 bits of entropy, provided by the host, to the memory state on guest initialization to prevent this privacy leakage.

[github-actions]

Benchmark for Linux-cuda 218ea35

Click to hide benchmark

Test	Base	PR	%
fib/100/execute	5.1±0.07ms	5.1±0.11ms	0.00%
fib/100/prove	867.5±0.68ms	760.6±0.58ms	-12.32%
fib/100/total	873.8±1.29ms	767.9±1.72ms	-12.12%
fib/1000/execute	5.6±0.05ms	5.6±0.10ms	0.00%
fib/1000/prove	891.4±0.89ms	796.5±0.57ms	-10.65%
fib/1000/total	897.6±1.38ms	800.6±0.91ms	-10.81%
fib/10000/execute	10.3±0.08ms	10.2±0.12ms	-0.97%
fib/10000/prove	3.3±0.01s	2.8±0.00s	-15.15%
fib/10000/total	3.4±0.02s	2.8±0.00s	-17.65%

Benchmark for Linux-default 218ea35

Click to hide benchmark

Test	Base	PR	%
fib/100/execute	7.8±1.31ms	6.8±0.46ms	-12.82%
fib/100/prove	5.1±0.03s	5.1±0.03s	0.00%
fib/100/total	5.1±0.02s	5.1±0.04s	0.00%
fib/1000/execute	7.9±0.51ms	7.9±0.49ms	0.00%
fib/1000/prove	5.2±0.01s	5.2±0.02s	0.00%
fib/1000/total	5.2±0.03s	5.1±0.02s	-1.92%
fib/10000/execute	14.0±1.29ms	13.2±0.48ms	-5.71%
fib/10000/prove	21.3±0.08s	21.2±0.08s	-0.47%
fib/10000/total	21.3±0.07s	21.3±0.13s	0.00%

Benchmark for macOS-default 218ea35

Click to hide benchmark

Test	Base	PR	%
fib/100/execute	2.7±0.15ms	2.7±0.13ms	0.00%
fib/100/prove	3.7±0.07s	3.7±0.10s	0.00%
fib/100/total	3.8±0.07s	3.7±0.03s	-2.63%
fib/1000/execute	2.9±0.10ms	2.9±0.14ms	0.00%
fib/1000/prove	3.7±0.06s	3.7±0.04s	0.00%
fib/1000/total	3.8±0.06s	3.7±0.06s	-2.63%
fib/10000/execute	5.2±0.11ms	5.0±0.07ms	-3.85%
fib/10000/prove	15.3±0.20s	15.3±0.15s	0.00%
fib/10000/total	15.3±0.10s	15.2±0.09s	-0.65%

Benchmark for macOS-metal

    <details open>
      <summary>Click to hide benchmark</summary>
      Benchmarks have changed between the two branches, unable to diff.
    </details>

[nategraf]

In 0339977, I did some refactoring to how SliceIo works to make it a bit more flexible. The direct purpose of this is to all hooking of SYS_RANDOM for testing this feature. Indirectly, I am hoping to make SliceIo more flexible so that it can be used to replace all the reasonable use-cases for Syscall.

I did not finish this refactor, but I need to sign off a bit early today, so I am committing it to this branch as is until I can return to it on Monday.

[flaub]

I'm actually heavily modifying SliceIo to make it work in a client/server context. At the moment I'd like for sys_random to remain separate because I have no plans of making random values come from the client.

[nategraf]

I'm actually heavily modifying SliceIo to make it work in a client/server context. At the moment I'd like for sys_random to remain separate because I have no plans of making random values come from the client.

Ok, I'll revert these changes and create another way to address the immediate need of writing a test for this feature.

[nategraf]

@flaub, in 8841c13 I made the Executor::syscall_table field have visibility pub(crate)to allow for overriding in the test. This is definitly the most direct path if it seems reasonable to you.

[github-actions]

Benchmark for Linux-cuda

    <details open>
      <summary>Click to hide benchmark</summary>
      Benchmarks have changed between the two branches, unable to diff.
    </details>

Benchmark for Linux-default 5b20bcd

Click to hide benchmark

Test	Base	PR	%
fib/100/execute	7.4±1.05ms	6.7±0.44ms	-9.46%
fib/100/prove	5.1±0.03s	5.1±0.03s	0.00%
fib/100/total	5.1±0.03s	5.1±0.03s	0.00%
fib/1000/execute	8.8±1.58ms	7.8±0.48ms	-11.36%
fib/1000/prove	5.2±0.03s	5.1±0.02s	-1.92%
fib/1000/total	5.2±0.03s	5.1±0.02s	-1.92%
fib/10000/execute	14.4±0.49ms	14.1±0.55ms	-2.08%
fib/10000/prove	21.4±0.10s	21.3±0.11s	-0.47%
fib/10000/total	21.3±0.08s	21.2±0.11s	-0.47%

Benchmark for macOS-default 5b20bcd

Click to hide benchmark

Test	Base	PR	%
fib/100/execute	2.7±0.10ms	2.7±0.14ms	0.00%
fib/100/prove	3.7±0.09s	3.6±0.07s	-2.70%
fib/100/total	3.7±0.07s	3.6±0.08s	-2.70%
fib/1000/execute	3.0±0.08ms	3.0±0.09ms	0.00%
fib/1000/prove	3.7±0.05s	3.7±0.07s	0.00%
fib/1000/total	3.7±0.07s	3.7±0.10s	0.00%
fib/10000/execute	6.0±0.08ms	5.8±0.05ms	-3.33%
fib/10000/prove	15.3±0.16s	15.2±0.09s	-0.65%
fib/10000/total	15.3±0.12s	15.2±0.14s	-0.65%

Benchmark for macOS-metal

    <details open>
      <summary>Click to hide benchmark</summary>
      Benchmarks have changed between the two branches, unable to diff.
    </details>

[github-actions]

Benchmark for Linux-cuda

    <details open>
      <summary>Click to hide benchmark</summary>
      Benchmarks have changed between the two branches, unable to diff.
    </details>

Benchmark for Linux-default 4607bad

Click to hide benchmark

Test	Base	PR	%
fib/100/execute	7.7±1.40ms	7.0±0.36ms	-9.09%
fib/100/prove	5.1±0.04s	5.1±0.03s	0.00%
fib/100/total	5.1±0.02s	5.1±0.02s	0.00%
fib/1000/execute	8.4±1.15ms	7.8±0.58ms	-7.14%
fib/1000/prove	5.2±0.04s	5.1±0.03s	-1.92%
fib/1000/total	5.2±0.03s	5.1±0.04s	-1.92%
fib/10000/execute	15.4±1.51ms	14.2±0.46ms	-7.79%
fib/10000/prove	21.2±0.07s	21.1±0.10s	-0.47%
fib/10000/total	21.1±0.05s	21.1±0.14s	0.00%

Benchmark for macOS-default 4607bad

Click to hide benchmark

Test	Base	PR	%
fib/100/execute	2.7±0.17ms	2.6±0.14ms	-3.70%
fib/100/prove	3.7±0.08s	3.7±0.05s	0.00%
fib/100/total	3.7±0.05s	3.7±0.07s	0.00%
fib/1000/execute	3.0±0.17ms	3.0±0.08ms	0.00%
fib/1000/prove	3.7±0.05s	3.7±0.05s	0.00%
fib/1000/total	3.7±0.06s	3.7±0.06s	0.00%
fib/10000/execute	5.8±0.08ms	5.8±0.10ms	0.00%
fib/10000/prove	15.3±0.10s	15.2±0.11s	-0.65%
fib/10000/total	15.3±0.15s	15.2±0.11s	-0.65%

Benchmark for macOS-metal 4607bad

Click to hide benchmark

Test	Base	PR	%
fib/100/execute	2.8±0.07ms	2.6±0.06ms	-7.14%
fib/100/prove	853.0±3.22ms	846.5±4.53ms	-0.76%
fib/100/total	880.8±5.97ms	872.8±6.60ms	-0.91%
fib/1000/execute	3.0±0.08ms	3.0±0.12ms	0.00%
fib/1000/prove	870.5±2.80ms	867.5±5.88ms	-0.34%
fib/1000/total	900.6±7.98ms	892.0±6.13ms	-0.95%
fib/10000/execute	5.8±0.16ms	5.8±0.05ms	0.00%
fib/10000/prove	3.3±0.01s	3.3±0.01s	0.00%
fib/10000/total	3.3±0.01s	3.3±0.01s	0.00%

[github-actions]

Benchmark for Linux-cuda 3548a14

Click to hide benchmark

Test	Base	PR	%
fib/100/execute	5.0±0.11ms	5.0±0.08ms	0.00%
fib/100/prove	887.9±1.17ms	777.3±6.34ms	-12.46%
fib/100/total	893.6±1.35ms	782.1±5.12ms	-12.48%
fib/1000/execute	5.7±0.10ms	5.5±0.10ms	-3.51%
fib/1000/prove	916.2±0.99ms	816.0±3.96ms	-10.94%
fib/1000/total	924.3±1.01ms	812.6±3.38ms	-12.08%
fib/10000/execute	12.1±0.09ms	11.3±0.11ms	-6.61%
fib/10000/prove	3.2±0.01s	2.8±0.00s	-12.50%
fib/10000/total	3.2±0.03s	2.9±0.00s	-9.38%

Benchmark for Linux-default 3548a14

Click to hide benchmark

Test	Base	PR	%
fib/100/execute	7.8±1.25ms	6.9±0.38ms	-11.54%
fib/100/prove	5.1±0.05s	5.1±0.05s	0.00%
fib/100/total	5.1±0.03s	5.1±0.04s	0.00%
fib/1000/execute	8.5±1.29ms	8.0±0.52ms	-5.88%
fib/1000/prove	5.2±0.02s	5.1±0.01s	-1.92%
fib/1000/total	5.2±0.02s	5.1±0.03s	-1.92%
fib/10000/execute	14.9±1.23ms	14.3±0.64ms	-4.03%
fib/10000/prove	21.4±0.11s	21.3±0.07s	-0.47%
fib/10000/total	21.3±0.14s	21.1±0.10s	-0.94%

Benchmark for macOS-default 3548a14

Click to hide benchmark

Test	Base	PR	%
fib/100/execute	2.8±0.13ms	2.7±0.13ms	-3.57%
fib/100/prove	3.7±0.05s	3.7±0.05s	0.00%
fib/100/total	3.7±0.03s	3.7±0.06s	0.00%
fib/1000/execute	3.0±0.05ms	3.0±0.13ms	0.00%
fib/1000/prove	3.7±0.07s	3.7±0.06s	0.00%
fib/1000/total	3.7±0.08s	3.7±0.07s	0.00%
fib/10000/execute	5.9±0.06ms	5.8±0.09ms	-1.69%
fib/10000/prove	15.3±0.21s	15.3±0.13s	0.00%
fib/10000/total	15.2±0.14s	15.2±0.12s	0.00%

Benchmark for macOS-metal

    <details open>
      <summary>Click to hide benchmark</summary>
      Benchmarks have changed between the two branches, unable to diff.
    </details>

[github-actions]

Benchmark for Linux-cuda

    <details open>
      <summary>Click to hide benchmark</summary>
      Benchmarks have changed between the two branches, unable to diff.
    </details>

Benchmark for Linux-default

    <details open>
      <summary>Click to hide benchmark</summary>
      Benchmarks have changed between the two branches, unable to diff.
    </details>

Benchmark for macOS-default bd84a65

Click to hide benchmark

Test	Base	PR	%
fib/100/execute	2.7±0.15ms	2.7±0.08ms	0.00%
fib/100/prove	3.7±0.06s	3.7±0.08s	0.00%
fib/100/total	3.7±0.06s	3.7±0.07s	0.00%
fib/1000/execute	3.0±0.16ms	3.0±0.12ms	0.00%
fib/1000/prove	3.7±0.07s	3.7±0.04s	0.00%
fib/1000/total	3.7±0.04s	3.7±0.07s	0.00%
fib/10000/execute	6.0±0.08ms	5.8±0.08ms	-3.33%
fib/10000/prove	15.3±0.08s	15.2±0.22s	-0.65%
fib/10000/total	15.3±0.09s	15.2±0.09s	-0.65%

Benchmark for macOS-metal bd84a65

Click to hide benchmark

Test	Base	PR	%
fib/100/execute	2.7±0.12ms	2.7±0.09ms	0.00%
fib/100/prove	856.0±4.13ms	853.1±7.27ms	-0.34%
fib/100/total	879.8±6.81ms	871.4±3.04ms	-0.95%
fib/1000/execute	3.0±0.04ms	3.0±0.16ms	0.00%
fib/1000/prove	871.1±4.22ms	866.2±6.24ms	-0.56%
fib/1000/total	901.1±4.59ms	894.8±5.81ms	-0.70%
fib/10000/execute	5.9±0.11ms	5.8±0.06ms	-1.69%
fib/10000/prove	3.3±0.01s	3.3±0.01s	0.00%
fib/10000/total	3.3±0.01s	3.3±0.01s	0.00%

[github-actions]

Benchmark for Linux-cuda 78d3695

Click to hide benchmark

Test	Base	PR	%
fib/100/execute	5.2±0.18ms	5.1±0.12ms	-1.92%
fib/100/prove	677.6±3.59ms	673.3±4.84ms	-0.63%
fib/100/total	685.1±3.29ms	678.0±3.85ms	-1.04%
fib/1000/execute	5.8±0.14ms	5.7±0.13ms	-1.72%
fib/1000/prove	709.7±2.79ms	706.5±3.81ms	-0.45%
fib/1000/total	716.8±3.78ms	713.3±4.25ms	-0.49%
fib/10000/execute	11.7±0.11ms	11.5±0.13ms	-1.71%
fib/10000/prove	3.2±0.01s	2.6±0.01s	-18.75%
fib/10000/total	3.2±0.02s	2.6±0.01s	-18.75%

Benchmark for Linux-default

    <details open>
      <summary>Click to hide benchmark</summary>
      Benchmarks have changed between the two branches, unable to diff.
    </details>

Benchmark for macOS-default 78d3695

Click to hide benchmark

Test	Base	PR	%
fib/100/execute	2.8±0.06ms	2.7±0.12ms	-3.57%
fib/100/prove	3.6±0.06s	3.6±0.05s	0.00%
fib/100/total	3.6±0.06s	3.6±0.05s	0.00%
fib/1000/execute	3.1±0.08ms	3.0±0.13ms	-3.23%
fib/1000/prove	3.6±0.09s	3.6±0.05s	0.00%
fib/1000/total	3.7±0.07s	3.7±0.05s	0.00%
fib/10000/execute	5.9±0.07ms	5.8±0.08ms	-1.69%
fib/10000/prove	15.0±0.15s	15.0±0.10s	0.00%
fib/10000/total	15.0±0.11s	15.0±0.15s	0.00%

Benchmark for macOS-metal 78d3695

Click to hide benchmark

Test	Base	PR	%
fib/100/execute	2.8±0.05ms	2.7±0.08ms	-3.57%
fib/100/prove	801.4±5.08ms	794.2±3.75ms	-0.90%
fib/100/total	826.3±5.71ms	814.5±3.94ms	-1.43%
fib/1000/execute	3.1±0.16ms	3.0±0.05ms	-3.23%
fib/1000/prove	818.6±6.15ms	816.3±4.65ms	-0.28%
fib/1000/total	845.6±4.90ms	838.7±2.27ms	-0.82%
fib/10000/execute	5.8±0.11ms	5.7±0.11ms	-1.72%
fib/10000/prove	3.1±0.01s	3.1±0.01s	0.00%
fib/10000/total	3.1±0.01s	3.1±0.01s	0.00%

[nategraf]

@jbruestle, if you have a moment to look at this (and approve if it looks good) that would be helpful. It's a very small change in terms of lines of code.

[github-actions]

Benchmark for Linux-cuda

    <details open>
      <summary>Click to hide benchmark</summary>
      Benchmarks have changed between the two branches, unable to diff.
    </details>

Benchmark for Linux-default

    <details open>
      <summary>Click to hide benchmark</summary>
      Benchmarks have changed between the two branches, unable to diff.
    </details>

Benchmark for macOS-default b4c4a33

Click to hide benchmark

Test	Base	PR	%
fib/100/execute	2.8±0.15ms	2.8±0.16ms	0.00%
fib/100/prove	3.7±0.04s	3.6±0.07s	-2.70%
fib/100/total	3.6±0.07s	3.6±0.05s	0.00%
fib/1000/execute	3.0±0.08ms	3.0±0.06ms	0.00%
fib/1000/prove	3.7±0.07s	3.6±0.05s	-2.70%
fib/1000/total	3.7±0.04s	3.6±0.05s	-2.70%
fib/10000/execute	5.9±0.08ms	5.7±0.16ms	-3.39%
fib/10000/prove	15.0±0.08s	15.0±0.09s	0.00%
fib/10000/total	15.1±0.13s	15.0±0.07s	-0.66%

Benchmark for macOS-metal b4c4a33

Click to hide benchmark

Test	Base	PR	%
fib/100/execute	2.8±0.06ms	2.8±0.17ms	0.00%
fib/100/prove	798.6±4.28ms	798.3±4.52ms	-0.04%
fib/100/total	823.1±5.04ms	819.5±4.71ms	-0.44%
fib/1000/execute	3.1±0.05ms	3.0±0.05ms	-3.23%
fib/1000/prove	816.1±6.60ms	813.8±4.37ms	-0.28%
fib/1000/total	842.8±5.29ms	840.0±6.93ms	-0.33%
fib/10000/execute	5.9±0.14ms	5.8±0.07ms	-1.69%
fib/10000/prove	3.1±0.01s	3.1±0.01s	0.00%
fib/10000/total	3.1±0.01s	3.1±0.02s	0.00%

[github-actions]

Benchmark for Linux-cuda

    <details open>
      <summary>Click to hide benchmark</summary>
      Benchmarks have changed between the two branches, unable to diff.
    </details>

Benchmark for Linux-default ece56a5

Click to hide benchmark

Test	Base	PR	%
fib/100/execute	6.8±1.61ms	4.7±0.14ms	-30.88%
fib/100/prove	3.9±1.19s	2.4±0.49s	-38.46%
fib/100/total	2.3±0.36s	1882.0±146.35ms	-18.17%
fib/1000/execute	5.5±0.55ms	5.3±0.04ms	-3.64%
fib/1000/prove	2.5±0.26s	2.4±0.32s	-4.00%
fib/1000/total	2.5±0.28s	1956.7±195.49ms	-21.73%
fib/10000/execute	9.7±0.13ms	9.7±0.11ms	0.00%
fib/10000/prove	7.4±0.27s	6.9±0.20s	-6.76%
fib/10000/total	7.4±0.57s	7.1±0.30s	-4.05%

Benchmark for macOS-default

    <details open>
      <summary>Click to hide benchmark</summary>
      Benchmarks have changed between the two branches, unable to diff.
    </details>

Benchmark for macOS-metal ece56a5

Click to hide benchmark

Test	Base	PR	%
fib/100/execute	2.8±0.12ms	2.8±0.21ms	0.00%
fib/100/prove	804.1±7.17ms	795.8±5.79ms	-1.03%
fib/100/total	824.2±5.83ms	817.2±3.86ms	-0.85%
fib/1000/execute	3.0±0.09ms	3.0±0.07ms	0.00%
fib/1000/prove	818.7±5.52ms	817.2±4.35ms	-0.18%
fib/1000/total	842.6±5.18ms	840.3±6.59ms	-0.27%
fib/10000/execute	5.8±0.12ms	5.8±0.10ms	0.00%
fib/10000/prove	3.1±0.01s	3.1±0.01s	0.00%
fib/10000/total	3.1±0.01s	3.1±0.01s	0.00%