scroll-tech · lispc · Feb 21, 2023 · Feb 20, 2023 · Feb 20, 2023 · Feb 20, 2023
diff --git a/zkevm-circuits/src/tx_circuit.rs b/zkevm-circuits/src/tx_circuit.rs
@@ -10,15 +10,15 @@ use crate::evm_circuit::util::constraint_builder::BaseConstraintBuilder;
 use crate::table::{KeccakTable, LookupTable, RlpTable, TxFieldTag, TxTable};
 #[cfg(not(feature = "enable-sign-verify"))]
 use crate::tx_circuit::sign_verify::pub_key_hash_to_address;
-use crate::util::{random_linear_combine_word as rlc, SubCircuit, SubCircuitConfig};
+use crate::util::{keccak, random_linear_combine_word as rlc, SubCircuit, SubCircuitConfig};
 use crate::witness;
 use crate::witness::{RlpDataType, RlpTxTag, Transaction};
 use bus_mapping::circuit_input_builder::keccak_inputs_sign_verify;
 #[cfg(not(feature = "enable-sign-verify"))]
 use eth_types::sign_types::{pk_bytes_le, pk_bytes_swap_endianness};
 use eth_types::{
     sign_types::SignData,
-    {Field, ToLittleEndian, ToScalar},
+    ToAddress, {Field, ToLittleEndian, ToScalar},
 };
 #[cfg(not(feature = "enable-sign-verify"))]
 use ethers_core::utils::keccak256;
@@ -1675,6 +1675,31 @@ impl<F: Field> SubCircuit<F> for TxCircuit<F> {
             .collect::<Result<Vec<SignData>, Error>>()?;
 
         config.load_aux_tables(layouter)?;
+
+        // check if tx.caller_address == recovered_pk
+        let recovered_pks = keccak_inputs_sign_verify(&sign_datas)
+            .into_iter()
+            .enumerate()
+            .filter(|(idx, _)| {
+                // each sign_data produce two inputs for hashing
+                // pk -> pk_hash, msg -> msg_hash
+                idx % 2 == 0
+            })
+            .map(|(_, input)| input)
+            .collect::<Vec<_>>();
+
+        for (pk, tx) in recovered_pks.into_iter().zip(self.txs.iter()) {
+            let pk_hash = keccak(&pk);
+            let address = pk_hash.to_address();
+            if address != tx.caller_address {
+                log::error!(
+                    "pk address from sign data {:?} does not match the one from tx address {:?}",
+                    address,
+                    tx.caller_address
+                )
+            }
+        }
+
         #[cfg(feature = "enable-sign-verify")]
         {
             let assigned_sig_verifs =

diff --git a/zkevm-circuits/src/tx_circuit/sign_verify.rs b/zkevm-circuits/src/tx_circuit/sign_verify.rs
@@ -386,8 +386,8 @@ impl<F: Field> SignVerifyChip<F> {
         // it is fine to use a phase 1 gate here
         let (_pk, _, address) = ecdsa_chip.range.gate.inner_product(
             ctx,
-            &powers_of_256_cells[0..20].to_vec(),
-            &pk_hash_cells[12..].to_vec(),
+            &powers_of_256_cells[..20].to_vec(),
+            &pk_hash_cells[..20].to_vec(),
         )?;
 
         let is_address_zero = ecdsa_chip.range.is_equal(