updating verify proof range to handle empty proof keys #1901
Conversation
Codecov ReportAttention: Patch coverage is
Additional details and impacted files@@ Coverage Diff @@
## main #1901 +/- ##
==========================================
- Coverage 75.48% 75.26% -0.22%
==========================================
Files 97 97
Lines 8341 8655 +314
==========================================
+ Hits 6296 6514 +218
- Misses 1517 1566 +49
- Partials 528 575 +47 ☔ View full report in Codecov by Sentry. |
rianhughes
force-pushed
the
rianhughes/proof-range-test
branch
2 times, most recently
from
db9bf2c
to
66e7d38
Compare
rianhughes
force-pushed
the
rianhughes/proof-range-test
branch
from
0bbda08
to
21f9453
Compare
core/trie/proof.go
Outdated
| // It will contain the hashes of the children along the path, but only the key of the children | ||
| // along the path. The final node must contain the hash of the leaf if the leaf is set. | ||
| // It will not contain the leaf node even if it is set. | ||
| func ProofToPath(proofNodes []ProofNode, leafKey *Key, hashF hashFunc) ([]StorageNode, error) { |
There was a problem hiding this comment.
The code is much more readable 🎉 Great job!
Now, I cannot understand what is written in the fn's comment.
So we are given proofNodes and constructing storageNodes following along the path to the single leaf node specified by given leafKey.
These storageNodes will have hashes of the children and keys? - not get this "but only the key of the children along the path".
Also: "The final node must contain the hash of the leaf ..." - which node is the final node, root or the nodes at the bottom of the trie 🤔
And: "It will not contain the leaf node even if it is set."
Hmm, the leaf is set because we have the leafKey right? Also the leaf node refers to the storageNodes we are constructing here.
Can you please try to improve this comment?
There was a problem hiding this comment.
These storageNodes will have hashes of the children and keys? - not get this "but only the key of the children along the path".
The storageNodes will have the hashes of the children, but only the key of the child along the path outlined by the proof.
Also: "The final node must contain the hash of the leaf ..." - which node is the final node, root or the nodes at the bottom of the trie 🤔
Ah sorry, this is a confusing sentence. I was just trying to comment that we don't include the leaf node in the generated storage nodes. But if the path outlined by the proof leads the whole way to the leaf, and the leaf is set, then we should include it's hash. (This is kind of redundant given the above sentence)
Hmm, the leaf is set because we have the leafKey right?
Nope. The Key that the proof node points to may not be set, but we can still have the key.
Also the leaf node refers to the storageNodes we are constructing here.
Yup
There was a problem hiding this comment.
I've updated the comment
core/trie/proof.go
Outdated
| parentBinary := parent.Binary | ||
| return parentBinary.LeftHash, parentBinary.RightHash | ||
| } else { | ||
| parentBinary := proofNodes[parentInd+1].Binary |
There was a problem hiding this comment.
Don't we need ro check that proofNodes[parentInd+1].Binary != nil as we did with the previous node?
also parentInd+1 < len(proofNodes) 🤔
Maybe we should assign the parent and have a single return:
parent := &proofNodes[parentInd]
if parent.Binary == nil {
parent := &proofNodes[parentInd+1]
}
return parent.Binary.LeftHash, parent.Binary.RightHash
There was a problem hiding this comment.
Don't we need ro check that proofNodes[parentInd+1].Binary != nil as we did with the previous node?
Nope, if proofNode[i] is an edge then we know proofNode[i+1] is Binary (it's not possible for an edge node to follow an edge node).
Maybe we should assign the parent and have a single return
Yup, this is much nicer!
parentInd+1 < len(proofNodes)
Good point. Let me think about that
There was a problem hiding this comment.
parentInd+1 < len(proofNodes)
I added a check for this
| // and therefore it's hash won't match the expected root. | ||
| // ref: https://github.com/ethereum/go-ethereum/blob/v1.14.3/trie/proof.go#L484 | ||
| func VerifyRangeProof(root *felt.Felt, keys, values []*felt.Felt, proofKeys [2]*Key, proofValues [2]*felt.Felt, | ||
| proofs [2][]ProofNode, hash hashFunc, |
There was a problem hiding this comment.
What is proofKeys and proofValues? What is the difference from proofs?
There was a problem hiding this comment.
Proofs are the set of nodes from the root to the boundary / proof keys and values
There was a problem hiding this comment.
I explicitly labelled the proof keys and values for clarity (I find this is a bit easier to understand than placing the proof key as the first element in keys iff the proof key has actually been set - like seems to be done in geth)
There was a problem hiding this comment.
Still not quite sure... In geth code, the firstKey parameter I'm guessing is there because the left proof should be generated based on the start key query (not actual first leaf that exist). Thats a little nuances.. No idea where proofKeys and proofValues come from. Remember, only one proof array, which in geth case is added like here https://github.com/ethereum/go-ethereum/blob/master/eth/protocols/snap/sync.go#L2816. The proof is like a bundle of nodes data, no idea which node is located where (the key). You only know the state root, and iterate from there to recalculate the path, well, at least nethermind do it that way..
There was a problem hiding this comment.
the left proof should be generated based on the start key query (not actual first leaf that exist)
Currently the left proof key would just correspond to the start key query. And the last proofKey would correspond to the end key query. Similarly with the proof Values (which can be nil if they don't exist)
Remember, only one proof array, ..
Yup, but that should be a simple matter of merging the proof nodes into a single array, and then splitting them again, right? I've opened an issue for this
There was a problem hiding this comment.
Also, regarding there only being a single proof, geth does store the proof nodes in a key-value database, but I believe there are two boundary proofs, which you can see here. I've kept them separate for clarity.
Afaiu, when there are key-value pairs to the left and right of the given range we need two boundary proofs. This is because we need to compute the correct shape of the sub-trie, and store the relevant hashes so that we can recompute the root hash for that range / sub trie. Having only a single boundary proof would no allow us to do this.
| } | ||
|
|
||
| leftHashB := n.LeftHash.Bytes() | ||
| wrote, err = buf.Write(leftHashB[:]) |
There was a problem hiding this comment.
This seems like an encoding change. Is this intended?
There was a problem hiding this comment.
Yes, I figured it made sense to store the LeftHash and RightHash fields in the node type
|
@asdacap, @pnowosie in geth, the VerifyRangeProof executes the verification logic, but also logic to determine if there are more leaves to the right (see here). Imo it would be neater to separate these out into two different functions, hence why I didn't insert it in this implementation of VerifyRangeProof. What are your thoughts? |
|
You can separate them internally if you want. But at high level, I think its easier to combine them, otherwise, need to pass the keys of proof explicitly, which is implementation details IMO. |
This PR implements VerifyRangeProof.
It builds on an old PR (1873) which didn't handle empty proof keys, hence the name of this PR.
closes #1895
replaces / closes: #1873