Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

EVM: bn256ScalarMul precompile (0x07) does not behave correctly when scalar=0 #1639

Closed
raulk opened this issue Feb 4, 2023 · 2 comments
Closed

EVM: bn256ScalarMul precompile (0x07) does not behave correctly when scalar=0 #1639

raulk opened this issue Feb 4, 2023 · 2 comments
Assignees
@Stebalien @raulk
Labels
Kind: Bug Something isn't working Topic: EVM runtime
Milestone
M2.1 (r12) Carbon...

Comments

@raulk
Copy link
Member

raulk commented Feb 4, 2023
edited
Loading

Original report

https://filecoinproject.slack.com/archives/CRK2LKYHW/p1675441024104129

Investigation

Our implementation of the ecMul precompile attempts to place the result of the multiplication (zero) on the alt_bn128 curve, which fails with an EcErr(InvalidEncoding) error. Instead, we should successfully return zero. Other implementations return zero.

Note that according to EIP-196, where this precompile was introduced, zero is a valid scalar argument.

[INFO] Call Precompile:
	address: 0000000000000000000000000000000000000007
	context: PrecompileContext { call_type: StaticCall, gas_limit: 9484863179, value: 0 }
	input: 035cf447ec2f8f21e6ea3d49d80a4a823834b1a776ab1733731587613f5065f821c972c4e0c8eb2430171599b1f4900601fdb8f4b2d248d22ebefe3d5368a80000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
[WARN] Precompile failed: error EcErr(InvalidEncoding)

Separately, we should investigate why the input sent to this precompile is longer than it needs to be (appears to include zero padding of some kind)?

Repro

filecoin-project/builtin-actors#1164
@raulk raulk added Kind: Bug Something isn't working Topic: EVM runtime labels Feb 4, 2023
@raulk raulk mentioned this issue Feb 4, 2023
Merged
@raulk
Copy link
Member Author

raulk commented Feb 4, 2023

@Stebalien -- I am not well-versed in EC multiplication, so would appreciate your input. I'm not sure if it makes sense to shortcut and return 0 if the supplied point is valid and the scalar is zero.

@raulk raulk added this to the M2.1 (r12) Carbonado.3 milestone Feb 4, 2023
@raulk
Copy link
Member Author

raulk commented Feb 4, 2023

Can use fvm-bench to reproduce with the attached contract.

fvm-bench --debug -b /path/to/builtin-actors-devnet.car /path/to/contract/Verifier.bin 8d1b7790 022a7f1afab34be65c8e3a034965b60caf9a8436b92232996de95e923fde381d058dc56cbadb0554c7bb2123865f0daddb27fd63a9b5de5347c052826c189ab9108a4412e582b9d10963a8063b4219d1d6588e632dbb6d2acb5d31463736a68a2666e217cddcb57fff0f6e641d38c2279246c9bfaba6809d02973b79cfa51a360b9c89482cc1de94e5c9ad4d6214106ecf66cbb239ea5886fbb915e423635f2302be9912247410284dce15ebf6a14abb1f53d3fae33c32d55fe8d79ceef50a422e9f39bbdacd977b77a1506ebda3af11cf4d16578bfac139f181b43936d87d951fa58522f34c1d32a7bfbc97818fd7ff704200c13a8316eda0706c0482f02e31000000000000000000000000000000000000000000000000000000000000000115c083b836ce1ca2dab708fd6d18e760354073a5ca6f6373450f937ac98aeab505f0d9c162ad5420854a0e388051276bceabb3e2e4d3b7db388b85714d71531804c7311087b0d8c6f2d18114ac43d754ef8a19877767d3ff97af96192b369568152f5044240ef872cf7e6742fe202b9e07ed6188e9e734c09b069397048523582865441cd3e276643c84e55004ad259dff282c8c47c6e8c151afacdadf6f6db30000000000000000000000000000000087b9b4c689c2024c54d1bf962cb16bce000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000030000000000000000000000000000000000000000000000000000000000000012000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000

Verifier.bin.zip

pikachua7 added a commit to shannon-vaz/spacewarp-2023 that referenced this issue Feb 5, 2023
@pikachua7 @shannon-vaz
add workaround provided by Filecoin team for issue -
7ceafaf 
filecoin-project/ref-fvm#1639

Co-authored-by: Shannon Vaz <shannon-vaz@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@Stebalien Stebalien

@raulk raulk

Labels
Kind: Bug Something isn't working Topic: EVM runtime
Projects
None yet
Milestone
M2.1 (r12) Carbonado.3
Development

No branches or pull requests
2 participants
@Stebalien @raulk