feat(tee-proof-verifier): add support for Solidity-compatible pubkey in report_data #240
+897
−130
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
pbeza
changed the base branch from
pab/solidity-compatible-pubkey-in-report-data
to
main
pbeza
force-pushed
the
pab/solidity-compatible-offchain-proof-verifier
branch
2 times, most recently
from
97a37fd to
5ac5999
Compare
pbeza
changed the base branch from
main
to
pab/solidity-compatible-pubkey-in-report-data
pbeza
force-pushed
the
pab/solidity-compatible-offchain-proof-verifier
branch
4 times, most recently
from
c7be253 to
cd9ba04
Compare
…in report_data This PR is part of the effort to implement on-chain TEE proof verification. This PR goes hand in hand with: - matter-labs/zksync-era#3414 - #228
pbeza
force-pushed
the
pab/solidity-compatible-offchain-proof-verifier
branch
from
cd9ba04 to
bdb213c
Compare
…action-30.x chore(deps): update cachix/install-nix-action action to v30
Signed-off-by: Harald Hoyer <harald@matterlabs.dev>
fix(teepot-tee-quote-verification-rs): memory leak
Free the FFI collateral on rust checks anyway to prevent memory leaks. Also remove the `TryFrom<&sgx_ql_qve_collateral_t>` as it is unsafe. Signed-off-by: Harald Hoyer <harald@matterlabs.dev>
fix(teepot-tee-quote-verification-rs): free collateral on ffi error
4 tasks
Signed-off-by: Harald Hoyer <harald@matterlabs.dev>
feat(tdx): add nix build for TDX google VMs
Signed-off-by: Harald Hoyer <harald@matterlabs.dev>
feat(tee-key-preexec): add test container for tee-key-preexec
…le-offchain-proof-verifier
|
Closing in favor of #251. |
github-merge-queue bot
pushed a commit
to matter-labs/zksync-era
that referenced
this pull request
Feb 17, 2025
## What ❔ This PR is part of the effort to implement on-chain TEE proof verification. Signatures produced by the TEE Prover are now compatible with the on-chain verifier that uses the `ecrecover` precompile. ## Why ❔ Until now, we've been using _non-recoverable_ signatures in the TEE prover with a compressed ECDSA public key in each attestation – it was compressed because there are only 64 bytes available in the report attestation quote. That worked fine for off-chain proof verification, but for on-chain verification, it's better to use the Ethereum address derived from the public key so we can call `ecrecover` in Solidity to verify the signature. This PR goes hand in hand with: - matter-labs/teepot#228 - matter-labs/teepot#240 - matter-labs/teepot#245 ## Checklist - [x] PR title corresponds to the body of PR (we generate changelog entries from PRs). - [x] Tests for the changes have been added / updated. - [ ] Documentation comments have been added / updated. - [x] Code has been formatted via `zkstack dev fmt` and `zkstack dev lint`. --------- Signed-off-by: Harald Hoyer <harald@matterlabs.dev> Co-authored-by: Harald Hoyer <harald@matterlabs.dev>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR is part of the effort to implement on-chain TEE proof verification. This PR goes hand in hand with: