Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add emergency stop and verifier router contracts for version management #80

Merged
merged 33 commits into from
May 10, 2024
Merged

Add emergency stop and verifier router contracts for version management #80

merged 33 commits into from
May 10, 2024

Conversation

nategraf
Copy link
Contributor

@nategraf nategraf commented Apr 24, 2024
edited
Loading

As we get ready to deploy RISC Zero verifiers to Ethewreum mainnet, we need a system to manage versions of the verifier contract and proof system. In particular, we need a way to respond to critical bugs, and we need a way to make upgraded versions of the proof system available to developers. Both mechanisms need to be opt-in so that applications can choose the solution that works best for their security model.

This PR implements a basic version management system, based around two new contracts:

  • RiscZeroVerifierEmergencyStop is a wrapper around a verifier contract that allows for the verifier to be shutdown if a critical bug is discovered.
  • RiscZeroVerifierRouter is a wrapper around a list of verifiers that allows new verifiers to be added to support proof system upgrades.

These are intended to be used together with an authorized multisig, and a TimelockController on addition of new verifiers.

This PR is currently marked as draft, as the verifier identifiers are not yet fully implemented in the risc0 codebase.

Also addresses #30 as part of a refactor to the IRiscZeroVerifier interface.

Related to risc0/risc0#1794, from which the verifier parameters have been bootstrapped.

@nategraf
add initial implementation of emergency stop
7fbcf55
@nategraf
add an initial version of RiscZeroVerifierMux
26aab9e
@nategraf
copy Strings2.sol into repo and remove murky submodule
faade93
@nategraf
add initial implementation of identifiers
0c83b61
@nategraf
add a couple more negative test cases
0c9a257
@nategraf
avoid copying seal to memory
1b047c2
@nategraf
rename PausableVerifier to RiscZeroVerifierEmergencyStop and add unpr…
2202552 
…iviledged estop
@nategraf
add first basic test of emergency stop
d100290
@nategraf
rearrange dependency declarations
bf6dace
@nategraf
more complete testing of emergency stop
8a1759d
@nategraf
run forge fmt
a11a18c
@nategraf
add generic methos to construct a happy-path receipt claim
c6324d1
@nategraf
add tests for mux and some minor refactors
e973463
@nategraf
take care of a couple of todos
bff6414
@nategraf
remove some TODOs
0fc3822
@nategraf
rename identifier to selector and add descriptions
b8f4c42
@nategraf
fix typo
1480cba
@nategraf
update verifier info encoding
2719746
@nategraf nategraf mentioned this pull request Apr 30, 2024
Closed
@nategraf nategraf mentioned this pull request May 7, 2024
Closed
@nategraf nategraf marked this pull request as ready for review May 7, 2024 23:01
@nategraf nategraf mentioned this pull request May 7, 2024
Merged
@nategraf nategraf requested a review from capossele May 7, 2024 23:09
@nategraf
Copy link
Contributor Author

nategraf commented May 7, 2024

@capossele, this is ready for review when you have a chance

@nategraf @pdg744
Apply suggestions from code review
9ed5601 
Co-authored-by: Paul <paul.gafni@gmail.com>
nategraf added a commit to risc0/risc0 that referenced this pull request May 8, 2024
@nategraf
Update Ethereum bootstrap to include selector and rename CONTROL_ID t…
7e5c06f 
…o CONTROL_ROOT (#1794)

Following up on #1764, this PR adds
the selector value to the encoded seal in `TestReceipt.sol` and renames
`CONTROL_ID` to `CONTROL_ROOT`, which is more accurate to what is
actually implemented.

Related to risc0/risc0-ethereum#80, where the
changes have been made to use the newly bootstrapped values.
@nategraf nategraf changed the title Add emergency stop and verifier multiplixer contracts for version management Add emergency stop and verifier router contracts for version management May 9, 2024
capossele
capossele approved these changes May 10, 2024
View reviewed changes
Copy link
Contributor

@capossele capossele left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Awesome man!

@nategraf nategraf enabled auto-merge (squash) May 10, 2024 17:38
@nategraf nategraf merged commit 1a5a48f into main May 10, 2024
8 of 9 checks passed
@nategraf nategraf deleted the victor/verifier-version-mgmt branch May 10, 2024 18:01
@nategraf nategraf mentioned this pull request May 10, 2024
Merged
nategraf added a commit that referenced this pull request May 11, 2024
@nategraf @pdg744
Add documentation for the contract version management solution (#107)
54ede0d 
This PR adds documentation describing the design of the verifier
contract version management solution implemented in
#80. It is intended to
provide detailed information to help security-minded application
developers make an informed decision about how to use the verifier
contracts.

---------

Co-authored-by: Paul <paul.gafni@gmail.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@pdg744 pdg744 pdg744 left review comments

@capossele capossele capossele approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@nategraf @pdg744 @capossele