refactor: update the default sign_data (#560)

* refactor: update the default sign_data

* clean keccak_inputs_tx_circuit

* chore: clippy fix

* add sanity check

* fix

---------

Co-authored-by: Rohit Narurkar <rohit.narurkar@protonmail.com>

Author: kunxian-xia

bus-mapping/src/circuit_input_builder.rs

@@ -30,11 +30,7 @@ use eth_types::{
     evm_types::OpcodeId,
     geth_types,
     sign_types::{pk_bytes_le, pk_bytes_swap_endianness, SignData},
-    Address, GethExecStep, GethExecTrace, ToBigEndian, ToWord, Word, H256, U256,
-};
-use ethers_core::{
-    k256::ecdsa::SigningKey,
-    types::{Bytes, Signature, TransactionRequest},
+    Address, GethExecStep, GethExecTrace, ToBigEndian, ToWord, Word, H256,
 };
 use ethers_providers::JsonRpcClient;
 pub use execution::{
@@ -44,6 +40,7 @@ pub use execution::{
 };
 use hex::decode_to_slice;
 
+use eth_types::sign_types::get_dummy_tx;
 use ethers_core::utils::keccak256;
 pub use input_state_ref::CircuitInputStateRef;
 use itertools::Itertools;
@@ -692,45 +689,16 @@ pub fn keccak_inputs(block: &Block, code_db: &CodeDB) -> Result<Vec<Vec<u8>>, Er
 /// signature datas.
 pub fn keccak_inputs_sign_verify(sigs: &[SignData]) -> Vec<Vec<u8>> {
     let mut inputs = Vec::new();
-    for sig in sigs {
+    let dummy_sign_data = SignData::default();
+    for sig in sigs.iter().chain(iter::once(&dummy_sign_data)) {
         let pk_le = pk_bytes_le(&sig.pk);
         let pk_be = pk_bytes_swap_endianness(&pk_le);
         inputs.push(pk_be.to_vec());
         inputs.push(sig.msg.to_vec());
     }
-    // Padding signature
-    let pk_le = pk_bytes_le(&SignData::default().pk);
-    let pk_be = pk_bytes_swap_endianness(&pk_le);
-    inputs.push(pk_be.to_vec());
     inputs
 }
 
-/// Generate a dummy pre-eip155 tx in which
-/// (nonce=0, gas=0, gas_price=0, to=0, value=0, data="")
-/// using the dummy private key = 1
-pub fn get_dummy_tx() -> (TransactionRequest, Signature) {
-    let mut sk_be_scalar = [0u8; 32];
-    sk_be_scalar[31] = 1_u8;
-
-    let sk = SigningKey::from_bytes(&sk_be_scalar).expect("sign key = 1");
-    let wallet = ethers_signers::Wallet::from(sk);
-
-    let tx = TransactionRequest::new()
-        .nonce(0)
-        .gas(0)
-        .gas_price(U256::zero())
-        .to(Address::zero())
-        .value(U256::zero())
-        .data(Bytes::default());
-    let sighash: H256 = keccak256(tx.rlp_unsigned()).into();
-
-    // FIXME: need to check if this is deterministic which means sig is fixed.
-    let sig = wallet.sign_hash(sighash);
-    assert_eq!(sig.v, 28);
-
-    (tx, sig)
-}
-
 /// Get the tx hash of the dummy tx (nonce=0, gas=0, gas_price=0, to=0, value=0,
 /// data="")
 pub fn get_dummy_tx_hash() -> H256 {
@@ -857,16 +825,6 @@ pub fn keccak_inputs_tx_circuit(txs: &[geth_types::Transaction]) -> Result<Vec<V
     let sign_verify_inputs = keccak_inputs_sign_verify(&sign_datas);
     inputs.extend_from_slice(&sign_verify_inputs);
 
-    // Since the SignData::default() already includes pk = [1]G which is also the
-    // one that we use in get_dummy_tx, so we only need to include the tx sign
-    // hash of the dummy tx.
-    let dummy_sign_input = {
-        let (dummy_tx, _) = get_dummy_tx();
-        // dummy tx is of type pre-eip155
-        dummy_tx.rlp_unsigned().to_vec()
-    };
-    inputs.push(dummy_sign_input);
-
     Ok(inputs)
 }
 

eth-types/src/sign_types.rs

@@ -1,8 +1,13 @@
 //! secp256k1 signature types and helper functions.
 
-use crate::{ToBigEndian, Word};
+use crate::{
+    address,
+    geth_types::{Transaction, TxType},
+    word, ToBigEndian, Word, H256,
+};
 use ethers_core::{
-    types::{Address, Bytes},
+    k256::ecdsa::SigningKey,
+    types::{Address, Bytes, Signature, TransactionRequest, U256},
     utils::keccak256,
 };
 use halo2_proofs::{
@@ -18,7 +23,6 @@ use halo2_proofs::{
 };
 use lazy_static::lazy_static;
 use num_bigint::BigUint;
-use sha3::{Digest, Keccak256};
 use subtle::CtOption;
 
 /// Do a secp256k1 signature with a given randomness value.
@@ -61,6 +65,39 @@ pub struct SignData {
     pub msg_hash: secp256k1::Fq,
 }
 
+/// Generate a dummy pre-eip155 tx in which
+/// (nonce=0, gas=0, gas_price=0, to=0, value=0, data="")
+/// using the dummy private key = 1
+pub fn get_dummy_tx() -> (TransactionRequest, Signature) {
+    let mut sk_be_scalar = [0u8; 32];
+    sk_be_scalar[31] = 1_u8;
+
+    let sk = SigningKey::from_bytes(&sk_be_scalar).expect("sign key = 1");
+    let wallet = ethers_signers::Wallet::from(sk);
+
+    let tx = TransactionRequest::new()
+        .nonce(0)
+        .gas(0)
+        .gas_price(U256::zero())
+        .to(Address::zero())
+        .value(U256::zero())
+        .data(Bytes::default());
+    let sighash: H256 = keccak256(tx.rlp_unsigned()).into();
+
+    let sig = wallet.sign_hash(sighash);
+    assert_eq!(sig.v, 28);
+    assert_eq!(
+        sig.r,
+        word!("4faabf49beea23083894651a6f34baaf3dc29b396fb5baf8b8454773f328df61")
+    );
+    assert_eq!(
+        sig.s,
+        word!("0x75ae2dd5e4e688c9dbc6db7e75bafcb04ea141ca20332be9809a444d541272c1")
+    );
+
+    (tx, sig)
+}
+
 impl SignData {
     /// Recover address of the signature
     pub fn get_addr(&self) -> Address {
@@ -74,37 +111,24 @@ impl SignData {
 }
 
 lazy_static! {
-    // FIXME: use Transaction::dummy().sign_data() instead when we merged the develop branch
+    /// This is the sign data of default padding tx
     static ref SIGN_DATA_DEFAULT: SignData = {
-        let generator = Secp256k1Affine::generator();
-        let sk = secp256k1::Fq::one();
-        let pk = generator * sk;
-        let pk = pk.to_affine();
-        let msg = b"1";
-        // let msg = TransactionRequest::new()
-        //     .nonce(0)
-        //     .gas(0)
-        //     .gas_price(U256::zero())
-        //     .to(Address::zero())
-        //     .value(U256::zero())
-        //     .data(Bytes::default())
-        //     .chain_id(1)
-        //     .rlp().to_vec();
-        let msg_hash: [u8; 32] = Keccak256::digest(msg)
-            .as_slice()
-            .to_vec()
-            .try_into()
-            .expect("hash length isn't 32 bytes");
-        let msg_hash = secp256k1::Fq::from_bytes(&msg_hash).unwrap();
-        let randomness = secp256k1::Fq::one();
-        let (sig_r, sig_s, v) = sign(randomness, sk, msg_hash);
-
-        SignData {
-            signature: (sig_r, sig_s, v),
-            pk,
-            msg: msg.into(),
-            msg_hash,
-        }
+        let (tx_req, sig) = get_dummy_tx();
+        let tx = Transaction {
+            tx_type: TxType::PreEip155,
+            rlp_unsigned_bytes: tx_req.rlp_unsigned().to_vec(),
+            rlp_bytes: tx_req.rlp_signed(&sig).to_vec(),
+            v: sig.v,
+            r: sig.r,
+            s: sig.s,
+            // other fields are irrelevant to get the sign_data()
+            ..Default::default()
+        };
+
+        let sign_data = tx.sign_data().unwrap();
+        assert_eq!(sign_data.get_addr(), address!("0x7e5f4552091a69125d5dfcb7b8c2659029395bdf"));
+
+        sign_data
     };
 }
 

zkevm-circuits/src/witness/tx.rs

@@ -15,11 +15,13 @@ use crate::{
         Tag::{EndList, EndVector},
     },
 };
-use bus_mapping::circuit_input_builder::{self, get_dummy_tx, get_dummy_tx_hash, TxL1Fee};
+use bus_mapping::circuit_input_builder::{self, get_dummy_tx_hash, TxL1Fee};
 use eth_types::{
     evm_types::gas_utils::tx_data_gas_cost,
     geth_types::{TxType, TxType::PreEip155},
-    sign_types::{biguint_to_32bytes_le, ct_option_ok_or, recover_pk, SignData, SECP256K1_Q},
+    sign_types::{
+        biguint_to_32bytes_le, ct_option_ok_or, get_dummy_tx, recover_pk, SignData, SECP256K1_Q,
+    },
     Address, Error, Field, Signature, ToBigEndian, ToLittleEndian, ToScalar, ToWord, Word, H256,
 };
 use ethers_core::{types::TransactionRequest, utils::keccak256};