feat: add Schnorr signature-based integrity verification to native adapter (#94)

* chore: add k256 as dep

* feat: update native host to use schnorr signatures for integrity

* fix: update programs to use updated API

* fix: avoid unwraps in verify fn

* ci: extract toolchain version correctly

Author: prajwolrg

.github/actions/extract-rust-version/action.yml

@@ -0,0 +1,17 @@
+name: Extract Rust toolchain version
+description: "Extracts the Rust toolchain version from rust-toolchain.toml"
+inputs: {}
+outputs:
+  rust-version:
+    description: "The Rust toolchain version from rust-toolchain.toml"
+    value: ${{ steps.extract.outputs.rust-version }}
+
+runs:
+  using: "composite"
+  steps:
+    - name: Extract Rust toolchain version
+      id: extract
+      shell: bash
+      run: |
+        VERSION="$(grep '^channel = ' rust-toolchain.toml | sed 's/channel = "\(.*\)"/\1/')"
+        echo "rust-version=$VERSION" >> "$GITHUB_OUTPUT"

.github/workflows/lint.yml

@@ -12,6 +12,20 @@ env:
 permissions: {}
 
 jobs:
+  extract-rust-version:
+    name: Extract Rust toolchain version
+    runs-on: ubuntu-latest
+    outputs:
+      rust-version: ${{ steps.extract.outputs.rust-version }}
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v4
+        with:
+          persist-credentials: false
+      - name: Extract Rust toolchain version
+        id: extract
+        uses: ./.github/actions/extract-rust-version # zizmor: ignore[unpinned-uses]
+
   clippy:
     name: Run clippy on crates
     runs-on: ubuntu-latest
@@ -48,6 +62,7 @@ jobs:
   crate-checks:
     name: Check that crates compile on their own
     runs-on: ubuntu-latest
+    needs: extract-rust-version
     timeout-minutes: 90 # cold run takes a lot of time as each crate is compiled separately
     steps:
       - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v4
@@ -61,7 +76,7 @@ jobs:
 
       - uses: dtolnay/rust-toolchain@a02741459ec5e501b9843ed30b535ca0a0376ae4 # nightly
         with:
-          toolchain: nightly-2024-07-27
+          toolchain: ${{ needs.extract-rust-version.outputs.rust-version }}
       - uses: taiki-e/install-action@1b0e852a3465a29cd0b17876f2de42a88d145e91 # cargo-hack
       - uses: Swatinem/rust-cache@779680da715d629ac1d338a641029a2f4372abb5 # v2
         with:
@@ -80,6 +95,7 @@ jobs:
   fmt:
     name: Check code formatting
     runs-on: ubuntu-latest
+    needs: extract-rust-version
     timeout-minutes: 30
     steps:
       - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v4
@@ -88,7 +104,7 @@ jobs:
       - uses: dtolnay/rust-toolchain@a02741459ec5e501b9843ed30b535ca0a0376ae4 # nightly
         with:
           components: rustfmt
-          toolchain: nightly-2024-07-27
+          toolchain: ${{ needs.extract-rust-version.outputs.rust-version }}
       - run: cargo fmt --all --check
 
   codespell:

.github/workflows/prover.yml

@@ -5,13 +5,28 @@ on: pull_request
 permissions: {}
 
 jobs:
+  extract-rust-version:
+    name: Extract Rust toolchain version
+    runs-on: ubuntu-latest
+    outputs:
+      rust-version: ${{ steps.extract.outputs.rust-version }}
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v4
+        with:
+          persist-credentials: false
+      - name: Extract Rust toolchain version
+        id: extract
+        uses: ./.github/actions/extract-rust-version # zizmor: ignore[unpinned-uses]
+
   eval_perf:
     permissions:
       # Needed to install the toolchain.
       contents: write
       # Needed to post the performance report comments.
       pull-requests: write
     runs-on: ubuntu-latest
+    needs: extract-rust-version
 
     steps:
       - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v4
@@ -21,7 +36,7 @@ jobs:
       - name: Set up Rust
         uses: dtolnay/rust-toolchain@a02741459ec5e501b9843ed30b535ca0a0376ae4 # nightly
         with:
-          toolchain: nightly-2024-07-27
+          toolchain: ${{ needs.extract-rust-version.outputs.rust-version }}
 
       - name: Cleanup space
         uses: ./.github/actions/cleanup # zizmor: ignore[unpinned-uses]

.github/workflows/unit.yml

@@ -18,9 +18,24 @@ concurrency:
 permissions: {}
 
 jobs:
+  extract-rust-version:
+    name: Extract Rust toolchain version
+    runs-on: ubuntu-latest
+    outputs:
+      rust-version: ${{ steps.extract.outputs.rust-version }}
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v4
+        with:
+          persist-credentials: false
+      - name: Extract Rust toolchain version
+        id: extract
+        uses: ./.github/actions/extract-rust-version # zizmor: ignore[unpinned-uses]
+
   test:
     name: Run unit tests and generate report
     runs-on: ubuntu-latest
+    needs: extract-rust-version
     timeout-minutes: 60 # better fail-safe than the default 360 in github actions
     steps:
       - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v4
@@ -35,7 +50,7 @@ jobs:
       - uses: dtolnay/rust-toolchain@a02741459ec5e501b9843ed30b535ca0a0376ae4 # nightly
         with:
           components: llvm-tools-preview
-          toolchain: nightly-2024-07-27
+          toolchain: ${{ needs.extract-rust-version.outputs.rust-version }}
       - name: Install latest nextest release
         uses: taiki-e/install-action@9903ab6feadaec33945de535fe9d181b91802a55 # v2
         with:
@@ -66,6 +81,7 @@ jobs:
   doc:
     name: Run doc tests
     runs-on: ubuntu-latest
+    needs: extract-rust-version
     env:
       RUST_BACKTRACE: 1
     timeout-minutes: 60
@@ -81,7 +97,7 @@ jobs:
 
       - uses: dtolnay/rust-toolchain@a02741459ec5e501b9843ed30b535ca0a0376ae4 # nightly
         with:
-          toolchain: nightly-2024-07-27
+          toolchain: ${{ needs.extract-rust-version.outputs.rust-version }}
       - uses: Swatinem/rust-cache@779680da715d629ac1d338a641029a2f4372abb5 # v2
         with:
           cache-on-failure: true

Cargo.lock

@@ -45,6 +45,8 @@ bincode = "1.3"
 borsh = { version = "1.5.0", features = ["derive"] }
 cfg-if = "1.0.0"
 hex = { version = "0.4", features = ["serde"] }
+k256 = { version = "0.13.4", features = ["schnorr"] }
+rand_core = "0.6"
 serde = { version = "1.0", features = ["derive"] }
 sha2 = "0.10"
 thiserror = "1.0"

Cargo.toml

@@ -19,4 +19,6 @@ async-trait.workspace = true
 bincode.workspace = true
 borsh.workspace = true
 hex.workspace = true
+k256.workspace = true
+rand_core.workspace = true
 serde.workspace = true

adapters/native/Cargo.toml

@@ -1,6 +1,11 @@
 use std::{env, fmt, sync::Arc};
 
 use async_trait::async_trait;
+use k256::schnorr::{
+    signature::{Signer, Verifier},
+    Signature, SigningKey,
+};
+use rand_core::OsRng;
 use zkaleido::{
     ExecutionSummary, Proof, ProofMetadata, ProofReceipt, ProofReceiptWithMetadata, ProofType,
     PublicValues, VerifyingKey, VerifyingKeyCommitment, ZkVm, ZkVmError, ZkVmExecutor, ZkVmHost,
@@ -12,11 +17,12 @@ use crate::{env::NativeMachine, input::NativeMachineInputBuilder, proof::NativeP
 
 type ProcessProofFn = dyn Fn(&NativeMachine) -> ZkVmResult<()> + Send + Sync;
 
-/// A native host that holds a reference to a proof-processing function (`process_proof`).
+/// A native host that holds a reference to a proof-processing function and a Schnorr signing key.
 ///
 /// This struct can be cloned cheaply (due to the internal [`Arc`]), and used by various
-/// parts of the application to execute native proofs or validations without
-/// requiring a real cryptographic backend.
+/// parts of the application to execute native proofs with Schnorr signature-based verification.
+/// The signing key is used to sign public values during proof generation and verify them during
+/// verification.
 #[derive(Clone)]
 pub struct NativeHost {
     /// A function wrapped in [`Arc`] and [`Box`] that processes proofs for a
@@ -25,15 +31,57 @@ pub struct NativeHost {
     /// By storing the function in a dynamic pointer (`Box<dyn ...>`) inside an
     /// [`Arc`], multiple host instances or threads can share the same proof
     /// logic without needing to replicate code or data.
-    pub process_proof: Arc<Box<ProcessProofFn>>,
+    process_fn: Arc<Box<ProcessProofFn>>,
+
+    /// The Schnorr signing key used for signing public values during proof generation
+    /// and verifying signatures during proof verification.
+    schnorr_key: SigningKey,
+}
+
+impl NativeHost {
+    /// Creates a new [`NativeHost`] with the given proof processing function.
+    ///
+    /// Generates a fresh Schnorr signing key pair to sign and verify proof outputs,
+    /// providing authenticity guarantees for native execution.
+    ///
+    /// This method accepts infallible functions that return `()`. For functions that
+    /// may fail and return `ZkVmResult<()>`, use [`new_fallible`](Self::new_fallible) instead.
+    pub fn new<F>(process_fn: F) -> Self
+    where
+        F: Fn(&NativeMachine) + Send + Sync + 'static,
+    {
+        let schnorr_key = SigningKey::random(&mut OsRng);
+        Self {
+            process_fn: Arc::new(Box::new(move |zkvm: &NativeMachine| -> ZkVmResult<()> {
+                process_fn(zkvm);
+                Ok(())
+            })),
+            schnorr_key,
+        }
+    }
+
+    /// Creates a new [`NativeHost`] with a fallible proof processing function.
+    ///
+    /// Use this method when your processing function may fail and returns `ZkVmResult<()>`.
+    /// For infallible functions that return `()`, use [`new`](Self::new) instead.
+    pub fn new_fallible<F>(process_fn: F) -> Self
+    where
+        F: Fn(&NativeMachine) -> ZkVmResult<()> + Send + Sync + 'static,
+    {
+        let schnorr_key = SigningKey::random(&mut OsRng);
+        Self {
+            process_fn: Arc::new(Box::new(process_fn)),
+            schnorr_key,
+        }
+    }
 }
 
 impl ZkVmHost for NativeHost {}
 
 impl ZkVmExecutor for NativeHost {
     type Input<'a> = NativeMachineInputBuilder;
     fn execute<'a>(&self, native_machine: NativeMachine) -> ZkVmResult<ExecutionSummary> {
-        (self.process_proof)(&native_machine)?;
+        (self.process_fn)(&native_machine)?;
         let output = native_machine.state.borrow().output.clone();
         let public_values = PublicValues::new(output);
         // There is no straightforward equivalent of cycles and gas for native execution
@@ -58,7 +106,9 @@ impl ZkVmProver for NativeHost {
     ) -> ZkVmResult<NativeProofReceipt> {
         let execution_result = self.execute(native_machine)?;
         let public_values = execution_result.into_public_values();
-        let proof = Proof::default();
+        // Sign the public values using the Schnorr signing key
+        let signature = self.schnorr_key.sign(public_values.as_bytes());
+        let proof = Proof::new(signature.to_bytes().to_vec());
         let receipt = ProofReceipt::new(proof, public_values);
 
         let version: &str = env!("CARGO_PKG_VERSION");
@@ -72,14 +122,30 @@ impl ZkVmProver for NativeHost {
 impl ZkVmTypedVerifier for NativeHost {
     type ZkVmProofReceipt = NativeProofReceipt;
 
-    fn verify_inner(&self, _proof: &NativeProofReceipt) -> ZkVmResult<()> {
+    fn verify_inner(&self, proof: &NativeProofReceipt) -> ZkVmResult<()> {
+        let receipt: ProofReceiptWithMetadata = proof
+            .clone()
+            .try_into()
+            .map_err(ZkVmError::InvalidProofReceipt)?;
+        let signature = Signature::try_from(receipt.receipt().proof().as_bytes())
+            .map_err(|e| ZkVmError::ProofVerificationError(format!("invalid signature: {e}")))?;
+        // Verify the Schnorr signature over the public values
+        self.schnorr_key
+            .verifying_key()
+            .verify(receipt.receipt().public_values().as_bytes(), &signature)
+            .map_err(|e| {
+                ZkVmError::ProofVerificationError(format!("signature verification failed: {e}"))
+            })?;
+
         Ok(())
     }
 }
 
 impl ZkVmVkProvider for NativeHost {
     fn vk(&self) -> VerifyingKey {
-        VerifyingKey::default()
+        // Return the Schnorr public key (verifying key) as the verifying key
+        let schnorr_public_key = self.schnorr_key.verifying_key().to_bytes().to_vec();
+        VerifyingKey::new(schnorr_public_key)
     }
 
     fn vk_commitment(&self) -> VerifyingKeyCommitment {

adapters/native/src/host.rs

@@ -4,9 +4,11 @@
 //! [`ZkVmHost`](zkaleido::ZkVmHost), and [`ZkVmInputBuilder`](zkaleido::ZkVmInputBuilder) traits,
 //! allowing you to run a ZkVM-like environment without generating actual zero-knowledge proofs.
 //!
-//! In native mode, the proof statements are executed directly in Rust, resulting in
-//! an **empty proof** but still producing the **expected public parameters**. This approach
-//! bypasses the usual process of ELF generation used by the ZkVM, making it useful for:
+//! In native mode, the proof statements are executed directly in Rust, producing the
+//! **expected public values**. When proving, the adapter generates a **Schnorr signature**
+//! over the public values instead of a zero-knowledge proof. This approach
+//! bypasses the usual process of ELF generation and ZKP generation used by the ZkVM, making it
+//! useful for:
 //!
 //! - **Local testing**: Quickly verify logic and expected outputs without the overhead of full
 //!   proof generation.

adapters/native/src/lib.rs

@@ -33,28 +33,22 @@ impl ZkVmProgram for FibProgram {
 
 #[cfg(test)]
 pub mod tests {
-    use std::sync::Arc;
-
     use zkaleido::ZkVmProgram;
-    use zkaleido_native_adapter::{NativeHost, NativeMachine};
+    use zkaleido_native_adapter::NativeHost;
 
     use crate::{process_fibonacci, program::FibProgram};
 
     pub fn get_native_host() -> NativeHost {
-        NativeHost {
-            process_proof: Arc::new(Box::new(move |zkvm: &NativeMachine| {
-                process_fibonacci(zkvm);
-                Ok(())
-            })),
-        }
+        NativeHost::new(process_fibonacci)
     }
 
     #[test]
     fn test_native() {
         let input = 5;
         let host = get_native_host();
-        let receipt = FibProgram::prove(&input, &host).unwrap().receipt().clone();
-        let output = FibProgram::process_output::<NativeHost>(receipt.public_values()).unwrap();
+        let receipt = FibProgram::prove(&input, &host).unwrap();
+        let output =
+            FibProgram::process_output::<NativeHost>(receipt.receipt().public_values()).unwrap();
         assert_eq!(output, 5);
     }
 }