Skip to content

zkevm: add ECRECOVER, SHA2-256, IDENTITY and RIPEMD precompiles #1524

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 7 commits into
base: main
Choose a base branch
from
Open

zkevm: add ECRECOVER, SHA2-256, IDENTITY and RIPEMD precompiles #1524

wants to merge 7 commits into from

Conversation

jsign
Copy link
Contributor

@jsign jsign commented May 1, 2025
edited
Loading

This PR:

  • Adds tests for new precompiles: ECRECOVER, SHA2-256, IDENTITY, and RIPEMD.
  • Removes zkevm pytest markers since the testing framework now automatically does this.
  • Uses Environment() configured gas limits, which are expected to be correctly set via the new --block-gas-limit filling flag.
  • I updated the CI pipeline to use 36M gas limit for filling.

Cycle counts in the new precompiles:

  • ECRECOVER: 682 million cycles
  • SHA2-256: 5.8 billion cycles
  • IDENTITY: 305 million cycles
  • RIPEMD: 360 million cycles

The last three are all part of a generic test since these precompiles have the same input parameter structure (i.e., data). The generic test automatically discovers the optimal input length for each case to amortize the static cost as much as possible against the quadratic cost of memory expansions. ECRECOVER is a separate test since the parameter input structure is particular.

@jsign jsign force-pushed the jsign-zkvm-ecrecover branch from d53e674 to bdfaa17 Compare May 1, 2025 21:53
@jsign jsign force-pushed the jsign-zkvm-modexp branch 2 times, most recently from b8d50b4 to 99f249d Compare May 5, 2025 22:27
Base automatically changed from jsign-zkvm-modexp to main May 5, 2025 22:38
@jsign
zkevm: add ecrecover attack
d56f4ef 
Signed-off-by: Ignacio Hagopian <[email protected]>
@jsign jsign force-pushed the jsign-zkvm-ecrecover branch from bdfaa17 to d56f4ef Compare May 5, 2025 22:48
jsign added 3 commits May 5, 2025 19:49
@jsign
lints
b7ae79c 
Signed-off-by: Ignacio Hagopian <[email protected]>
@jsign
fix gas limits
b2915c8 
Signed-off-by: Ignacio Hagopian <[email protected]>
@jsign
generic precompiles with only data parameter
8eb40f5 
Signed-off-by: Ignacio Hagopian <[email protected]>
@jsign jsign changed the title zkevm: add ECRECOVER attack zkevm: add ECRECOVER, SHA2-256, IDENTITY and RIPEMD attacks May 6, 2025
jsign added 3 commits May 6, 2025 10:35
@jsign
remove zkevm marks
0a33c35 
Signed-off-by: Ignacio Hagopian <[email protected]>
@jsign
ci: define gas limit for zkevm feature
6a99195 
Signed-off-by: Ignacio Hagopian <[email protected]>
@jsign
lints
7376d45 
Signed-off-by: Ignacio Hagopian <[email protected]>
@jsign jsign changed the title zkevm: add ECRECOVER, SHA2-256, IDENTITY and RIPEMD attacks zkevm: add ECRECOVER, SHA2-256, IDENTITY and RIPEMD precompiles May 6, 2025
@jsign jsign marked this pull request as ready for review May 6, 2025 17:38
@jsign jsign requested a review from marioevz May 6, 2025 17:38
jsign
jsign commented May 6, 2025
View reviewed changes
.github/configs/feature.yaml
@@ -13,7 +13,7 @@ static:
solc: 0.8.21
zkevm:
evm-type: zkevm
fill-params: --from=Cancun --until=Prague -m zkevm ./tests
fill-params: --from=Cancun --until=Prague --block-gas-limit 36000000 -m zkevm ./tests
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The gas_limit in all tests is configured via Environment().gas_limit. Since by default the testing framework sets as twice the current mainnet one, that looks unfair/unexpected for zkevm tests.

Thus, I think it's much better to define the expectation via --block-gas-limit for the filling.

jsign
jsign commented May 6, 2025
View reviewed changes
tests/zkevm/test_worst_compute.py
Comment on lines +127 to +129
pytest.param(0x02, 60, 12, 64, id="SHA2-256"),
pytest.param(0x03, 600, 120, 64, id="RIPEMD-160"),
pytest.param(0x04, 15, 3, 1, id="IDENTITY"),
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

bytes_per_unit_of_work is mainly a concept of for how many bytes of input the precompile has to do "computational work". In the case of hashes, is related to the block size of the compression function. For identity is "1" since work is linear (i.e., not "chunked")

cc @kevaundray

jsign
jsign commented May 6, 2025
View reviewed changes
tests/zkevm/test_worst_compute.py
Comment on lines +127 to +128
pytest.param(0x02, 60, 12, 64, id="SHA2-256"),
pytest.param(0x03, 600, 120, 64, id="RIPEMD-160"),
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I didn't find a way to pull the static and dynamic costs from precompiles. Is there a way to do this? Mostly asking for future-proofness

chfast
chfast reviewed May 7, 2025
View reviewed changes
Copy link
Member

@chfast chfast left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

These are not zkevm specific but good general benchmarks for EVM. Can we make this framework for benchmarks a bit more generic? I'd like to contribute my existing benchmarks and more.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@chfast chfast chfast left review comments

@danceratopz danceratopz danceratopz left review comments

@marioevz marioevz Awaiting requested review from marioevz

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@jsign @chfast @danceratopz