feat(gateway-contracts): implement coprocessor contexts

chore(gateway-contracts): start updating tests

chore(gateway-contracts): add and improve tests from regular contracts

chore(gateway-contracts): finish tests

Author: melanciani

gateway-contracts/.env.example

@@ -51,21 +51,27 @@ KMS_TX_SENDER_ADDRESS_3="0xc45994e4098271c3140117ebD5c74C70dd56D9cd" # accounts[
 KMS_SIGNER_ADDRESS_3="0xDb216ECeC4cEd51CdfD9609b6Ce7653aB04f6cAd" # accounts[10] (address)
 KMS_NODE_IP_ADDRESS_3="127.0.0.4" # (string)
 
+# Coprocessor feature set
+COPROCESSORS_FEATURE_SET="1" # (uint256)
+
 # Coprocessors
 # The number of coprocessors must be lower or equal to the number of coprocessors' metadata defined below
 NUM_COPROCESSORS="3" # (number)
 
 # Coprocessor 1
+COPROCESSOR_NAME_0="Coprocessor 1" # (string)
 COPROCESSOR_TX_SENDER_ADDRESS_0="0x6518D50aDc9036Df37119eA465a8159E34417E2E" # accounts[11] (address)
 COPROCESSOR_SIGNER_ADDRESS_0="0xa5eE8292dA52d8234248709F3E217ffEBA5E8312" # accounts[12] (address)
 COPROCESSOR_S3_BUCKET_URL_0="s3://bucket-1" # (string)
 
 # Coprocessor 2
+COPROCESSOR_NAME_1="Coprocessor 2" # (string)
 COPROCESSOR_TX_SENDER_ADDRESS_1="0xCFbF539CB91c92ace0343c5B0487149Ad0b82078" # accounts[13] (address)
 COPROCESSOR_SIGNER_ADDRESS_1="0xA951F315d5FD35Cac111dFB5250DF231FB8eF905" # accounts[14] (address)
 COPROCESSOR_S3_BUCKET_URL_1="s3://bucket-2" # (string)
 
 # Coprocessor 3
+COPROCESSOR_NAME_2="Coprocessor 3" # (string)
 COPROCESSOR_TX_SENDER_ADDRESS_2="0x3C0033584da3A0f61AA5C7bde50eAF3642875a21" # accounts[15] (address)
 COPROCESSOR_SIGNER_ADDRESS_2="0x420AF5A5BBfAd922aE5a501d9a8Bf70a55F52E03" # accounts[16] (address)
 COPROCESSOR_S3_BUCKET_URL_2="s3://bucket-3" # (string)

gateway-contracts/contracts/CiphertextCommits.sol

@@ -1,17 +1,20 @@
 // SPDX-License-Identifier: BSD-3-Clause-Clear
 pragma solidity ^0.8.24;
 import { gatewayConfigAddress } from "../addresses/GatewayConfigAddress.sol";
+import { coprocessorContextsAddress } from "../addresses/CoprocessorContextsAddress.sol";
 import { kmsManagementAddress } from "../addresses/KmsManagementAddress.sol";
 import { Ownable2StepUpgradeable } from "@openzeppelin/contracts-upgradeable/access/Ownable2StepUpgradeable.sol";
 import { Strings } from "@openzeppelin/contracts/utils/Strings.sol";
 import "./interfaces/ICiphertextCommits.sol";
 import "./interfaces/IGatewayConfig.sol";
+import { ICoprocessorContexts } from "./interfaces/ICoprocessorContexts.sol";
 import "./interfaces/IKmsManagement.sol";
 import "./shared/UUPSUpgradeableEmptyProxy.sol";
 import "./shared/GatewayConfigChecks.sol";
 import "./shared/Pausable.sol";
 import "./libraries/HandleOps.sol";
-
+import { CoprocessorContexts } from "./CoprocessorContexts.sol";
+import { ContextChecks } from "./shared/ContextChecks.sol";
 /**
  * @title CiphertextCommits smart contract
  * @dev See {ICiphertextCommits}.
@@ -21,11 +24,15 @@ contract CiphertextCommits is
     Ownable2StepUpgradeable,
     UUPSUpgradeableEmptyProxy,
     GatewayConfigChecks,
-    Pausable
+    Pausable,
+    ContextChecks
 {
-    /// @notice The address of the GatewayConfig contract, used for fetching information about coprocessors.
+    /// @notice The address of the GatewayConfig contract, used for fetching information about host chains.
     IGatewayConfig private constant GATEWAY_CONFIG = IGatewayConfig(gatewayConfigAddress);
 
+    /// @notice The address of the CoprocessorContexts contract, used for fetching information about coprocessors.
+    ICoprocessorContexts private constant COPROCESSOR_CONTEXTS = ICoprocessorContexts(coprocessorContextsAddress);
+
     /// @notice The address of the KmsManagement contract, used for fetching information about the current key.
     IKmsManagement private constant KMS_MANAGEMENT = IKmsManagement(kmsManagementAddress);
 
@@ -59,6 +66,8 @@ contract CiphertextCommits is
             _alreadyAddedCoprocessorTxSenders;
         /// @notice The mapping of the coprocessor transaction senders that have added the ciphertext.
         mapping(bytes32 ctHandle => address[] coprocessorTxSenderAddresses) _coprocessorTxSenderAddresses;
+        /// @notice The coprocessor context ID associated to the add ciphertext
+        mapping(bytes32 addCiphertextHash => uint256 contextId) inputVerificationContextId;
     }
 
     /// @dev Storage location has been computed using the following command:
@@ -77,27 +86,55 @@ contract CiphertextCommits is
      * @dev This function needs to be public in order to be called by the UUPS proxy.
      */
     /// @custom:oz-upgrades-validate-as-initializer
-    function initializeFromEmptyProxy() public virtual onlyFromEmptyProxy reinitializer(2) {
+    function initializeFromEmptyProxy() public virtual onlyFromEmptyProxy reinitializer(3) {
         __Ownable_init(owner());
         __Pausable_init();
     }
 
+    /// @notice Reinitializes the contract.
+    function reinitializeV2() external reinitializer(3) {}
+
     /// @notice See {ICiphertextCommits-addCiphertextMaterial}.
-    /// @dev This function calls the GatewayConfig contract to check that the sender address is a Coprocessor.
     function addCiphertextMaterial(
         bytes32 ctHandle,
         uint256 keyId,
         bytes32 ciphertextDigest,
         bytes32 snsCiphertextDigest
-    ) external virtual onlyCoprocessorTxSender whenNotPaused {
+    ) external virtual whenNotPaused refreshCoprocessorContextStatuses {
         /// @dev Extract the chainId from the ciphertext handle
         uint256 chainId = HandleOps.extractChainId(ctHandle);
 
         /// @dev Check that the associated host chain is registered
         GATEWAY_CONFIG.checkHostChainIsRegistered(chainId);
 
+        // Compute the hash of the ciphertext material to differentiate different ciphertext
+        // material additions
+        bytes32 addCiphertextHash = keccak256(
+            abi.encode(ctHandle, chainId, keyId, ciphertextDigest, snsCiphertextDigest)
+        );
+
         CiphertextCommitsStorage storage $ = _getCiphertextCommitsStorage();
 
+        // Get the context ID from the input verification context ID mapping
+        uint256 contextId = $.inputVerificationContextId[addCiphertextHash];
+
+        // If the context ID is not set, get the active coprocessor context's ID and associate it to
+        // this ciphertext material addition
+        if (contextId == 0) {
+            contextId = COPROCESSOR_CONTEXTS.getActiveCoprocessorContextId();
+            $.inputVerificationContextId[addCiphertextHash] = contextId;
+
+            // Else, that means a coprocessor already started to add the ciphertext material
+            // and we need to check that the context is active or suspended
+            // If it is not, that means the context is no longer valid for this operation and we revert
+        } else if (!COPROCESSOR_CONTEXTS.isCoprocessorContextActiveOrSuspended(contextId)) {
+            ContextStatus contextStatus = COPROCESSOR_CONTEXTS.getCoprocessorContextStatus(contextId);
+            revert InvalidCoprocessorContextAddCiphertext(ctHandle, contextId, contextStatus);
+        }
+
+        // Only accept coprocessor transaction senders from the same context
+        COPROCESSOR_CONTEXTS.checkIsCoprocessorTxSenderFromContext(contextId, msg.sender);
+
         /**
          * @dev Check if the coprocessor transaction sender has already added the ciphertext handle.
          * Note that a coprocessor transaction sender cannot add the same ciphertext material on
@@ -118,20 +155,17 @@ contract CiphertextCommits is
          * Coprocessors can only have a consensus on a ciphertext material with the same information.
          * This hash is used to track the addition consensus on the received ciphertext material.
          */
-        bytes32 addCiphertextHash = keccak256(
-            abi.encode(ctHandle, chainId, keyId, ciphertextDigest, snsCiphertextDigest)
-        );
         $._addCiphertextHashCounters[addCiphertextHash]++;
 
         $._alreadyAddedCoprocessorTxSenders[ctHandle][msg.sender] = true;
         $._coprocessorTxSenderAddresses[ctHandle].push(msg.sender);
 
-        /// @dev Only send the event if consensus has not been reached in a previous call
-        /// @dev and the consensus is reached in the current call.
-        /// @dev This means a "late" addition will not be reverted, just ignored
+        // Only send the event if consensus has not been reached in a previous call and the consensus
+        // is reached in the current call. This means a "late" addition will not be reverted, just ignored
+        // Besides, consensus only considers the coprocessors of the same context
         if (
             !$._isCiphertextMaterialAdded[ctHandle] &&
-            _isConsensusReached($._addCiphertextHashCounters[addCiphertextHash])
+            _isConsensusReached(contextId, $._addCiphertextHashCounters[addCiphertextHash])
         ) {
             $._ciphertextDigests[ctHandle] = ciphertextDigest;
             $._snsCiphertextDigests[ctHandle] = snsCiphertextDigest;
@@ -141,6 +175,7 @@ contract CiphertextCommits is
 
             emit AddCiphertextMaterial(
                 ctHandle,
+                contextId,
                 ciphertextDigest,
                 snsCiphertextDigest,
                 $._coprocessorTxSenderAddresses[ctHandle]
@@ -220,11 +255,14 @@ contract CiphertextCommits is
     // solhint-disable-next-line no-empty-blocks
     function _authorizeUpgrade(address _newImplementation) internal virtual override onlyOwner {}
 
-    /// @notice Checks if the consensus is reached among the Coprocessors.
-    /// @param coprocessorCounter The number of coprocessors that agreed
-    /// @return Whether the consensus is reached
-    function _isConsensusReached(uint256 coprocessorCounter) internal view virtual returns (bool) {
-        uint256 consensusThreshold = GATEWAY_CONFIG.getCoprocessorMajorityThreshold();
+    /**
+     * @notice Checks if the consensus is reached among the coprocessors from the same context.
+     * @param contextId The coprocessor context ID
+     * @param coprocessorCounter The number of coprocessors that agreed
+     * @return Whether the consensus is reached
+     */
+    function _isConsensusReached(uint256 contextId, uint256 coprocessorCounter) internal view virtual returns (bool) {
+        uint256 consensusThreshold = COPROCESSOR_CONTEXTS.getCoprocessorMajorityThresholdFromContext(contextId);
         return coprocessorCounter >= consensusThreshold;
     }