Refactor linked lists initial hashing #581
Conversation
There was a problem hiding this comment.
Looks good!
Just a general question about soundness not specific to this PR:
For the initial trie, we check consistency of the state MPT by adding all the initial accounts of the linked list in order. Since we don't use the next pointers of the items and just advance by @ACCOUNTS_LINKED_LISTS_NODE_SIZE, what happens if a malicious prover provides duplicate accounts? I can't see a way to abuse it but I'm not sure it's completely safe either.
evm_arithmetization/src/cpu/kernel/asm/mpt/linked_list/initial_tries.asm
Outdated
Show resolved
Hide resolved
evm_arithmetization/src/cpu/kernel/asm/mpt/linked_list/initial_tries.asm
Outdated
Show resolved
Hide resolved
evm_arithmetization/src/cpu/kernel/asm/mpt/linked_list/initial_tries.asm
Outdated
Show resolved
Hide resolved
evm_arithmetization/src/cpu/kernel/asm/mpt/linked_list/initial_tries.asm
Outdated
Show resolved
Hide resolved
evm_arithmetization/src/cpu/kernel/asm/mpt/linked_list/initial_tries.asm
Outdated
Show resolved
Hide resolved
Good point! I think this is indeed a problem. Even though the only account in the trie would be the last one, It seems possible to have multiple accounts with different states (e.g. different balance, storage trie) and choose any of them when writing/reading from the state. This might certainly allow you to take the last account from the duplicates to an incorrect state, getting a corrupted final hash. |
github-actions
bot
removed
the
crate: mpt_trie
Co-authored-by: Hamy Ratoanina <[email protected]>
|
@hratoanina I addressed the soundness issue we discussed. Now it's checking well formedness of the initial next node ptrs, as well as checking that the initial keys are strictly increasing. |
evm_arithmetization/src/cpu/kernel/asm/mpt/linked_list/linked_list.asm
Outdated
Show resolved
Hide resolved
evm_arithmetization/src/cpu/kernel/asm/mpt/linked_list/linked_list.asm
Outdated
Show resolved
Hide resolved
evm_arithmetization/src/cpu/kernel/asm/mpt/linked_list/linked_list.asm
Outdated
Show resolved
Hide resolved
evm_arithmetization/src/cpu/kernel/asm/mpt/linked_list/linked_list.asm
Outdated
Show resolved
Hide resolved
Co-authored-by: Hamy Ratoanina <[email protected]>
github-actions
bot
added
the
crate: zero_bin
evm_arithmetization/src/cpu/kernel/asm/mpt/linked_list/initial_tries.asm
Show resolved
Hide resolved
evm_arithmetization/src/cpu/kernel/asm/mpt/linked_list/linked_list.asm
Outdated
Show resolved
Hide resolved
Co-authored-by: Robin Salen <[email protected]>
github-actions
bot
removed
the
crate: zero_bin
This PR changes the logic for hashing the initial tries using linked lists. Instead of traversing the initial state trie and setting all the payloads, it inserts all the nodes into the initial
linked listsstate trie. This change saves around10%15% of CPU cycles. Even though #467 considered also refactoring the final hashing, it turned out that the current implementation of the final hash is more efficient.Closes #467.