Skip to content

Commit

Permalink
Add feature to disable decryptions in transaction
Browse files Browse the repository at this point in the history
  • Loading branch information
david-zk committed Nov 13, 2023
1 parent da2e7fe commit c2ca675
Show file tree
Hide file tree
Showing 4 changed files with 38 additions and 10 deletions.
19 changes: 19 additions & 0 deletions fhevm/contracts_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -3381,3 +3381,22 @@ func TestDecryptWithTrueOptimisticRequire(t *testing.T) {
t.Fatalf("expected that there are no optimistic requires after decrypt")
}
}

func TestDecryptInTransactionDisabled(t *testing.T) {
depth := 0
environment := newTestEVMEnvironment()
environment.depth = depth
environment.commit = true
environment.ethCall = false
environment.fhevmParams.DisableDecryptionsInTransaction = true
addr := common.Address{}
readOnly := false
hash := verifyCiphertextInTestMemory(environment, 1, depth, FheUint8).getHash()
// Call decrypt and expect it to fail due to disabling of decryptions during commit
_, err := decryptRun(environment, addr, addr, hash.Bytes(), readOnly)
if err == nil {
t.Fatalf("expected to error out in test")
} else if err.Error() != "decryptions during transaction are disabled" {
t.Fatalf("unexpected error for disabling decryption transactions, got %s", err.Error())
}
}
17 changes: 9 additions & 8 deletions fhevm/instructions_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -167,12 +167,13 @@ func uint256FromBig(b *big.Int) *uint256.Int {
}

type MockEVMEnvironment struct {
fhevmData *FhevmData
depth int
stateDb *state.StateDB
commit bool
ethCall bool
readOnly bool
fhevmData *FhevmData
depth int
stateDb *state.StateDB
commit bool
ethCall bool
readOnly bool
fhevmParams FhevmParams
}

func (environment *MockEVMEnvironment) GetState(addr common.Address, hash common.Hash) common.Hash {
Expand Down Expand Up @@ -232,7 +233,7 @@ func (environment *MockEVMEnvironment) FhevmData() *FhevmData {
}

func (environment *MockEVMEnvironment) FhevmParams() *FhevmParams {
return &FhevmParams{}
return &environment.fhevmParams
}

func (environment *MockEVMEnvironment) EVMEnvironment() EVMEnvironment {
Expand All @@ -243,7 +244,7 @@ func newTestEVMEnvironment() *MockEVMEnvironment {
fhevmData := NewFhevmData()
db := rawdb.NewMemoryDatabase()
state, _ := state.New(common.Hash{}, state.NewDatabase(db), nil)
return &MockEVMEnvironment{fhevmData: &fhevmData, stateDb: state, commit: true}
return &MockEVMEnvironment{fhevmData: &fhevmData, stateDb: state, commit: true, fhevmParams: DefaultFhevmParams()}
}

func TestProtectedStorageSstoreSload(t *testing.T) {
Expand Down
6 changes: 4 additions & 2 deletions fhevm/params.go
Original file line number Diff line number Diff line change
Expand Up @@ -44,12 +44,14 @@ var (

func DefaultFhevmParams() FhevmParams {
return FhevmParams{
GasCosts: DefaultGasCosts(),
GasCosts: DefaultGasCosts(),
DisableDecryptionsInTransaction: false,
}
}

type FhevmParams struct {
GasCosts GasCosts
GasCosts GasCosts
DisableDecryptionsInTransaction bool
}

type GasCosts struct {
Expand Down
6 changes: 6 additions & 0 deletions fhevm/precompiles.go
Original file line number Diff line number Diff line change
Expand Up @@ -1956,6 +1956,12 @@ func optimisticRequireRun(environment EVMEnvironment, caller common.Address, add

func decryptRun(environment EVMEnvironment, caller common.Address, addr common.Address, input []byte, readOnly bool) ([]byte, error) {
logger := environment.GetLogger()
// if not gas estimation and not view function fail if decryptions are disabled in transactions
if environment.IsCommitting() && !environment.IsEthCall() && environment.FhevmParams().DisableDecryptionsInTransaction {
msg := "decryptions during transaction are disabled"
logger.Error(msg, "input", hex.EncodeToString(input))
return nil, errors.New(msg)
}
if len(input) != 32 {
msg := "decrypt input len must be 32 bytes"
logger.Error(msg, "input", hex.EncodeToString(input), "len", len(input))
Expand Down

0 comments on commit c2ca675

Please sign in to comment.