From cf4d5ef1dba917e540c424afd9ee13ba39e7c881 Mon Sep 17 00:00:00 2001 From: Thomas Piellard Date: Tue, 4 Jul 2023 22:19:55 +0200 Subject: [PATCH] fix: fixed pairing check (wait for 4-5 to check staticcall using dedicated function) --- backend/plonk/bn254/solidity.go | 16 +++++++++++++++- 1 file changed, 15 insertions(+), 1 deletion(-) diff --git a/backend/plonk/bn254/solidity.go b/backend/plonk/bn254/solidity.go index 834ab3c3ad..a97dc4ef82 100644 --- a/backend/plonk/bn254/solidity.go +++ b/backend/plonk/bn254/solidity.go @@ -740,9 +740,23 @@ contract PlonkVerifier { mstore(add(mPtr, 0x120), g2_srs_1_x_1) mstore(add(mPtr, 0x140), g2_srs_1_y_0) mstore(add(mPtr, 0x160), g2_srs_1_y_1) + check_pairing_kzg(mPtr) + } + + // check_pairing_kzg checks the result of the final pairing product of the batched + // kzg verification. The purpose of this function is too avoid exhausting the stack + // in the function batch_verify_multi_points. + // mPtr: pointer storing the tuple of pairs + function check_pairing_kzg(mPtr) { + + let state := mload(0x40) + + // TODO test the staticcall using the method from audit_4-5 let l_success := staticcall(sub(gas(), 2000),8,mPtr,0x180,0x00,0x20) let res_pairing := mload(0x00) - mstore(add(state, state_success), and(l_success,eq(res_pairing,0x1))) + let s_success := mload(add(state, state_success)) + res_pairing := and(and(res_pairing, l_success), s_success) + mstore(add(state, state_success), res_pairing) } // Fold the opening proofs at ΞΆ: