feat(lc/starknet): verify signed commitment proofs from starknet

[rnbguy]

closes #229

[rnbguy]

I successfully managed to sign the proof_init

[rnbguy]

Looks like these two are skipped. Probably ibc-go doesn't use them after cosmos/ibc-go#7129

[rnbguy]

Currently, the signature verification fails here. But I don't know how to create the signature at this point without access to ConnectionEnd and ConnectionId at starknet.

[rnbguy]

I can query the stored counteryparty connection end (starknet) at cosmos, cosmos's own connection id to recreate the ConnectionEnd.

[rnbguy]

To generate the proofs -- specifically signatures, I hacked around. This is not ideal.

To generate a signature, I need

• starknet consensus root at cosmos (against which the proof is validated)
• starknet commitment prefix
• ibc path
• ibc value

When I am building the message with CosmosChain, I don't have access to StarknetChain. So I can't fetch the consensus_root (block_hash) for starknet.

For now, I pass the block_hash as a dummy proof in the payload -- as I am building the correct proof at message builder anyway.

@soareschen any idea how to do this properly?

[soareschen]

I think you need to include that in the payload. You can define a custom payload type for Starknet if needed.

[soareschen]

You could also modify the StarknetCommitmentProof type if it is required in all proofs. I think in Cosmos, the root is part of the MerkleProof struct already.

[rnbguy]

I ended up building the bytes that need to be signed at the Starknet (-to-Cosmos) payload builder step. But Starknet doesn't have access to the Cosmos's default signer. So I signed it at Cosmos's message builder step.

But I don't see how I can sign the bytes for packet commitment, ack and receipt.

[rnbguy]

One more question: is the query_packet_receipt supposed to return non_membership_proof too?

ibc-starknet/relayer/crates/starknet-chain-components/src/impls/queries/packet_receipt.rs

Lines 51 to 57 in a3248f9

	async fn query_packet_receipt(
	chain: &Chain,
	channel_id: &ChannelId,
	port_id: &IbcPortId,
	sequence: &IbcSequence,
	height: &u64,
	) -> Result<(Vec<u8>, StarknetCommitmentProof), Chain::Error> {

... for packet_timeout trigger.

[rnbguy]

currently fails because the packet_ack proof from Starknet to Cosmos is not valid, i.e. it is not signed by the cosmos default signer.

[rnbguy]

Actually, I think, the default_message_signer (or something equivalent) should be used on the Starknet side at payload builder steps.

• The public key is part of the Starknet light client. It should be part of Starknet's context.
• We will generate the commitment proofs at payload builder steps directly. The proofs from Starknet should only rely on Starknet's context.

Starknet does have an equivalent to default_message_signer via HasStarknetAccount

ibc-starknet/relayer/crates/starknet-chain-context/src/contexts/chain.rs

Line 192 in c14166f

pub account: SingleOwnerAccount<Arc<JsonRpcClient<HttpTransport>>, LocalWallet>,

But, it uses ecdsa scheme. But we are using secp256k1 in wasm light clients currently.

Probably, we can use relayer_wallet.signing_key to generate a secp256k1 key pair.

ibc-starknet/relayer/crates/starknet-integration-tests/src/contexts/bootstrap.rs

Lines 108 to 111 in a3248f9

	let relayer_wallet = wallets
	.get("relayer")
	.ok_or_else(|| StarknetBootstrap::raise_error("expect relayer wallet to be present"))?
	.clone();

[rnbguy]

I fixed the signing problems. But now I think, I need to make the commitment proofs consistent between ibc-go and cairo contract.

This is how ibc-go generate the commitment proof

https://github.com/cosmos/ibc-go/blob/98d7e7550a23ecf8d96ce042ab11ef857b184f2a/modules/core/04-channel/types/packet.go#L20-L36

In cairo, we use the following

ibc-starknet/cairo-contracts/packages/core/src/commitment/types.cairo

Lines 51 to 59 in 7967c80

	pub fn compute_packet_commitment(
	json_packet_data: @ByteArray, timeout_height: Height, timeout_timestamp: Timestamp
	) -> Commitment {
	let mut coll = U32CollectorImpl::init();
	coll.extend(timeout_timestamp);
	coll.extend(timeout_height);
	coll.extend_from_chunk(compute_sha256_byte_array(json_packet_data));
	compute_sha256_u32_array(coll.value(), 0, 0).into()
	}

I should try to fix it using this test as a reference,

ibc-starknet/cairo-contracts/packages/core/src/tests/commitment.cairo

Lines 52 to 58 in 7967c80

	fn test_compute_packet_commitment() {
	let commitment = PACKET_COMMITMENT_ON_SN(ERC20());
	let expected: [u32; 8] = [
	3458244073, 1576048754, 4210798310, 1002247062, 2365181318, 2763927782, 545147151, 944653547
	];
	assert_eq!(commitment, expected.into());
	}

[rnbguy]

do we have an implementation that encodes CometClientState to protobuf encoding?

cc @soareschen

PS. it's not important for demo2, as ibc-go currently ignored self client/consensus validation.

[rnbguy]

@soareschen same as client state, but for consensus state.

[rnbguy]

I only return non-membership proof here.

[rnbguy]

I fixed this as part of this PR.

cc @Farhad-Shabani

[rnbguy]

Nix error during Osmosis github tarball fetch is back. But ics20 e2e test passes locally. 🎉

[rnbguy]

We have to remove or trim the light_client.rs tesfile.

We are passing dummy proofs here:

ibc-starknet/relayer/crates/starknet-integration-tests/src/tests/light_client.rs

Lines 394 to 396 in 7967c80

	proof_try: [0; 32].into(), // dummy proofs
	proof_client: [0; 32].into(),
	proof_consensus: [0; 32].into(),

ibc-starknet/relayer/crates/starknet-integration-tests/src/tests/light_client.rs

Line 442 in 7967c80

proof_try: [0; 32].into(), // dummy proofs

The wasm light client accepts only signed proofs now.