feat(tee): add support for recoverable signatures #3414
+142
−16
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
pbeza
force-pushed
the
tee/feat/solidity-compatible-recoverable-signatures
branch
4 times, most recently
from
9c15a1b to
1c239e7
Compare
pbeza
added a commit
to matter-labs/teepot
that referenced
this pull request
Dec 30, 2024
…report_data This PR goes hand in hand with matter-labs/zksync-era#3414
This PR is part of the effort to implement on-chain TEE proof verification. Signatures produced by the TEE Prover are now compatible with the on-chain verifier that uses the `ecrecover` precompile. Until now, we've been using _non-recoverable_ signatures in the TEE prover with a compressed ECDSA public key in each attestation -- it was compressed because there are only 64 bytes available in the report attestation quote. That worked fine for off-chain proof verification, but for on-chain verification, it's better to use the Ethereum address derived from the public key so we can call ecrecover in Solidity to verify the signature. This PR goes hand in hand with matter-labs/teepot#228
pbeza
force-pushed
the
tee/feat/solidity-compatible-recoverable-signatures
branch
from
1c239e7 to
63a7712
Compare
pbeza
added a commit
to matter-labs/teepot
that referenced
this pull request
Dec 31, 2024
…report_data This PR is part of the effort to implement on-chain TEE proof verification. This PR goes hand in hand with matter-labs/zksync-era#3414.
pbeza
added a commit
to matter-labs/teepot
that referenced
this pull request
Dec 31, 2024
…in report_data This PR is part of the effort to implement on-chain TEE proof verification. This PR goes hand in hand with: - matter-labs/zksync-era#3414 - #228
pbeza
added a commit
to matter-labs/teepot
that referenced
this pull request
Dec 31, 2024
…in report_data This PR is part of the effort to implement on-chain TEE proof verification. This PR goes hand in hand with: - matter-labs/zksync-era#3414 - #228
pbeza
added a commit
to matter-labs/teepot
that referenced
this pull request
Dec 31, 2024
…in report_data This PR is part of the effort to implement on-chain TEE proof verification. This PR goes hand in hand with: - matter-labs/zksync-era#3414 - #228
pbeza
added a commit
to matter-labs/teepot
that referenced
this pull request
Jan 2, 2025
…in report_data This PR is part of the effort to implement on-chain TEE proof verification. This PR goes hand in hand with: - matter-labs/zksync-era#3414 - #228
pbeza
added a commit
to matter-labs/teepot
that referenced
this pull request
Jan 2, 2025
…in report_data This PR is part of the effort to implement on-chain TEE proof verification. This PR goes hand in hand with: - matter-labs/zksync-era#3414 - #228
pbeza
added a commit
to matter-labs/teepot
that referenced
this pull request
Jan 3, 2025
…in report_data This PR is part of the effort to implement on-chain TEE proof verification. This PR goes hand in hand with: - matter-labs/zksync-era#3414 - #228
pbeza
added a commit
to matter-labs/teepot
that referenced
this pull request
Jan 3, 2025
…in report_data This PR is part of the effort to implement on-chain TEE proof verification. This PR goes hand in hand with: - matter-labs/zksync-era#3414 - #228
pbeza
added a commit
to matter-labs/teepot
that referenced
this pull request
Jan 3, 2025
…in report_data This PR is part of the effort to implement on-chain TEE proof verification. This PR goes hand in hand with: - matter-labs/zksync-era#3414 - #228
pbeza
added a commit
to matter-labs/teepot
that referenced
this pull request
Jan 6, 2025
…report_data This PR is part of the effort to implement on-chain TEE proof verification. This PR goes hand in hand with matter-labs/zksync-era#3414.
pbeza
added a commit
to matter-labs/teepot
that referenced
this pull request
Jan 6, 2025
…in report_data This PR is part of the effort to implement on-chain TEE proof verification. This PR goes hand in hand with: - matter-labs/zksync-era#3414 - #228
haraldh
requested changes
Jan 7, 2025
slowli
reviewed
Jan 10, 2025
| @@ -67,10 +67,24 @@ impl fmt::Debug for TeeProver { | |||
| } | |||
|
|
|||
| impl TeeProver { | |||
| /// Signs the message in Ethereum-compatible format for on-chain verification. | |||
| pub fn sign_message(sec: &SecretKey, message: Message) -> Result<[u8; 65], TeeProverError> { | |||
| let s = SECP256K1.sign_ecdsa_recoverable(&message, sec); | |||
There was a problem hiding this comment.
You can use the zksync_crypto_primitives library; it has this functionality (and one used in the unit tests below) implemented.
There was a problem hiding this comment.
I was excited to hear we had all the crypto primitives ready to reuse, but when I dove in, it turned out they were kinda inconvenient or even impossible to use because:
- Some primitives are defined as
pub(super),pub(crate), or totally private. I don't really get why, TBH. - Some of our crypto wrappers are way less convenient than the primitives they actually wrap.
I reused what I could, but I still had to almost copy-paste some of the existing primitives. :( Overall it seems the number of LOC increased. :P Lemme know if I'm missing something.
zksync-era/core/bin/zksync_tee_prover/src/tee_prover.rs
Lines 223 to 241 in 27ad86e
…patible-recoverable-signatures
pbeza
force-pushed
the
tee/feat/solidity-compatible-recoverable-signatures
branch
2 times, most recently
from
279292a to
c801dd7
Compare
pbeza
force-pushed
the
tee/feat/solidity-compatible-recoverable-signatures
branch
from
c801dd7 to
27ad86e
Compare
pbeza
added a commit
to matter-labs/teepot
that referenced
this pull request
Jan 15, 2025
…report_data This PR is part of the effort to implement on-chain TEE proof verification. This PR goes hand in hand with matter-labs/zksync-era#3414.
pbeza
added a commit
to matter-labs/teepot
that referenced
this pull request
Jan 15, 2025
…report_data This PR is part of the effort to implement on-chain TEE proof verification. This PR goes hand in hand with matter-labs/zksync-era#3414.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
What ❔
This PR is part of the effort to implement on-chain TEE proof verification. Signatures produced by the TEE Prover are now compatible with the on-chain verifier that uses the
ecrecoverprecompile.Why ❔
Until now, we've been using non-recoverable signatures in the TEE prover with a compressed ECDSA public key in each attestation – it was compressed because there are only 64 bytes available in the report attestation quote. That worked fine for off-chain proof verification, but for on-chain verification, it's better to use the Ethereum address derived from the public key so we can call
ecrecoverin Solidity to verify the signature.This PR goes hand in hand with:
Checklist
zkstack dev fmtandzkstack dev lint.