barretenberg-doxygen/3f0fad0de81d472cf71c03df11cf01ed6e7e09e0/circuit_2bridge__call__data_8hpp_source.html

#pragma once

#include "../constants.hpp"

#include "../native/bridge_call_data.hpp"

#include "./asset_id.hpp"

#include "barretenberg/join_split_example/types.hpp"


namespace join_split_example {

namespace proofs {

namespace notes {

namespace circuit {


using namespace proof_system::plonk::stdlib;


constexpr uint32_t input_asset_id_a_shift = DEFI_BRIDGE_ADDRESS_ID_LEN;

constexpr uint32_t input_asset_id_b_shift = input_asset_id_a_shift + DEFI_BRIDGE_INPUT_A_ASSET_ID_LEN;

constexpr uint32_t output_asset_id_a_shift = input_asset_id_b_shift + DEFI_BRIDGE_INPUT_B_ASSET_ID_LEN;

constexpr uint32_t output_asset_id_b_shift = output_asset_id_a_shift + DEFI_BRIDGE_OUTPUT_A_ASSET_ID_LEN;

constexpr uint32_t bitconfig_shift = output_asset_id_b_shift + DEFI_BRIDGE_OUTPUT_B_ASSET_ID_LEN;

constexpr uint32_t aux_data_shift = bitconfig_shift + DEFI_BRIDGE_BITCONFIG_LEN;


struct bridge_call_data {


    struct bit_config {

        bool_ct second_input_in_use;

        bool_ct second_output_in_use;


        bit_config(){};

        bit_config(Builder* builder, uint256_t const& bridge_call_data)

        {

            ASSERT(builder != nullptr);


            constexpr auto bitconfig_mask = (1ULL << DEFI_BRIDGE_BITCONFIG_LEN) - 1;

            uint32_t config_u32 = uint32_t((bridge_call_data >> bitconfig_shift) & bitconfig_mask);

            second_input_in_use = witness_ct(builder, config_u32 & 1ULL);

            second_output_in_use = witness_ct(builder, (config_u32 >> 1) & 1ULL);

        }


        suint_ct to_suint() const

        {

            const suint_ct bitconfig_scaling_factor(uint256_t(1) << bitconfig_shift);


            suint_ct result(second_input_in_use);

            result += suint_ct(second_output_in_use) * 2;

            result *= bitconfig_scaling_factor;

            return result;

        }

    };


    // 32-bit integer which maps to a 20-byte bridge contract address.

    suint_ct bridge_address_id;

    // Note: for virtual assets, the asset_id will be `1` in the 30th-bit, followed by the defi interaction nonce of the

    // interaction which created the asset

    // 30-bit asset_id of first input asset

    suint_ct input_asset_id_a;

    // 30-bit asset_id of second input asset

    suint_ct input_asset_id_b = 0;

    // Note: if the user expects virtual output assets to be returned from a bridge, they must at least specify an

    // output_asset_id of `100...00` (30-bits) to signal the asset's virtualness.

    // 30-bit asset_id of the first output asset.

    suint_ct output_asset_id_a;

    // 30-bit asset_id of the second output asset.

    suint_ct output_asset_id_b;


    // 32-bit bit configuration that describes input/output note structure of bridge:

    // see bit_config constructor for details.

    bit_config config;

    // 64-bit auxiliary data to be passed on to the bridge contract.

    suint_ct aux_data = 0;


    bridge_call_data(){};

    bridge_call_data(Builder* builder, const native::bridge_call_data& native_id)

        : bridge_call_data(builder, native_id.to_uint256_t())

    {}


    bridge_call_data(Builder* builder, uint256_t const& bridge_call_data)

    {

        // constants

        constexpr auto one = uint256_t(1);


        auto bridge_address_id_value = bridge_call_data & uint256_t((one << DEFI_BRIDGE_ADDRESS_ID_LEN) - 1);

        auto input_asset_id_a_value =

            (bridge_call_data >> input_asset_id_a_shift) & uint256_t((one << DEFI_BRIDGE_INPUT_A_ASSET_ID_LEN) - 1);

        auto input_asset_id_b_value =

            (bridge_call_data >> input_asset_id_b_shift) & uint256_t((one << DEFI_BRIDGE_INPUT_B_ASSET_ID_LEN) - 1);

        auto output_asset_id_a_value =

            (bridge_call_data >> output_asset_id_a_shift) & uint256_t((one << DEFI_BRIDGE_OUTPUT_A_ASSET_ID_LEN) - 1);

        auto output_asset_id_b_value =

            (bridge_call_data >> output_asset_id_b_shift) & uint256_t((one << DEFI_BRIDGE_OUTPUT_B_ASSET_ID_LEN) - 1);

        auto aux_data_value = (bridge_call_data >> aux_data_shift) & uint256_t((one << DEFI_BRIDGE_AUX_DATA) - 1);


        bridge_address_id =

            suint_ct(witness_ct(builder, bridge_address_id_value), DEFI_BRIDGE_ADDRESS_ID_LEN, "bridge_address");

        input_asset_id_a =

            suint_ct(witness_ct(builder, input_asset_id_a_value), DEFI_BRIDGE_INPUT_A_ASSET_ID_LEN, "input_asset_id_a");

        input_asset_id_b =

            suint_ct(witness_ct(builder, input_asset_id_b_value), DEFI_BRIDGE_INPUT_B_ASSET_ID_LEN, "input_asset_id_b");

        output_asset_id_a = suint_ct(

            witness_ct(builder, output_asset_id_a_value), DEFI_BRIDGE_OUTPUT_A_ASSET_ID_LEN, "output_asset_id_a");

        output_asset_id_b = suint_ct(

            witness_ct(builder, output_asset_id_b_value), DEFI_BRIDGE_OUTPUT_B_ASSET_ID_LEN, "output_asset_id_b");

        aux_data = suint_ct(witness_ct(builder, aux_data_value), DEFI_BRIDGE_AUX_DATA, "aux_data");


        config = bit_config(builder, bridge_call_data);


        validate_bit_config();

    }


    void validate_bit_config()

    {

        // If the second input/output asset_id is nonzero, then it must be in-use.

        //

        // Note: If it's zero, it could be ETH (which has asset_id = 0), so we can't enforce the opposite direction of

        // implication (that if second_input_in_use, then it must be nonzero).

        // This does mean that if someone deposits ETH as the second input asset_id, but forgets to set

        // second_input_in_use to be `true`, then this circuit cannot catch this mistake. Therefore it's important that

        // every bridge contract validates the inputs it receives.

        (!input_asset_id_b.is_zero())

            .must_imply(config.second_input_in_use, "Expected second_input_in_use, given input_asset_id_b != 0");

        (!output_asset_id_b.is_zero())

            .must_imply(config.second_output_in_use, "Expected second_output_in_use, given output_asset_id_b != 0");


        config.second_input_in_use.must_imply(

            input_asset_id_a != input_asset_id_b,

            "input asset ids must be different for the second bridge input to be in-use");


        const bool_ct first_output_virtual = get_asset_id_flag(output_asset_id_a);

        const bool_ct second_output_virtual = get_asset_id_flag(output_asset_id_b);

        const bool_ct both_outputs_real = (!first_output_virtual && !second_output_virtual);


        (config.second_output_in_use && both_outputs_real)

            .must_imply(output_asset_id_a != output_asset_id_b,

                        "real output asset ids must be different for the second bridge output to be in-use");


        const suint_ct virtual_asset_id_placeholder = suint_ct(1 << (MAX_NUM_ASSETS_BIT_LENGTH - 1)); // 2**29

        first_output_virtual.must_imply(output_asset_id_a == virtual_asset_id_placeholder,

                                        "output_asset_id_a detected as virtual, but has incorrect placeholder value");

        second_output_virtual.must_imply(output_asset_id_b == virtual_asset_id_placeholder,

                                         "output_asset_id_b detected as virtual, but has incorrect placeholder value");

    }


    suint_ct to_safe_uint() const

    {

        // constants

        constexpr auto one = uint256_t(1);


        auto result = bridge_address_id + (input_asset_id_a * suint_ct(one << (input_asset_id_a_shift))) +

                      (input_asset_id_b * suint_ct(one << (input_asset_id_b_shift))) +

                      (output_asset_id_a * suint_ct(one << (output_asset_id_a_shift))) +

                      (output_asset_id_b * suint_ct(one << (output_asset_id_b_shift))) + config.to_suint() +

                      (aux_data * suint_ct(one << (aux_data_shift)));

        return result;

    }

};


inline std::ostream& operator<<(std::ostream& os, bridge_call_data::bit_config const& config)

{

    os << "  second_input_in_use: " << config.second_input_in_use << ",\n"

       << "  second_output_in_use: " << config.second_output_in_use << ",\n";

    return os;

}


inline std::ostream& operator<<(std::ostream& os, bridge_call_data const& bridge_call_data)

{

    os << "{\n"

       << "  bridge_address_id: " << bridge_call_data.bridge_address_id << ",\n"

       << "  input_asset_id_a: " << bridge_call_data.input_asset_id_a << ",\n"

       << "  input_asset_id_b: " << bridge_call_data.input_asset_id_b << ",\n"

       << "  output_asset_id_a: " << bridge_call_data.output_asset_id_a << ",\n"

       << "  output_asset_id_b: " << bridge_call_data.output_asset_id_b << ",\n"

       << bridge_call_data.config << "  aux_data: " << bridge_call_data.aux_data << "\n}";

    return os;

}


} // namespace circuit

} // namespace notes

} // namespace proofs

} // namespace join_split_example

numeric::uint256_t
Definition: uint256.hpp:25

proof_system::UltraCircuitBuilder_
Definition: ultra_circuit_builder.hpp:31

proof_system::plonk::stdlib::bool_t
Definition: bool.hpp:7

proof_system::plonk::stdlib::bool_t::must_imply
void must_imply(const bool_t &other, std::string const &msg="bool_t::must_imply") const
Definition: bool.cpp:447

proof_system::plonk::stdlib::safe_uint_t
Definition: safe_uint.hpp:17

proof_system::plonk::stdlib::safe_uint_t::is_zero
bool_ct is_zero() const
Definition: safe_uint.cpp:184

proof_system::plonk::stdlib::witness_t
Definition: witness.hpp:10

join_split_example::proofs::notes::circuit::bridge_call_data::bit_config
Definition: bridge_call_data.hpp:35

join_split_example::proofs::notes::circuit::bridge_call_data
Definition: bridge_call_data.hpp:21

join_split_example::proofs::notes::circuit::bridge_call_data::bridge_address_id
suint_ct bridge_address_id
Definition: bridge_call_data.hpp:70

join_split_example::proofs::notes::circuit::bridge_call_data::validate_bit_config
void validate_bit_config()
Definition: bridge_call_data.hpp:128

join_split_example::proofs::notes::native::bridge_call_data
Definition: bridge_call_data.hpp:27