fix: uint256 precompile invaraint checks

succinctlabs · Nov 21, 2024 · 964054d · 964054d
1 parent 58787d3
commit 964054d
Show file tree

Hide file tree

Showing 4 changed files with 21 additions and 8 deletions.
diff --git a/crates/core/executor/src/syscalls/precompiles/keccak256/permute.rs b/crates/core/executor/src/syscalls/precompiles/keccak256/permute.rs
@@ -27,7 +27,8 @@ impl Syscall for Keccak256PermuteSyscall {
         let start_clk = rt.clk;
         let state_ptr = arg1;
         if arg2 != 0 {
-            panic!("Expected arg2 to be 0, got {arg2}");
+            eprintln!("Expected arg2 to be 0, got {arg2}, this violates the Keccak precompile invariant.");
+            return rt.invariant_violated();
         }
 
         let mut state_read_records = Vec::new();

diff --git a/crates/core/executor/src/syscalls/precompiles/sha256/compress.rs b/crates/core/executor/src/syscalls/precompiles/sha256/compress.rs
@@ -32,7 +32,10 @@ impl Syscall for Sha256CompressSyscall {
     ) -> Option<u32> {
         let w_ptr = arg1;
         let h_ptr = arg2;
-        assert_ne!(w_ptr, h_ptr);
+        if w_ptr == h_ptr {
+            eprintln!("w_ptr == h_ptr, violation of the sha256 invariant");
+            return rt.invariant_violated();
+        }
 
         let start_clk = rt.clk;
         let mut h_read_records = Vec::new();

diff --git a/crates/core/executor/src/syscalls/precompiles/sha256/extend.rs b/crates/core/executor/src/syscalls/precompiles/sha256/extend.rs
@@ -19,7 +19,11 @@ impl Syscall for Sha256ExtendSyscall {
     ) -> Option<u32> {
         let clk_init = rt.clk;
         let w_ptr = arg1;
-        assert!(arg2 == 0, "arg2 must be 0");
+        if arg2 != 0 {
+            eprintln!("Warning: sha256_extend syscall arg2 is not zero, this violates the precompile invariants");
+
+            return rt.invariant_violated();
+        }
 
         let w_ptr_init = w_ptr;
         let mut w_i_minus_15_reads = Vec::with_capacity(48);

diff --git a/crates/core/executor/src/syscalls/precompiles/uint256.rs b/crates/core/executor/src/syscalls/precompiles/uint256.rs
@@ -21,12 +21,11 @@ impl Syscall for Uint256MulSyscall {
         let clk = rt.clk;
 
         let x_ptr = arg1;
-        if x_ptr % 4 != 0 {
-            panic!();
-        }
         let y_ptr = arg2;
-        if y_ptr % 4 != 0 {
-            panic!();
+
+        // Check alignment.
+        if x_ptr % 4 > 0 || y_ptr % 4 > 0 {
+            return rt.invariant_violated();
         }
 
         // First read the words for the x value. We can read a slice_unsafe here because we write
@@ -45,6 +44,12 @@ impl Syscall for Uint256MulSyscall {
         let uint256_y = BigUint::from_bytes_le(&words_to_bytes_le_vec(&y));
         let uint256_modulus = BigUint::from_bytes_le(&words_to_bytes_le_vec(&modulus));
 
+        if uint256_x >= uint256_modulus || uint256_y >= uint256_modulus {
+            eprintln!("Uint256 Precompile Invariant violated: x or y is greater than or equal to the modulus.");
+
+            return rt.invariant_violated();
+        }
+
         // Perform the multiplication and take the result modulo the modulus.
         let result: BigUint = if uint256_modulus.is_zero() {
             let modulus = BigUint::one() << 256;