solidity implementation for ics23

[lightyear15]

Code is splitted in 4 different libraries, following the layout of
functions and files of the go implementation

• Ops -> go/ops.go
• Proof -> go/proof.go
• Compress -> go/compress.go
• Ics23 -> go/ics23.go

Missing parts of the current implementation:

• sha512 hash option: solidity does not have built-in function for this
  hash. A solidity implementation would be utterly inefficient and very
  costly (gas-wise)
• compress functions: this implementation is meant be used for
  verification, not for proof generation
• ProofSpec for tendermint and iavl definition: again, this
  implementation is just to verify, not to generate
• Decompress functions are present but not working: currently
  investigating a potention buf in the protobuf runtime
• Batch verification functions are temporarily disabled due to above

[lightyear15]

Hello @adizee @andynog
you might be interested in this

@ethanfrey ,
Here is my PR with the solidity implementation.
I know I promised to use truffle, but after a few hours trying to write the first JS unitest I had a breakdown 😄 , so I decided to move to brownie for a much better user experience.
The framework it's released under MIT as well so I hope this change won't cause any license problem.

I am investigating the issue with the Protobuf decompress functions, trying to tailor the the simplest possible example for the maintainers of the solidity-protobuf to start the investigation.

[ethanfrey]

Missing parts of the current implementation:

sha512 hash option: solidity does not have built-in function for this
hash. A solidity implementation would be utterly inefficient and very
costly (gas-wise)

Agree. No know implementations use this. It was just added for completeness.

compress functions: this implementation is meant be used for
verification, not for proof generation

Agree.

ProofSpec for tendermint and iavl definition: again, this
implementation is just to verify, not to generate

The ProofSpec is needed to verify. You don't need to export it, but the test cases should have access to those proof specs so they can verify the same data. (You don't need a solidity object for it if you don't want)

Decompress functions are present but not working: currently
investigating a potention buf in the protobuf runtime

These only apply to batch proofs. Current ICS / Relayer usage seems to just include a series of existence proofs and no batching/compression, so simply throwing an error "not yet implemented" and leaving an issue to add them seems fine

Batch verification functions are temporarily disabled due to above

[ethanfrey]

The framework it's released under MIT as well so I hope this change won't cause any license problem.

MIT is good.

I will try to review soon, but it is fine to merge with the described functionality if it works

[adlerjohn]

I will take a look at this, but might be a couple days.

[lightyear15]

FYI:
With the help of the maintainers, I found out why decompress function doesn't work.
datachainlab/solidity-protobuf#23
The current solidity-protobuf compiler does not support packed repeated fields.
As explained in the issue there is a workaround: adding attribute [packed=false] to field path

... 🤔 ...
I wonder if this bug is also affecting message InnerSpec

[ethanfrey]

The test code looks nice and proper.

I cannot review solidity, so I would take someone else on that, but from my end, we could merge this as is (tested) and then have another pass with a solidity reviewer to ensure there are no issues in that code.

[ethanfrey]

Amazed at how expressive these tests can be with those decorators. Nice stuff.

[ethanfrey]

Shame they are skipped. But compress is not essential for v1

[ethanfrey]

Does this ensure it throws an exception?

[lightyear15]

Yes

[ethanfrey]

looks good

[ethanfrey]

@lightyear15 sorry for the long delay.

If you want, I can merge it. Just let me know.
Otherwise, feel free to get a reviewer for the solidity stuff first

[lightyear15]

Hello @ethanfrey ,
thanks a lot for your review.
I will talk to ICF and see how they want to proceed

[adlerjohn]

The biggest issue here is the use of this library. It is a protobuf codec that may or may not follow a non-existent protobuf spec, not an ADR-027 codec. The latter is highly recommended (read: required) to avoid the possibility of malleability attacks such as this one. You should be using the following libraries to deal with protobuf.

1. https://github.com/celestiaorg/protobuf3-solidity
2. https://github.com/celestiaorg/protobuf3-solidity-lib

[lightyear15]

HI @adlerjohn ,
the problem with the celestiaorg compiler is that, as reported in the README, it does not support oneof needed in
BatchEntry
CompressedBatchEntry
and most importantly, in
CommitmentProof

[adlerjohn]

oneof can be implemented as a library! Much better than fixing the currently-used library to be ADR-027-compliant. PRs welcome.

[lightyear15]

I have talked to the datachainlab/solidity-protobuf compiler's maintainers.
They have plans to make it ADR-27 compliant soon.
I think I will just sit and wait for it 😁

[adlerjohn]

That works too!

[lightyear15]

Datachain lab have updated their compiler which now is ADR-27 compliant.
The changes to the branch updated the compiled sol libraries with the new version of the compiler.
This PR should be ready for review as all the @adlerjohn comments have been addressed

[schnetzlerjoe]

@ethanfrey is work on this complete? Curious!

[hu55a1n1]

Hi @adlerjohn and @mkaczanowski, would you be able to take a look to see if your comments have been addressed and approve the PR if you find the time?

[crodriguezvega]

Is there still interest in merging this PR?

[lightyear15]

Is there still interest in merging this PR?

not on my side

[crodriguezvega]

not on my side

Ok, thank you. Then I will close the PR for now.