Skip to content

doc: verifier's responsibility #86

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

doc: verifier's responsibility #86

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
17 changes: 16 additions & 1 deletion README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -68,8 +68,23 @@ Each `BlockDerivationProof` contains the following:
Read [our doc](https://github.com/EspressoSystems/espresso-sequencer/blob/main/doc/zk-integration.md) for a more detailed description;
read our blog on [Derivation Pipeline](https://hackmd.io/@EspressoSystems/the-derivation-pipeline) for rollup integration.

## Getting Started
## Verification

Verifier's responsibility extends beyond simply checking the proof.It must also ensure that all elements of the public input are themselves valid. This is critical for the security and correctness of the rollup integration.

### The verifier MUST:

1. **Validate the Proof**: Ensure the submitted proof attests to the correct execution of the circuit as specified above.
2. **Check Public Input Validity**:
- Confirm that the `rollup_txs_commit` is well-formed and matches the expected rollup transactions.
- Ensure that the `ns_id` is the expected namespace ID.
- Verify that the `bmt_commitment` comes from a trusted source, e.g. the HotShot on-chain light client.
- Validate that the `vid_pp_hash` matches the public parameter of the Verifiable Information Dispersal (VID) scheme used by the Espresso sequencer.
Comment on lines +78 to +82
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

i think we should reorder. also be more explicit about "how to check" or "what to do"

  • check ns_id should probably be the logically first thing
  • should vid_pp and bmt_comm be fetched by some espresso RPC or public endpoint, if so, we should list them (@jbearer do you know?)
  • then explicitly says that rollup_tx_commit should match the field in the public inputs of the zkVM execution proof. The field that commits to the entire batch of tx being proven.


> **Security Note:** Accepting a valid proof with invalid public inputs can lead to consensus failures, state corruption, or security vulnerabilities. Always perform strict checks on all public input fields.
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

use [!IMPORTANT] alert?



## Getting Started
To enter the development shell: `nix develop`


Expand Down
Loading