Merge branch 'staging' into feat/aggregation-mode-risc0-sdk

Author: MauroToscano

Makefile

@@ -75,6 +75,10 @@ anvil_deploy_eigen_contracts:
 	@echo "Deploying Eigen Contracts..."
 	. contracts/scripts/anvil/deploy_eigen_contracts.sh
 
+anvil_deploy_risc0_contracts:
+	@echo "Deploying RISC0 Contracts..."
+	. contracts/scripts/anvil/deploy_risc0_contracts.sh
+
 anvil_deploy_sp1_contracts:
 	@echo "Deploying SP1 Contracts..."
 	. contracts/scripts/anvil/deploy_sp1_contracts.sh
@@ -191,6 +195,9 @@ verify_aggregated_proof_risc0_holesky_stage:
 		--beacon_url $(BEACON_URL) \
 		--rpc_url https://ethereum-holesky-rpc.publicnode.com
 
+install_aggregation_mode: ## Install the aggregation mode with proving enabled
+	cargo install --path aggregation_mode --features prove
+
 _AGGREGATOR_:
 
 build_aggregator:
@@ -732,6 +739,10 @@ deploy_proof_aggregator:
 	@echo "Deploying ProofAggregator contract on $(NETWORK) network..."
 	@. contracts/scripts/.env.$(NETWORK) && . contracts/scripts/deploy_proof_aggregator.sh
 
+upgrade_proof_aggregator:
+	@echo "Upgrading ProofAggregator Contract on $(NETWORK) network..."
+	@. contracts/scripts/.env.$(NETWORK) && . contracts/scripts/upgrade_proof_aggregator.sh
+
 build_aligned_contracts:
 	@cd contracts/src/core && forge build --via-ir
 

aggregation_mode/aggregation_programs/risc0/src/lib.rs

@@ -24,5 +24,4 @@ impl Risc0ImageIdAndPubInputs {
 #[derive(Serialize, Deserialize)]
 pub struct Input {
     pub proofs_image_id_and_pub_inputs: Vec<Risc0ImageIdAndPubInputs>,
-    pub merkle_root: [u8; 32],
 }

aggregation_mode/aggregation_programs/risc0/src/main.rs

@@ -54,7 +54,5 @@ fn main() {
 
     let merkle_root = compute_merkle_root(&input.proofs_image_id_and_pub_inputs);
 
-    assert_eq!(merkle_root, input.merkle_root);
-
     env::commit_slice(&merkle_root);
 }

aggregation_mode/aggregation_programs/sp1/src/lib.rs

@@ -18,21 +18,7 @@ impl SP1VkAndPubInputs {
     }
 }
 
-#[derive(Serialize, Deserialize)]
-pub enum ProofVkAndPubInputs {
-    SP1Compressed(SP1VkAndPubInputs),
-}
-
-impl ProofVkAndPubInputs {
-    pub fn hash(&self) -> [u8; 32] {
-        match self {
-            ProofVkAndPubInputs::SP1Compressed(proof_data) => proof_data.hash(),
-        }
-    }
-}
-
 #[derive(Serialize, Deserialize)]
 pub struct Input {
-    pub proofs_vk_and_pub_inputs: Vec<ProofVkAndPubInputs>,
-    pub merkle_root: [u8; 32],
+    pub proofs_vk_and_pub_inputs: Vec<SP1VkAndPubInputs>,
 }

aggregation_mode/aggregation_programs/sp1/src/main.rs

@@ -3,7 +3,7 @@ sp1_zkvm::entrypoint!(main);
 
 use sha2::{Digest, Sha256};
 use sha3::Keccak256;
-use sp1_aggregation_program::{Input, ProofVkAndPubInputs};
+use sp1_aggregation_program::{Input, SP1VkAndPubInputs};
 
 fn combine_hashes(hash_a: &[u8; 32], hash_b: &[u8; 32]) -> [u8; 32] {
     let mut hasher = Keccak256::new();
@@ -13,7 +13,7 @@ fn combine_hashes(hash_a: &[u8; 32], hash_b: &[u8; 32]) -> [u8; 32] {
 }
 
 /// Computes the merkle root for the given proofs using the vk
-fn compute_merkle_root(proofs: &[ProofVkAndPubInputs]) -> [u8; 32] {
+fn compute_merkle_root(proofs: &[SP1VkAndPubInputs]) -> [u8; 32] {
     let mut leaves: Vec<[u8; 32]> = proofs
         .chunks(2)
         .map(|chunk| match chunk {
@@ -42,19 +42,13 @@ pub fn main() {
 
     // Verify the proofs.
     for proof in input.proofs_vk_and_pub_inputs.iter() {
-        match proof {
-            ProofVkAndPubInputs::SP1Compressed(proof) => {
-                let vkey = proof.vk;
-                let public_values = &proof.public_inputs;
-                let public_values_digest = Sha256::digest(public_values);
-                sp1_zkvm::lib::verify::verify_sp1_proof(&vkey, &public_values_digest.into());
-            }
-        }
+        let vkey = proof.vk;
+        let public_values = &proof.public_inputs;
+        let public_values_digest = Sha256::digest(public_values);
+        sp1_zkvm::lib::verify::verify_sp1_proof(&vkey, &public_values_digest.into());
     }
 
     let merkle_root = compute_merkle_root(&input.proofs_vk_and_pub_inputs);
 
-    assert_eq!(merkle_root, input.merkle_root);
-
     sp1_zkvm::io::commit_slice(&merkle_root);
 }

aggregation_mode/src/aggregators/lib.rs

@@ -1,11 +1,14 @@
-pub mod lib;
 pub mod risc0_aggregator;
 pub mod sp1_aggregator;
 
 use std::fmt::Display;
 
-use risc0_aggregator::{AlignedRisc0VerificationError, Risc0ProofReceiptAndImageId};
-use sp1_aggregator::{AlignedSP1VerificationError, SP1ProofWithPubValuesAndElf};
+use risc0_aggregator::{
+    AlignedRisc0VerificationError, Risc0AggregationError, Risc0ProofReceiptAndImageId,
+};
+use sp1_aggregator::{
+    AlignedSP1VerificationError, SP1AggregationError, SP1ProofWithPubValuesAndElf,
+};
 
 #[derive(Clone, Debug)]
 pub enum ZKVMEngine {
@@ -22,6 +25,13 @@ impl Display for ZKVMEngine {
     }
 }
 
+#[derive(Debug)]
+pub enum ProofAggregationError {
+    SP1Aggregation(SP1AggregationError),
+    Risc0Aggregation(Risc0AggregationError),
+    PublicInputsDeserialization,
+}
+
 impl ZKVMEngine {
     pub fn from_env() -> Option<Self> {
         let key = "AGGREGATOR";
@@ -34,6 +44,69 @@ impl ZKVMEngine {
 
         Some(engine)
     }
+
+    /// Aggregates a list of [`AlignedProof`]s into a single [`AlignedProof`].
+    ///
+    /// Returns a tuple containing:
+    /// - The aggregated [`AlignedProof`], representing the combined proof
+    /// - The Merkle root computed within the ZKVM, exposed as a public input
+    ///
+    /// This function performs proof aggregation and ensures the resulting Merkle root
+    /// can be independently verified by external systems.
+    pub fn aggregate_proofs(
+        &self,
+        proofs: Vec<AlignedProof>,
+    ) -> Result<(AlignedProof, [u8; 32]), ProofAggregationError> {
+        let res = match self {
+            ZKVMEngine::SP1 => {
+                let proofs = proofs
+                    .into_iter()
+                    // Fetcher already filtered for SP1
+                    // We do this for type casting, as to avoid using generics
+                    // or macros in this function
+                    .filter_map(|proof| match proof {
+                        AlignedProof::SP1(proof) => Some(*proof),
+                        _ => None,
+                    })
+                    .collect();
+
+                let mut agg_proof = sp1_aggregator::aggregate_proofs(proofs)
+                    .map_err(ProofAggregationError::SP1Aggregation)?;
+
+                let merkle_root: [u8; 32] = agg_proof
+                    .proof_with_pub_values
+                    .public_values
+                    .read::<[u8; 32]>();
+
+                (AlignedProof::SP1(agg_proof.into()), merkle_root)
+            }
+            ZKVMEngine::RISC0 => {
+                let proofs = proofs
+                    .into_iter()
+                    // Fetcher already filtered for Risc0
+                    // We do this for type casting, as to avoid using generics
+                    // or macros in this function
+                    .filter_map(|proof| match proof {
+                        AlignedProof::Risc0(proof) => Some(*proof),
+                        _ => None,
+                    })
+                    .collect();
+
+                let agg_proof = risc0_aggregator::aggregate_proofs(proofs)
+                    .map_err(ProofAggregationError::Risc0Aggregation)?;
+
+                // Note: journal.decode() won't work here as risc0 deserializer works under u32 words
+                let public_input_bytes = agg_proof.receipt.journal.as_ref();
+                let merkle_root: [u8; 32] = public_input_bytes
+                    .try_into()
+                    .map_err(|_| ProofAggregationError::PublicInputsDeserialization)?;
+
+                (AlignedProof::Risc0(agg_proof.into()), merkle_root)
+            }
+        };
+
+        Ok(res)
+    }
 }
 
 pub enum AlignedProof {
@@ -42,7 +115,7 @@ pub enum AlignedProof {
 }
 
 impl AlignedProof {
-    pub fn hash(&self) -> [u8; 32] {
+    pub fn commitment(&self) -> [u8; 32] {
         match self {
             AlignedProof::SP1(proof) => proof.hash_vk_and_pub_inputs(),
             AlignedProof::Risc0(proof) => proof.hash_image_id_and_public_inputs(),

aggregation_mode/src/aggregators/mod.rs

@@ -3,8 +3,6 @@ include!(concat!(env!("OUT_DIR"), "/methods.rs"));
 use risc0_zkvm::{default_prover, ExecutorEnv, ProverOpts, Receipt};
 use sha3::{Digest, Keccak256};
 
-use super::lib::{AggregatedProof, ProgramOutput, ProofAggregationError};
-
 /// Byte representation of the aggregator image_id, converted from `[u32; 8]` to `[u8; 32]`.
 const RISC0_AGGREGATOR_PROGRAM_ID_BYTES: [u8; 32] = {
     let mut res = [0u8; 32];
@@ -40,19 +38,22 @@ impl Risc0ProofReceiptAndImageId {
     }
 }
 
-pub struct Risc0AggregationInput {
-    pub proofs: Vec<Risc0ProofReceiptAndImageId>,
-    pub merkle_root: [u8; 32],
+#[derive(Debug)]
+pub enum Risc0AggregationError {
+    WriteInput(String),
+    BuildExecutor(String),
+    Prove(String),
+    Verification(String),
 }
 
 pub(crate) fn aggregate_proofs(
-    input: Risc0AggregationInput,
-) -> Result<ProgramOutput, ProofAggregationError> {
+    proofs: Vec<Risc0ProofReceiptAndImageId>,
+) -> Result<Risc0ProofReceiptAndImageId, Risc0AggregationError> {
     let mut env_builder = ExecutorEnv::builder();
 
     // write assumptions and proof image id + pub inputs
     let mut proofs_image_id_and_pub_inputs = vec![];
-    for proof in input.proofs {
+    for proof in proofs {
         proofs_image_id_and_pub_inputs.push(risc0_aggregation_program::Risc0ImageIdAndPubInputs {
             image_id: proof.image_id,
             public_inputs: proof.receipt.journal.bytes.clone(),
@@ -62,34 +63,33 @@ pub(crate) fn aggregate_proofs(
 
     // write input data
     let input = risc0_aggregation_program::Input {
-        merkle_root: input.merkle_root,
         proofs_image_id_and_pub_inputs,
     };
     env_builder
         .write(&input)
-        .map_err(|e| ProofAggregationError::Risc0Proving(e.to_string()))?;
+        .map_err(|e| Risc0AggregationError::WriteInput(e.to_string()))?;
 
     let env = env_builder
         .build()
-        .map_err(|e| ProofAggregationError::Risc0Proving(e.to_string()))?;
+        .map_err(|e| Risc0AggregationError::BuildExecutor(e.to_string()))?;
 
     let prover = default_prover();
 
     let receipt = prover
         .prove_with_opts(env, RISC0_AGGREGATOR_PROGRAM_ELF, &ProverOpts::groth16())
-        .map_err(|e| ProofAggregationError::Risc0Proving(e.to_string()))?
+        .map_err(|e| Risc0AggregationError::Prove(e.to_string()))?
         .receipt;
 
     receipt
         .verify(RISC0_AGGREGATOR_PROGRAM_ID)
-        .map_err(|e| ProofAggregationError::Risc0Proving(e.to_string()))?;
+        .map_err(|e| Risc0AggregationError::Verification(e.to_string()))?;
 
-    let output = Risc0ProofReceiptAndImageId {
+    let proof = Risc0ProofReceiptAndImageId {
         image_id: RISC0_AGGREGATOR_PROGRAM_ID_BYTES,
         receipt,
     };
 
-    Ok(ProgramOutput::new(AggregatedProof::Risc0(output.into())))
+    Ok(proof)
 }
 
 #[derive(Debug)]