Merge pull request #4234 from ethereum-optimism/clabby/ctb-trie/contract-changes

feat(ctb): MPT Fuzzing contract changes

Merge pull request #4234 from ethereum-optimism/clabby/ctb-trie/contract-changes
feat(ctb): MPT Fuzzing contract changes
9b74fd6d · mergify[bot] · GitHub · af8ca902 · ae7947f2 · 9b74fd6d
Commit 9b74fd6d authored Dec 12, 2022 by mergify[bot] Committed by GitHub Dec 12, 2022
8 changed files
--- a/op-bindings/bindings/optimismportal.go
+++ b/op-bindings/bindings/optimismportal.go
--- a/op-bindings/bindings/optimismportal_more.go
+++ b/op-bindings/bindings/optimismportal_more.go
--- a/packages/contracts-bedrock/.gas-snapshot
+++ b/packages/contracts-bedrock/.gas-snapshot
@@ -8,7 +8,7 @@ GasBenchMark_L1StandardBridge_Finalize:test_finalizeETHWithdrawal_benchmark() (g
 GasBenchMark_L2OutputOracle:test_proposeL2Output_benchmark() (gas: 88513)
 GasBenchMark_OptimismPortal:test_depositTransaction_benchmark() (gas: 74998)
 GasBenchMark_OptimismPortal:test_depositTransaction_benchmark_1() (gas: 36156)
-GasBenchMark_OptimismPortal:test_proveWithdrawalTransaction_benchmark() (gas: 167214)
+GasBenchMark_OptimismPortal:test_proveWithdrawalTransaction_benchmark() (gas: 167240)
 CrossDomainMessenger_BaseGas_Test:test_baseGas_succeeds() (gas: 20098)
 CrossDomainOwnableThroughPortal_Test:test_depositTransaction_crossDomainOwner_succeeds() (gas: 61806)
 CrossDomainOwnable_Test:test_onlyOwner_notOwner_reverts() (gas: 10530)
@@ -133,27 +133,27 @@ LegacyERC20ETH_Test:test_mint_doesNotExist_reverts() (gas: 10649)
 LegacyERC20ETH_Test:test_transferFrom_doesNotExist_reverts() (gas: 12887)
 LegacyERC20ETH_Test:test_transfer_doesNotExist_reverts() (gas: 10733)
 LegacyMessagePasser_Test:test_passMessageToL1_succeeds() (gas: 34518)
-MerkleTrie_Test:test_get_corruptedProof_reverts() (gas: 5710)
-MerkleTrie_Test:test_get_extraProofElements_reverts() (gas: 60583)
-MerkleTrie_Test:test_get_invalidDataRemainder_reverts() (gas: 35826)
-MerkleTrie_Test:test_get_invalidInternalNodeHash_reverts() (gas: 50761)
-MerkleTrie_Test:test_get_nonexistentKey1_reverts() (gas: 59623)
-MerkleTrie_Test:test_get_nonexistentKey2_reverts() (gas: 23381)
-MerkleTrie_Test:test_get_smallerPathThanKey1_reverts() (gas: 53477)
-MerkleTrie_Test:test_get_smallerPathThanKey2_reverts() (gas: 54958)
-MerkleTrie_Test:test_get_validProof10_succeeds() (gas: 50523)
-MerkleTrie_Test:test_get_validProof1_succeeds() (gas: 61595)
-MerkleTrie_Test:test_get_validProof2_succeeds() (gas: 71510)
-MerkleTrie_Test:test_get_validProof3_succeeds() (gas: 32801)
-MerkleTrie_Test:test_get_validProof4_succeeds() (gas: 23575)
-MerkleTrie_Test:test_get_validProof5_succeeds() (gas: 84214)
-MerkleTrie_Test:test_get_validProof6_succeeds() (gas: 72950)
-MerkleTrie_Test:test_get_validProof7_succeeds() (gas: 79671)
-MerkleTrie_Test:test_get_validProof8_succeeds() (gas: 50502)
-MerkleTrie_Test:test_get_validProof9_succeeds() (gas: 50545)
-MerkleTrie_Test:test_get_wrongKeyProof_reverts() (gas: 53844)
-MerkleTrie_Test:test_get_zeroBranchValueLength_reverts() (gas: 43200)
-MerkleTrie_Test:test_get_zeroLengthKey_reverts() (gas: 15863)
+MerkleTrie_Test:test_get_corruptedProof_reverts() (gas: 5713)
+MerkleTrie_Test:test_get_extraProofElements_reverts() (gas: 60653)
+MerkleTrie_Test:test_get_invalidDataRemainder_reverts() (gas: 35852)
+MerkleTrie_Test:test_get_invalidInternalNodeHash_reverts() (gas: 50810)
+MerkleTrie_Test:test_get_nonexistentKey1_reverts() (gas: 59671)
+MerkleTrie_Test:test_get_nonexistentKey2_reverts() (gas: 23385)
+MerkleTrie_Test:test_get_smallerPathThanKey1_reverts() (gas: 53547)
+MerkleTrie_Test:test_get_smallerPathThanKey2_reverts() (gas: 55006)
+MerkleTrie_Test:test_get_validProof10_succeeds() (gas: 50593)
+MerkleTrie_Test:test_get_validProof1_succeeds() (gas: 61666)
+MerkleTrie_Test:test_get_validProof2_succeeds() (gas: 71601)
+MerkleTrie_Test:test_get_validProof3_succeeds() (gas: 32827)
+MerkleTrie_Test:test_get_validProof4_succeeds() (gas: 23623)
+MerkleTrie_Test:test_get_validProof5_succeeds() (gas: 84262)
+MerkleTrie_Test:test_get_validProof6_succeeds() (gas: 72998)
+MerkleTrie_Test:test_get_validProof7_succeeds() (gas: 79653)
+MerkleTrie_Test:test_get_validProof8_succeeds() (gas: 50550)
+MerkleTrie_Test:test_get_validProof9_succeeds() (gas: 50593)
+MerkleTrie_Test:test_get_wrongKeyProof_reverts() (gas: 53848)
+MerkleTrie_Test:test_get_zeroBranchValueLength_reverts() (gas: 43270)
+MerkleTrie_Test:test_get_zeroLengthKey_reverts() (gas: 3632)
 OptimismMintableERC20_Test:test_bridge_succeeds() (gas: 7643)
 OptimismMintableERC20_Test:test_burn_notBridge_reverts() (gas: 11165)
 OptimismMintableERC20_Test:test_burn_succeeds() (gas: 51013)
@@ -172,23 +172,23 @@ OptimismPortalUpgradeable_Test:test_initialize_cannotInitImpl_reverts() (gas: 10
 OptimismPortalUpgradeable_Test:test_initialize_cannotInitProxy_reverts() (gas: 15833)
 OptimismPortalUpgradeable_Test:test_params_initValuesOnProxy_succeeds() (gas: 16011)
 OptimismPortalUpgradeable_Test:test_upgradeToAndCall_upgrading_succeeds() (gas: 180457)
-OptimismPortal_FinalizeWithdrawal_Test:test_finalizeWithdrawalTransaction_ifOutputRootChanges_reverts() (gas: 198791)
-OptimismPortal_FinalizeWithdrawal_Test:test_finalizeWithdrawalTransaction_ifOutputTimestampIsNotFinalized_reverts() (gas: 201110)
+OptimismPortal_FinalizeWithdrawal_Test:test_finalizeWithdrawalTransaction_ifOutputRootChanges_reverts() (gas: 198817)
+OptimismPortal_FinalizeWithdrawal_Test:test_finalizeWithdrawalTransaction_ifOutputTimestampIsNotFinalized_reverts() (gas: 201136)
 OptimismPortal_FinalizeWithdrawal_Test:test_finalizeWithdrawalTransaction_ifWithdrawalNotProven_reverts() (gas: 39656)
-OptimismPortal_FinalizeWithdrawal_Test:test_finalizeWithdrawalTransaction_ifWithdrawalProofNotOldEnough_reverts() (gas: 196155)
-OptimismPortal_FinalizeWithdrawal_Test:test_finalizeWithdrawalTransaction_onInsufficientGas_reverts() (gas: 196877)
-OptimismPortal_FinalizeWithdrawal_Test:test_finalizeWithdrawalTransaction_onRecentWithdrawal_reverts() (gas: 176869)
-OptimismPortal_FinalizeWithdrawal_Test:test_finalizeWithdrawalTransaction_onReentrancy_reverts() (gas: 235323)
-OptimismPortal_FinalizeWithdrawal_Test:test_finalizeWithdrawalTransaction_onReplay_reverts() (gas: 236933)
-OptimismPortal_FinalizeWithdrawal_Test:test_finalizeWithdrawalTransaction_provenWithdrawalHash_succeeds() (gas: 228614)
-OptimismPortal_FinalizeWithdrawal_Test:test_finalizeWithdrawalTransaction_targetFails_fails() (gas: 8797746687696163640)
-OptimismPortal_FinalizeWithdrawal_Test:test_finalizeWithdrawalTransaction_timestampLessThanL2OracleStart_reverts() (gas: 192879)
+OptimismPortal_FinalizeWithdrawal_Test:test_finalizeWithdrawalTransaction_ifWithdrawalProofNotOldEnough_reverts() (gas: 196181)
+OptimismPortal_FinalizeWithdrawal_Test:test_finalizeWithdrawalTransaction_onInsufficientGas_reverts() (gas: 197007)
+OptimismPortal_FinalizeWithdrawal_Test:test_finalizeWithdrawalTransaction_onRecentWithdrawal_reverts() (gas: 176895)
+OptimismPortal_FinalizeWithdrawal_Test:test_finalizeWithdrawalTransaction_onReentrancy_reverts() (gas: 235453)
+OptimismPortal_FinalizeWithdrawal_Test:test_finalizeWithdrawalTransaction_onReplay_reverts() (gas: 236959)
+OptimismPortal_FinalizeWithdrawal_Test:test_finalizeWithdrawalTransaction_provenWithdrawalHash_succeeds() (gas: 228640)
+OptimismPortal_FinalizeWithdrawal_Test:test_finalizeWithdrawalTransaction_targetFails_fails() (gas: 8797746687696163641)
+OptimismPortal_FinalizeWithdrawal_Test:test_finalizeWithdrawalTransaction_timestampLessThanL2OracleStart_reverts() (gas: 192905)
 OptimismPortal_FinalizeWithdrawal_Test:test_proveWithdrawalTransaction_onInvalidOutputRootProof_reverts() (gas: 83498)
-OptimismPortal_FinalizeWithdrawal_Test:test_proveWithdrawalTransaction_onInvalidWithdrawalProof_reverts() (gas: 135228)
+OptimismPortal_FinalizeWithdrawal_Test:test_proveWithdrawalTransaction_onInvalidWithdrawalProof_reverts() (gas: 135254)
 OptimismPortal_FinalizeWithdrawal_Test:test_proveWithdrawalTransaction_onSelfCall_reverts() (gas: 50732)
-OptimismPortal_FinalizeWithdrawal_Test:test_proveWithdrawalTransaction_replayProveChangedOutputRoot_succeeds() (gas: 275227)
-OptimismPortal_FinalizeWithdrawal_Test:test_proveWithdrawalTransaction_replayProve_reverts() (gas: 188157)
-OptimismPortal_FinalizeWithdrawal_Test:test_proveWithdrawalTransaction_validWithdrawalProof_succeeds() (gas: 178344)
+OptimismPortal_FinalizeWithdrawal_Test:test_proveWithdrawalTransaction_replayProveChangedOutputRoot_succeeds() (gas: 275279)
+OptimismPortal_FinalizeWithdrawal_Test:test_proveWithdrawalTransaction_replayProve_reverts() (gas: 188183)
+OptimismPortal_FinalizeWithdrawal_Test:test_proveWithdrawalTransaction_validWithdrawalProof_succeeds() (gas: 178370)
 OptimismPortal_Test:test_constructor_succeeds() (gas: 17277)
 OptimismPortal_Test:test_depositTransaction_contractCreation_reverts() (gas: 14267)
 OptimismPortal_Test:test_depositTransaction_createWithZeroValueForContract_succeeds() (gas: 76662)

--- a/packages/contracts-bedrock/contracts/libraries/trie/MerkleTrie.sol
+++ b/packages/contracts-bedrock/contracts/libraries/trie/MerkleTrie.sol
@@ -93,6 +93,8 @@ library MerkleTrie {
        bytes[] memory _proof,
        bytes32 _root
    ) internal pure returns (bytes memory) {
+        require(_key.length > 0, "MerkleTrie: empty key");
+
        TrieNode[] memory proof = _parseProof(_proof);
        bytes memory key = Bytes.toNibbles(_key);
        bytes memory currentNodeID = abi.encodePacked(_root);

--- a/packages/contracts-bedrock/contracts/test/CommonTest.t.sol
+++ b/packages/contracts-bedrock/contracts/test/CommonTest.t.sol
@@ -628,6 +628,25 @@ contract FFIInterface is Test {
        bytes memory result = vm.ffi(cmds);
        return abi.decode(result, (uint256, uint256));
    }
+
+    function getMerkleTrieFuzzCase(string memory variant)
+        external
+        returns (
+            bytes32,
+            bytes memory,
+            bytes memory,
+            bytes[] memory
+        )
+    {
+        string[] memory cmds = new string[](5);
+        cmds[0] = "./test-case-generator/fuzz";
+        cmds[1] = "-m";
+        cmds[2] = "trie";
+        cmds[3] = "-v";
+        cmds[4] = variant;
+
+        return abi.decode(vm.ffi(cmds), (bytes32, bytes, bytes, bytes[]));
+    }
 }

 // Used for testing a future upgrade beyond the current implementations.

--- a/packages/contracts-bedrock/contracts/test/MerkleTrie.t.sol
+++ b/packages/contracts-bedrock/contracts/test/MerkleTrie.t.sol
@@ -5,6 +5,10 @@ import { CommonTest } from "./CommonTest.t.sol";
 import { MerkleTrie } from "../libraries/trie/MerkleTrie.sol";

 contract MerkleTrie_Test is CommonTest {
+    function setUp() public {
+        _setUp();
+    }
+
    function test_get_validProof1_succeeds() external {
        bytes32 root = 0xd582f99275e227a1cf4284899e5ff06ee56da8859be71b553397c69151bc942f;
        bytes memory key = hex"6b6579326262";
@@ -257,7 +261,7 @@ contract MerkleTrie_Test is CommonTest {
        bytes[] memory proof = new bytes[](1);
        proof[0] = hex"c78320f00082b443";

-        vm.expectRevert("MerkleTrie: path remainder must share all nibbles with key");
+        vm.expectRevert("MerkleTrie: empty key");
        MerkleTrie.get(key, proof, root);
    }

@@ -299,4 +303,119 @@ contract MerkleTrie_Test is CommonTest {
        vm.expectRevert("MerkleTrie: value node must be last node in proof (leaf)");
        MerkleTrie.get(key, proof, root);
    }
+
+    /// @notice The `bytes4` parameter is to enable parallel fuzz runs; it is ignored.
+    function testFuzz_get_validProofs_success(bytes4) external {
+        // Generate a test case with a valid proof of inclusion for the k/v pair in the trie.
+        (bytes32 root, bytes memory key, bytes memory val, bytes[] memory proof) = ffi
+            .getMerkleTrieFuzzCase("valid");
+
+        // Assert that our expected value is equal to our actual value.
+        assertEq(val, MerkleTrie.get(key, proof, root));
+    }
+
+    /// @notice The `bytes4` parameter is to enable parallel fuzz runs; it is ignored.
+    function testFuzz_get_invalidRoot_reverts(bytes4) external {
+        // Get a random test case with a valid trie / proof
+        (bytes32 root, bytes memory key, , bytes[] memory proof) = ffi.getMerkleTrieFuzzCase(
+            "valid"
+        );
+
+        bytes32 rootHash = keccak256(abi.encodePacked(root));
+        vm.expectRevert("MerkleTrie: invalid root hash");
+        MerkleTrie.get(key, proof, rootHash);
+    }
+
+    /// @notice The `bytes4` parameter is to enable parallel fuzz runs; it is ignored.
+    function testFuzz_get_extraProofElements_reverts(bytes4) external {
+        // Generate an invalid test case with an extra proof element attached to an otherwise
+        // valid proof of inclusion for the passed k/v.
+        (bytes32 root, bytes memory key, , bytes[] memory proof) = ffi.getMerkleTrieFuzzCase(
+            "extra_proof_elems"
+        );
+
+        vm.expectRevert("MerkleTrie: value node must be last node in proof (leaf)");
+        MerkleTrie.get(key, proof, root);
+    }
+
+    /// @notice The `bytes4` parameter is to enable parallel fuzz runs; it is ignored.
+    function testFuzz_get_invalidLargeInternalHash_reverts(bytes4) external {
+        // Generate an invalid test case where a long proof element is incorrect for the root.
+        (bytes32 root, bytes memory key, , bytes[] memory proof) = ffi.getMerkleTrieFuzzCase(
+            "invalid_large_internal_hash"
+        );
+
+        vm.expectRevert("MerkleTrie: invalid large internal hash");
+        MerkleTrie.get(key, proof, root);
+    }
+
+    /// @notice The `bytes4` parameter is to enable parallel fuzz runs; it is ignored.
+    function testFuzz_get_invalidInternalNodeHash_reverts(bytes4) external {
+        // Generate an invalid test case where a small proof element is incorrect for the root.
+        (bytes32 root, bytes memory key, , bytes[] memory proof) = ffi.getMerkleTrieFuzzCase(
+            "invalid_internal_node_hash"
+        );
+
+        vm.expectRevert("MerkleTrie: invalid internal node hash");
+        MerkleTrie.get(key, proof, root);
+    }
+
+    /// @notice The `bytes4` parameter is to enable parallel fuzz runs; it is ignored.
+    function testFuzz_get_corruptedProof_reverts(bytes4) external {
+        // Generate an invalid test case where the proof is malformed.
+        (bytes32 root, bytes memory key, , bytes[] memory proof) = ffi.getMerkleTrieFuzzCase(
+            "corrupted_proof"
+        );
+
+        vm.expectRevert("RLPReader: decoded item type for list is not a list item");
+        MerkleTrie.get(key, proof, root);
+    }
+
+    /// @notice The `bytes4` parameter is to enable parallel fuzz runs; it is ignored.
+    function testFuzz_get_invalidDataRemainder_reverts(bytes4) external {
+        // Generate an invalid test case where a random element of the proof has more bytes than the
+        // length designates within the RLP list encoding.
+        (bytes32 root, bytes memory key, , bytes[] memory proof) = ffi.getMerkleTrieFuzzCase(
+            "invalid_data_remainder"
+        );
+
+        vm.expectRevert("RLPReader: list item has an invalid data remainder");
+        MerkleTrie.get(key, proof, root);
+    }
+
+    /// @notice The `bytes4` parameter is to enable parallel fuzz runs; it is ignored.
+    function testFuzz_get_prefixedValidKey_reverts(bytes4) external {
+        // Get a random test case with a valid trie / proof and a valid key that is prefixed
+        // with random bytes
+        (bytes32 root, bytes memory key, , bytes[] memory proof) = ffi.getMerkleTrieFuzzCase(
+            "prefixed_valid_key"
+        );
+
+        // Ambiguous revert check- all that we care is that it *does* fail. This case may
+        // fail within different branches.
+        vm.expectRevert();
+        MerkleTrie.get(key, proof, root);
+    }
+
+    /// @notice The `bytes4` parameter is to enable parallel fuzz runs; it is ignored.
+    function testFuzz_get_emptyKey_reverts(bytes4) external {
+        // Get a random test case with a valid trie / proof and an empty key
+        (bytes32 root, bytes memory key, , bytes[] memory proof) = ffi.getMerkleTrieFuzzCase(
+            "empty_key"
+        );
+
+        vm.expectRevert("MerkleTrie: empty key");
+        MerkleTrie.get(key, proof, root);
+    }
+
+    /// @notice The `bytes4` parameter is to enable parallel fuzz runs; it is ignored.
+    function testFuzz_get_partialProof_reverts(bytes4) external {
+        // Get a random test case with a valid trie / partially correct proof
+        (bytes32 root, bytes memory key, , bytes[] memory proof) = ffi.getMerkleTrieFuzzCase(
+            "partial_proof"
+        );
+
+        vm.expectRevert("MerkleTrie: ran out of proof elements");
+        MerkleTrie.get(key, proof, root);
+    }
 }
--- a/packages/contracts-bedrock/package.json
+++ b/packages/contracts-bedrock/package.json
@@ -17,19 +17,20 @@
    "build:forge": "forge build",
    "build:with-metadata": "FOUNDRY_PROFILE=echidna yarn build:forge",
    "build:differential": "tsc scripts/differential-testing.ts --outDir dist --moduleResolution node --esModuleInterop",
+    "build:fuzz": "go build -o test-case-generator test-case-generator/cmd/fuzz.go",
    "prebuild": "yarn ts-node scripts/verify-foundry-install.ts",
    "build": "hardhat compile && yarn autogen:artifacts && yarn build:ts && yarn typechain",
    "build:ts": "tsc -p tsconfig.build.json",
    "autogen:artifacts": "ts-node scripts/generate-artifacts.ts",
    "deploy": "hardhat deploy",
-    "test": "yarn build:differential && forge test",
-    "coverage": "yarn build:differential && forge coverage",
-    "coverage:lcov": "yarn build:differential && forge coverage --report lcov",
-    "gas-snapshot": "yarn build:differential && forge snapshot --no-match-test 'testDiff|testFuzz'",
+    "test": "yarn build:differential && yarn build:fuzz && forge test",
+    "coverage": "yarn build:differential && yarn build:fuzz && forge coverage",
+    "coverage:lcov": "yarn build:differential && yarn build:fuzz && forge coverage --report lcov",
+    "gas-snapshot": "yarn build:differential && yarn build:fuzz && forge snapshot --no-match-test 'testDiff|testFuzz'",
    "storage-snapshot": "./scripts/storage-snapshot.sh",
    "validate-spacers": "hardhat validate-spacers",
    "slither": "./scripts/slither.sh",
-    "clean": "rm -rf ./dist ./artifacts ./forge-artifacts ./cache ./tsconfig.tsbuildinfo ./src/contract-artifacts.ts",
+    "clean": "rm -rf ./dist ./artifacts ./forge-artifacts ./cache ./tsconfig.tsbuildinfo ./src/contract-artifacts.ts ./test-case-generator/fuzz",
    "lint:ts:check": "eslint . --max-warnings=0",
    "lint:forge-tests:check": "ts-node scripts/forge-test-names.ts",
    "lint:contracts:check": "yarn solhint -f table 'contracts/**/*.sol' && yarn lint:forge-tests:check",

--- a/packages/contracts-bedrock/test-case-generator/README.md
+++ b/packages/contracts-bedrock/test-case-generator/README.md
@@ -10,6 +10,8 @@ A lightweight input fuzzing utility used for testing various Bedrock contracts.

 ## Usage

+To build, run `yarn build:fuzz` from this directory or the `contract-bedrock` package.
+
 To generate an abi-encoded fuzz case, pass in a mode via the `-m` flag as well as an optional variant via the `-v` flag.

 ### Available Modes