feat: sgx verifier

hardhat-test/ZkEvmVerifierV2.spec.ts

@@ -95,7 +95,12 @@ describe("ZkEvmVerifierV2", async () => {
         const chainProxy = await TransparentUpgradeableProxy.deploy(empty.getAddress(), admin.getAddress(), "0x");
 
         const ScrollChainMockBlob = await ethers.getContractFactory("ScrollChainMockBlob", deployer);
-        const chainImpl = await ScrollChainMockBlob.deploy(layer2ChainId, deployer.address, verifier.getAddress());
+        const chainImpl = await ScrollChainMockBlob.deploy(
+          layer2ChainId,
+          deployer.address,
+          verifier.getAddress(),
+          verifier.getAddress()
+        );
         await admin.upgrade(chainProxy.getAddress(), chainImpl.getAddress());
 
         chain = await ethers.getContractAt("ScrollChainMockBlob", await chainProxy.getAddress(), deployer);
@@ -129,7 +134,7 @@ describe("ZkEvmVerifierV2", async () => {
         const withdrawRoot = hexlify(publicInputs.subarray(140, 172));
 
         await chain.setOverrideBatchHashCheck(true);
-        await chain.setLastFinalizedBatchIndex(lastFinalizedBatchIndex);
+        await chain.setLastZkpVerifiedBatchIndex(lastFinalizedBatchIndex);
         await chain.setFinalizedStateRoots(lastFinalizedBatchIndex, prevStateRoot);
         await chain.setCommittedBatches(lastFinalizedBatchIndex, prevBatchHash);
         await chain.setCommittedBatches(batchIndex, batchHash);

scripts/foundry/DeployL1BridgeContracts.s.sol

@@ -109,7 +109,13 @@ contract DeployL1BridgeContracts is Script {
     }
 
     function deployScrollChain() internal {
-        ScrollChain impl = new ScrollChain(CHAIN_ID_L2, L1_MESSAGE_QUEUE_PROXY_ADDR, address(rollupVerifier));
+        ScrollChain impl = new ScrollChain(
+            CHAIN_ID_L2,
+            L1_MESSAGE_QUEUE_PROXY_ADDR,
+            address(rollupVerifier),
+            address(0),
+            0
+        );
 
         logAddress("L1_SCROLL_CHAIN_IMPLEMENTATION_ADDR", address(impl));
     }

src/L1/rollup/IScrollChain.sol

@@ -19,13 +19,49 @@ interface IScrollChain {
     /// @param batchHash The hash of the batch
     event RevertBatch(uint256 indexed batchIndex, bytes32 indexed batchHash);
 
+    /// @notice Emitted when a batch is verified by zk proof
+    /// @param batchIndex The index of the batch.
+    /// @param batchHash The hash of the batch
+    /// @param stateRoot The state root on layer 2 after this batch.
+    /// @param withdrawRoot The merkle root on layer2 after this batch.
+    event VerifyBatchWithZkp(
+        uint256 indexed batchIndex,
+        bytes32 indexed batchHash,
+        bytes32 stateRoot,
+        bytes32 withdrawRoot
+    );
+
+    /// @notice Emitted when a batch is verified by tee proof
+    /// @param batchIndex The index of the batch.
+    /// @param batchHash The hash of the batch
+    /// @param stateRoot The state root on layer 2 after this batch.
+    /// @param withdrawRoot The merkle root on layer2 after this batch.
+    event VerifyBatchWithTee(
+        uint256 indexed batchIndex,
+        bytes32 indexed batchHash,
+        bytes32 stateRoot,
+        bytes32 withdrawRoot
+    );
+
     /// @notice Emitted when a batch is finalized.
     /// @param batchIndex The index of the batch.
     /// @param batchHash The hash of the batch
     /// @param stateRoot The state root on layer 2 after this batch.
     /// @param withdrawRoot The merkle root on layer2 after this batch.
     event FinalizeBatch(uint256 indexed batchIndex, bytes32 indexed batchHash, bytes32 stateRoot, bytes32 withdrawRoot);
 
+    /// @notice Emitted when state between zk proof and tee proof mismatch
+    /// @param batchIndex The index of the batch.
+    /// @param stateRoot The state root from tee proof.
+    /// @param withdrawRoot The correct withdraw root from tee proof.
+    event StateMismatch(uint256 indexed batchIndex, bytes32 stateRoot, bytes32 withdrawRoot);
+
+    /// @notice Emitted when mismatched state is resolved.
+    /// @param batchIndex The index of the batch.
+    /// @param stateRoot The correct state root.
+    /// @param withdrawRoot The correct withdraw root.
+    event ResolveState(uint256 indexed batchIndex, bytes32 stateRoot, bytes32 withdrawRoot);
+
     /// @notice Emitted when owner updates the status of sequencer.
     /// @param account The address of account updated.
     /// @param status The status of the account updated.
@@ -41,25 +77,59 @@ interface IScrollChain {
     /// @param newMaxNumTxInChunk The new value of `maxNumTxInChunk`.
     event UpdateMaxNumTxInChunk(uint256 oldMaxNumTxInChunk, uint256 newMaxNumTxInChunk);
 
+    /// @notice Emitted when bundle size initialized.
+    /// @param size The size of bundle (i.e. number of batches in bundle).
+    /// @param index The start batch index for this size.
+    event InitializeBundleSize(uint256 size, uint256 index);
+
+    /// @notice Emitted when bundle size updated.
+    /// @param index The array index of bundle size array.
+    /// @param size The size of bundle (i.e. number of batches in bundle).
+    /// @param batchIndex The start batch index for this size.
+    event ChangeBundleSize(uint256 index, uint256 size, uint256 batchIndex);
+
+    /// @notice Emitted when enable new proof types.
+    /// @param oldMask The previous enabled proof types.
+    /// @param newMask The current enabled proof types.
+    event EnableProofTypes(uint256 oldMask, uint256 newMask);
+
     /*************************
      * Public View Functions *
      *************************/
 
     /// @return The latest finalized batch index.
     function lastFinalizedBatchIndex() external view returns (uint256);
 
+    /// @return The latest verified batch index by zkp proof.
+    function lastZkpVerifiedBatchIndex() external view returns (uint256);
+
+    /// @return The latest verified batch index by tee proof.
+    function lastTeeVerifiedBatchIndex() external view returns (uint256);
+
+    /// @notice Return the batch hash for a given batch.
+    ///
     /// @param batchIndex The index of the batch.
     /// @return The batch hash of a committed batch.
     function committedBatches(uint256 batchIndex) external view returns (bytes32);
 
+    /// @notice Return the finalized state root for a given batch.
+    ///
+    /// @dev Users should call `isBatchFinalized(batchIndex)` before call this function.
+    ///
     /// @param batchIndex The index of the batch.
     /// @return The state root of a committed batch.
     function finalizedStateRoots(uint256 batchIndex) external view returns (bytes32);
 
+    /// @notice Return the finalized withdraw root for a given batch.
+    ///
+    /// @dev Users should call `isBatchFinalized(batchIndex)` before call this function.
+    ///
     /// @param batchIndex The index of the batch.
     /// @return The message root of a committed batch.
     function withdrawRoots(uint256 batchIndex) external view returns (bytes32);
 
+    /// @notice Return whether a batch is finalized.
+    ///
     /// @param batchIndex The index of the batch.
     /// @return Whether the batch is finalized by batch index.
     function isBatchFinalized(uint256 batchIndex) external view returns (bool);
@@ -107,6 +177,7 @@ interface IScrollChain {
     /// @param lastBatchHeader The header of last batch to revert, see the encoding in comments of `commitBatch`.
     function revertBatch(bytes calldata firstBatchHeader, bytes calldata lastBatchHeader) external;
 
+    /* This function will never be used since we already upgrade to Darwin. We comment out the codes for reference.
     /// @notice Finalize a committed batch (with blob) on layer 1.
     ///
     /// @dev Memory layout of `blobDataProof`:
@@ -128,9 +199,10 @@ interface IScrollChain {
         bytes calldata blobDataProof,
         bytes calldata aggrProof
     ) external;
+    */
 
     /// @notice Finalize a list of committed batches (i.e. bundle) on layer 1.
-    /// @param batchHeader The header of last batch in current bundle, see the encoding in comments of `commitBatch.
+    /// @param batchHeader The header of last batch in current bundle, see the encoding in comments of `commitBatch`.
     /// @param postStateRoot The state root after current bundle.
     /// @param withdrawRoot The withdraw trie root after current batch.
     /// @param aggrProof The aggregation proof for current bundle.
@@ -140,4 +212,16 @@ interface IScrollChain {
         bytes32 withdrawRoot,
         bytes calldata aggrProof
     ) external;
+
+    /// @notice Finalize a list of committed batches (i.e. bundle) on layer 1 with TEE proof.
+    /// @param batchHeader The header of last batch in current bundle, see the encoding in comments of `commitBatch`.
+    /// @param postStateRoot The state root after current bundle.
+    /// @param withdrawRoot The withdraw trie root after current batch.
+    /// @param teeProof The tee proof for current bundle.
+    function finalizeBundleWithTeeProof(
+        bytes calldata batchHeader,
+        bytes32 postStateRoot,
+        bytes32 withdrawRoot,
+        bytes calldata teeProof
+    ) external;
 }

src/L1/rollup/MultipleVersionRollupVerifier.sol

@@ -76,10 +76,7 @@ contract MultipleVersionRollupVerifier is IRollupVerifier, Ownable {
         return legacyVerifiers[_version].length;
     }
 
-    /// @notice Compute the verifier should be used for specific batch.
-    /// @param _version The version of verifier to query.
-    /// @param _batchIndex The batch index to query.
-    /// @return The address of verifier.
+    /// @inheritdoc IRollupVerifier
     function getVerifier(uint256 _version, uint256 _batchIndex) public view returns (address) {
         // Normally, we will use the latest verifier.
         Verifier memory _verifier = latestVerifier[_version];