fix keccak input bytes

zkevm-circuits/src/sig_circuit.rs

@@ -280,7 +280,7 @@ impl<F: Field> SubCircuit<F> for SigCircuit<F> {
             &self.signatures_r1,
             challenges,
         )?;
-        
+
         println!("end_assign");
         Ok(())
     }
@@ -848,7 +848,6 @@ impl<F: Field> SigCircuit<F> {
         sign_data_decomposed: &SignDataDecomposed<F>,
         challenges: &Challenges<Value<F>>,
         assigned_ecdsa: &AssignedECDSA<F, FpConfig<F, Fp>>,
-        //assigned_ecdsa: &AssignedECDSA<F, FpChipK1<F>>,
     ) -> Result<([AssignedValue<F>; 3], AssignedSignatureVerify<F>), Error> {
         // ================================================
         // step 0. powers of aux parameters
@@ -984,11 +983,11 @@ impl<F: Field> SigCircuit<F> {
                     .iter()
                     .map(|sign_data| self.assign_ecdsa_generic(&mut ctx, ecdsa_r1_chip, sign_data))
                     .collect::<Result<Vec<AssignedECDSA<F, FpChipR1<F>>>, Error>>()?;
-           
+
                 // ================================================
                 // step 2: decompose the keys and messages
                 // ================================================
-                
+
                 let sign_data_k1_decomposed = signatures_k1
                     .iter()
                     .chain(std::iter::repeat(&SignData::default()))
@@ -1030,7 +1029,6 @@ impl<F: Field> SigCircuit<F> {
                     ctx.next_phase();
                 }
 
-                println!("after to finalize phase");
                 // ================================================
                 // step 3: compute RLC of keys and messages
                 // ================================================
@@ -1084,14 +1082,24 @@ impl<F: Field> SigCircuit<F> {
                     >>()?
                     .into_iter()
                     .unzip();
-                
+
                 // append keccak & sig values of r1
-                 assigned_keccak_values.extend(assigned_keccak_values_r1);
-                 assigned_sig_values.extend(assigned_sig_values_r1);
+                println!(
+                    "before assigned_keccak_values size {} {:?}",
+                    assigned_keccak_values.len(),
+                    assigned_keccak_values
+                );
+                assigned_keccak_values.extend(assigned_keccak_values_r1);
+                assigned_sig_values.extend(assigned_sig_values_r1);
 
                 // ================================================
                 // step 4: deferred keccak checks
                 // ================================================
+                println!(
+                    "assigned_keccak_values size {} {:?}",
+                    assigned_keccak_values.len(),
+                    assigned_keccak_values
+                );
                 for (i, [is_address_zero, pk_rlc, pk_hash_rlc]) in
                     assigned_keccak_values.iter().enumerate()
                 {

zkevm-circuits/src/sig_circuit/dev.rs

@@ -56,9 +56,13 @@ impl<F: Field> Circuit<F> for SigCircuit<F> {
     ) -> Result<(), Error> {
         let challenges = config.challenges.values(&layouter);
         self.synthesize_sub(&config.sign_verify, &challenges, &mut layouter)?;
+        let mut keccak_inputs_sign = keccak_inputs_sign_verify(&self.signatures_k1);
+        let keccak_inputs_r1 = keccak_inputs_sign_verify(&self.signatures_r1);
+        keccak_inputs_sign.extend(keccak_inputs_r1);
+
         config.sign_verify.keccak_table.dev_load(
             &mut layouter,
-            &keccak_inputs_sign_verify(&self.signatures_k1),
+            &keccak_inputs_sign,
             &challenges,
         )?;
         /*

zkevm-circuits/src/witness/keccak.rs

@@ -1,10 +1,13 @@
 use bus_mapping::Error;
 use eth_types::{
     geth_types::TxType,
-    sign_types::{get_dummy_tx, pk_bytes_le, pk_bytes_swap_endianness, SignData},
+    sign_types::{get_dummy_tx, pk_bytes_le_generic, pk_bytes_swap_endianness, SignData},
     ToBigEndian, ToWord, Word, H256,
 };
 use ethers_core::utils::keccak256;
+use ff::PrimeField;
+use halo2_base::utils::CurveAffineExt;
+use halo2_proofs::arithmetic::CurveAffine;
 use halo2_proofs::halo2curves::{
     secp256k1::{self, Secp256k1Affine},
     secp256r1::{self, Secp256r1Affine},
@@ -73,13 +76,17 @@ pub fn keccak_inputs(block: &Block) -> Result<Vec<Vec<u8>>, Error> {
 /// Generate the keccak inputs required by the SignVerify Chip from the
 /// signature datas.
 /// TODO: check if need to support p256 SignData type later.
-pub fn keccak_inputs_sign_verify(
-    sigs: &[SignData<secp256k1::Fq, Secp256k1Affine>],
+pub fn keccak_inputs_sign_verify<
+    Fp: PrimeField<Repr = [u8; 32]> + halo2_base::utils::ScalarField,
+    Fq: PrimeField<Repr = [u8; 32]> + halo2_base::utils::ScalarField,
+    Affine: CurveAffine<Base = Fp, ScalarExt = Fq> + CurveAffineExt,
+>(
+    sigs: &[SignData<Fq, Affine>],
 ) -> Vec<Vec<u8>> {
     let mut inputs = Vec::new();
     let dummy_sign_data = SignData::default();
-    for sig in sigs.iter().chain(std::iter::once(&dummy_sign_data)) {
-        let pk_le = pk_bytes_le(&sig.pk);
+    for sig in sigs {
+        let pk_le = pk_bytes_le_generic(&sig.pk);
         let pk_be = pk_bytes_swap_endianness(&pk_le);
         inputs.push(pk_be.to_vec());
         inputs.push(sig.msg.to_vec());