made signal verify more generic

LeoPatOZ · LeoPatOZ · commit 1d7ed4e8f6e8 · 2025-04-04T14:46:09.000+01:00
comment
diff --git a/src/libs/LibSignal.sol b/src/libs/LibSignal.sol
@@ -87,4 +87,12 @@ library LibSignal {
             address(this), deriveSlot(chainId, sender, value), value, root, accountProof, storageProof
         );
     }
+
+    function verifySignal(bytes32 root, uint64 chainId, address sender, bytes32 value, bytes[] memory storageProof)
+        internal
+        pure
+        returns (bool valid)
+    {
+        valid = LibTrieProof.verifyState(LibSignal.deriveSlot(chainId, sender, value), value, root, storageProof);
+    }
 }
diff --git a/src/protocol/ETHBridge.sol b/src/protocol/ETHBridge.sol
@@ -1,8 +1,6 @@
 // SPDX-License-Identifier: MIT
 pragma solidity ^0.8.28;
 
-import {LibTrieProof} from "../libs/LibTrieProof.sol";
-
 import {IETHBridge} from "./IETHBridge.sol";
 import {StorageSlot} from "@openzeppelin/contracts/utils/StorageSlot.sol";
 
@@ -39,12 +37,10 @@ abstract contract ETHBridge is IETHBridge {
     }
 
     /// @inheritdoc IETHBridge
-    function claimDeposit(
-        ETHDeposit memory deposit,
-        uint256 height,
-        bytes[] memory accountProof,
-        bytes[] memory storageProof
-    ) external virtual returns (bytes32 id);
+    function claimDeposit(ETHDeposit memory deposit, uint256 height, bytes memory proof)
+        external
+        virtual
+        returns (bytes32 id);
 
     /// @dev Processes deposit claim by id.
     /// @param id Identifier of the deposit
diff --git a/src/protocol/IETHBridge.sol b/src/protocol/IETHBridge.sol
@@ -56,12 +56,8 @@ interface IETHBridge {
     /// sent to the receiver (`to`) after verifying a storage proof.
     /// @param deposit The ETH deposit
     /// @param height The `height` of the checkpoint on the source chain (i.e. the block number or commitmentId)
-    /// @param accountProof Merkle proof for the contract's account against the state root
-    /// @param storageProof Merkle proof for the derived storage slot against the account's storage root
-    function claimDeposit(
-        ETHDeposit memory deposit,
-        uint256 height,
-        bytes[] memory accountProof,
-        bytes[] memory storageProof
-    ) external returns (bytes32 id);
+    /// @param proof Encoded proof of the storage slot where the deposit is stored
+    function claimDeposit(ETHDeposit memory deposit, uint256 height, bytes memory proof)
+        external
+        returns (bytes32 id);
 }
diff --git a/src/protocol/ISignalService.sol b/src/protocol/ISignalService.sol
@@ -9,6 +9,11 @@ pragma solidity ^0.8.28;
 ///
 /// Signals are broadcast without specific recipients, allowing flexible cross-chain messaging
 interface ISignalService {
+    struct SignalProof {
+        bytes[] accountProof;
+        bytes[] storageProof;
+    }
+
     /// @dev Emitted when a signal is sent.
     /// @param sender The address that sent the signal on the source chain
     /// @param value The signal value
@@ -43,14 +48,6 @@ interface ISignalService {
     /// @param height This refers to the block number / commitmentId where the trusted root is mapped to
     /// @param sender The address that originally sent the signal on the source chain
     /// @param value The signal value to verify
-    /// @param accountProof Merkle proof for the contract's account against the state root
-    /// @param storageProof Merkle proof for the derived storage slot against the account's storage root
-    function verifySignal(
-        uint64 chainId,
-        uint256 height,
-        address sender,
-        bytes32 value,
-        bytes[] memory accountProof,
-        bytes[] memory storageProof
-    ) external;
+    /// @param proof The encoded value of the SignalProof struct
+    function verifySignal(uint64 chainId, uint256 height, address sender, bytes32 value, bytes memory proof) external;
 }
diff --git a/src/protocol/SignalService.sol b/src/protocol/SignalService.sol
@@ -34,15 +34,8 @@ contract SignalService is ISignalService, ETHBridge, CommitmentStore {
     }
 
     /// @inheritdoc ISignalService
-    function verifySignal(
-        uint64 chainId,
-        uint256 height,
-        address sender,
-        bytes32 value,
-        bytes[] memory accountProof,
-        bytes[] memory storageProof
-    ) external {
-        _verifySignal(chainId, height, sender, value, accountProof, storageProof);
+    function verifySignal(uint64 chainId, uint256 height, address sender, bytes32 value, bytes memory proof) external {
+        _verifySignal(chainId, height, sender, value, proof);
         emit SignalVerified(chainId, sender, value);
     }
 
@@ -55,29 +48,40 @@ contract SignalService is ISignalService, ETHBridge, CommitmentStore {
     // CHECK: Should this function be non-reentrant?
     /// @inheritdoc ETHBridge
     /// @dev Overrides ETHBridge.claimDeposit to add signal verification logic.
-    function claimDeposit(
-        ETHDeposit memory deposit,
-        uint256 height,
-        bytes[] memory accountProof,
-        bytes[] memory storageProof
-    ) external override returns (bytes32 id) {
+    function claimDeposit(ETHDeposit memory deposit, uint256 height, bytes memory proof)
+        external
+        override
+        returns (bytes32 id)
+    {
         id = _generateId(deposit);
 
-        _verifySignal(deposit.chainId, height, deposit.from, id, accountProof, storageProof);
+        _verifySignal(deposit.chainId, height, deposit.from, id, proof);
 
         super._processClaimDepositWithId(id, deposit);
     }
 
-    function _verifySignal(
-        uint64 chainId,
-        uint256 height,
-        address sender,
-        bytes32 value,
-        bytes[] memory accountProof,
-        bytes[] memory storageProof
-    ) internal view {
+    function _verifySignal(uint64 chainId, uint256 height, address sender, bytes32 value, bytes memory proof)
+        internal
+        view
+        virtual
+    {
+        // TODO: commitmentAt(height) might not be the 'state root' of the chain
+        // For now it could be the block hash or other hashed value
+        // further work is needed to ensure we get the 'state root' of the chain
         bytes32 root = commitmentAt(height);
-        bool valid = LibSignal.verifySignal(root, chainId, sender, value, accountProof, storageProof);
+
+        SignalProof memory signalProof = abi.decode(proof, (SignalProof));
+        bytes[] memory accountProof = signalProof.accountProof;
+        bytes[] memory storageProof = signalProof.storageProof;
+        bool valid;
+        // If the account proof is empty we assume `root` is the root of the signal tree
+        if (accountProof.length == 0) {
+            // Only verifies a state proof not full storage proof
+            valid = LibSignal.verifySignal(root, chainId, sender, value, storageProof);
+            require(valid, SignalNotReceived(chainId, value));
+            return;
+        }
+        valid = LibSignal.verifySignal(root, chainId, sender, value, accountProof, storageProof);
         require(valid, SignalNotReceived(chainId, value));
     }
 }

Original file line number	Diff line number	Diff line change
`@@ -87,4 +87,12 @@ library LibSignal {`
`87`	`87`	`address(this), deriveSlot(chainId, sender, value), value, root, accountProof, storageProof`
`88`	`88`	`);`
`89`	`89`	`}`
	`90`	`+`
	`91`	`+ function verifySignal(bytes32 root, uint64 chainId, address sender, bytes32 value, bytes[] memory storageProof)`
	`92`	`+ internal`
	`93`	`+ pure`
	`94`	`+ returns (bool valid)`
	`95`	`+ {`
	`96`	`+ valid = LibTrieProof.verifyState(LibSignal.deriveSlot(chainId, sender, value), value, root, storageProof);`
	`97`	`+ }`
`90`	`98`	`}`