Skip to content

scroll-tech/scroll-sc-tools

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

13 Commits
scripts
scripts
 
 
src
src
 
 
.gitignore
.gitignore
 
 
Cargo.lock
Cargo.lock
 
 
Cargo.toml
Cargo.toml
 
 
README.md
README.md
 
 
rust-toolchain.toml
rust-toolchain.toml
 
 

Repository files navigation

Scroll Security Council Tools

The repository offers tools for the Security Council to run and validate certain operations against Scroll's ZkVM release

Setup

  • Clone the scroll-sc-tools repository:
$ git clone [email protected]:scroll-tech/scroll-sc-tools.git && cd scroll-sc-tools
rustup toolchain install nightly-2025-02-14

Generate Verifier

Scroll's ZkVM architecture proves Scroll's L2 blocks in layers (chunking -> batching -> bundling) where only the final layer (aka bundle) is an EVM-verifiable SNARK proof.

This proof is verified as part of the Bundle Finalization on-chain transaction.

The proof itself is verified by a Verifier contract, that's essentially a PLONK-verifier constructed using OpenVM's SDK. The Verifier contract is deployed on Sepolia and Mainnet.

The generate-verifier command allows one to trustlessly re-generate the verifier contract and prints out its codehash, that can be validated against on-chain available data.

Prerequisite

$ cargo install svm-rs

$ svm install 0.8.19

$ solc --version

In order to generate the verifier contract, we also need to first get the KZG trusted setup parameters.

  • Download the params
$ bash scripts/download-params.sh
  • Generate the verifier contract:
$ RUST_MIN_STACK=16777216 cargo run --release -- generate-verifier

Note: The above step requires very large amounts of computation and memory (~200 GB). It took about 4 minutes on AWS c7a.24xlarge.

Compute Digests

The final layer (aka bundle) circuit is identified by two digests, namely digest_1 and digest_2.

  • digest_1: Attestation to the circuit code/logic. Any modification to the circuitry, to any layer including and below the final layer, will trigger a change to this digest value.
  • digest_2: Attestation to the circuit config. The openvm.toml files configure each circuit (chunk/batch/bundle) and finally this digest value will change if any of those was modified.

An important requirement for "proof generation" to "on-chain verification" is that the on-chain verifier must populate these digests (constants) so as to disallow proof submitter to potentially post digests for malicious circuitry. These digests are available on-chain in the deployed contracts on Sepolia and Mainnet.

An independent party can re-compute these digests from the ZkVM released circuitry and validate against on-chain values.

# Euclid Phase-1
$ cargo run -- compute-digest --phase-1

# Euclid Phase-2
$ cargo run -- compute-digest --phase-2

About

Scroll Security Council Tools

Resources

Readme
Activity
Custom properties

Stars

0 stars

Watchers

2 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Contributors 3

  •  
  •  
  •  

Languages