adjust the cost of secp256k1_verify upwards by 450k

Chia-Network · Jun 15, 2023 · dce0245 · dce0245
1 parent 099efc5
commit dce0245
Show file tree

Hide file tree

Showing 9 changed files with 49 additions and 49 deletions.
diff --git a/op-tests/test-secp-verify.txt b/op-tests/test-secp-verify.txt
@@ -1,5 +1,5 @@
 ; verify k1
-secp256k1_verify 0x02888b0c110ef0b4962e3fc6929cbba7a8bb25b4b2c885f55c76365018c909b439 0x74c2941eb2ebe5aa4f2287a4c5e506a6290c045004058de97a7edf0122548668 0x1acb7a6e062e78ccd4237b12c22f02b5a8d9b33cb3ba13c35e88e036baa1cbca75253bb9a96ffc48b43196c69c2972d8f965b1baa4e52348d8081cde65e6c018 => 0 | 850000
+secp256k1_verify 0x02888b0c110ef0b4962e3fc6929cbba7a8bb25b4b2c885f55c76365018c909b439 0x74c2941eb2ebe5aa4f2287a4c5e506a6290c045004058de97a7edf0122548668 0x1acb7a6e062e78ccd4237b12c22f02b5a8d9b33cb3ba13c35e88e036baa1cbca75253bb9a96ffc48b43196c69c2972d8f965b1baa4e52348d8081cde65e6c018 => 0 | 1300000
 secp256k1_verify 0x02888b0c110ef0b4962e3fc6929cbba7a8bb25b4b2c885f55c76365018c909b439 0x74c2941eb2ebe5aa4f2287a4c5e506a6290c045004058de97a7edf0122548668 0x1acb7a6e062e78ccd4237b12c22f02b5a8d9b33cb3ba13c35e88e036baa1cbca75253bb9a96ffc48b43196c69c2972d8f965b1baa4e52348d8081cde65e6c019 => FAIL
 
 ; arguments too long

diff --git a/op-tests/test-secp256k1.txt b/op-tests/test-secp256k1.txt
diff --git a/src/chia_dialect.rs b/src/chia_dialect.rs
@@ -92,11 +92,11 @@ impl Dialect for ChiaDialect {
             let opcode = u32::from_be_bytes(b.try_into().unwrap());
 
             if (self.flags & ENABLE_SECP_OPS) != 0 {
-                // the secp operators have a fixed cost of 1850000 and 850000,
+                // the secp operators have a fixed cost of 1850000 and 1300000,
                 // which makes the multiplier 0x1c3a8f and 0x0cf84f (there is an
                 // implied +1) and cost function 0
                 let f = match opcode {
-                    0x0cf84f00 => op_secp256k1_verify,
+                    0x13d61f00 => op_secp256k1_verify,
                     0x1c3a8f00 => op_secp256r1_verify,
                     _ => {
                         return unknown_operator(allocator, o, argument_list, self.flags, max_cost);

diff --git a/src/run_program.rs b/src/run_program.rs
@@ -1264,7 +1264,7 @@ const TEST_CASES: &[RunProgramTest] = &[
         args: "()",
         flags: ENABLE_SECP_OPS,
         result: Some("0"),
-        cost: 850061,
+        cost: 1300061,
         err: "",
     },
     // invalid signature
@@ -1281,7 +1281,7 @@ const TEST_CASES: &[RunProgramTest] = &[
         args: "()",
         flags: 0,
         result: Some("0"),
-        cost: 850061,
+        cost: 1300061,
         err: "",
     },
 

diff --git a/src/secp_ops.rs b/src/secp_ops.rs
@@ -9,7 +9,7 @@ use p256::ecdsa::signature::hazmat::PrehashVerifier;
 use p256::ecdsa::{Signature as P1Signature, VerifyingKey as P1VerifyingKey};
 
 const SECP256R1_VERIFY_COST: Cost = 1850000;
-const SECP256K1_VERIFY_COST: Cost = 850000;
+const SECP256K1_VERIFY_COST: Cost = 1300000;
 
 // expects: pubkey msg sig
 pub fn op_secp256r1_verify(a: &mut Allocator, input: NodePtr, max_cost: Cost) -> Response {

diff --git a/src/test_ops.rs b/src/test_ops.rs
@@ -99,7 +99,7 @@ fn parse_atom(a: &mut Allocator, v: &str) -> NodePtr {
             "g2_map" => a.new_atom(&[57]).unwrap(),
             "bls_pairing_identity" => a.new_atom(&[58]).unwrap(),
             "bls_verify" => a.new_atom(&[59]).unwrap(),
-            "secp256k1_verify" => a.new_atom(&[0x0c, 0xf8, 0x4f, 0x00]).unwrap(),
+            "secp256k1_verify" => a.new_atom(&[0x13, 0xd6, 0x1f, 0x00]).unwrap(),
             "secp256r1_verify" => a.new_atom(&[0x1c, 0x3a, 0x8f, 0x00]).unwrap(),
             _ => {
                 panic!("atom not supported \"{}\"", v);

diff --git a/tools/generate-secp256k1-tests.py b/tools/generate-secp256k1-tests.py
@@ -11,7 +11,7 @@ def flip_bit(b: bytes) -> bytearray:
 
 def print_validation_test_case(f, num_cases, filter_pk, filter_msg, filter_sig, expect: str):
     sks = sample(secret_keys, num_cases)
-    cost = 850000
+    cost = 1300000
     sigs = []
 
     args = ""

diff --git a/tools/src/bin/benchmark-clvm-cost.rs b/tools/src/bin/benchmark-clvm-cost.rs
@@ -376,7 +376,7 @@ pub fn main() {
             mode: Mode::MultiArg,
         },
         Operator {
-            opcode: 0x0cf84f00,
+            opcode: 0x13d61f00,
             name: "secp256k1_verify",
             arg: OpArgs::ThreeArgs(k1_pk, k1_msg, k1_sig),
             extra: None,

diff --git a/tools/src/bin/generate-fuzz-corpus.rs b/tools/src/bin/generate-fuzz-corpus.rs
@@ -271,7 +271,7 @@ const OPERATORS: [OperatorInfo; 79] = [
     ),
     // op_secp256k1_verify
     op(
-        0x0cf84f00,
+        0x13d61f00,
         &[Type::Sec1, Type::Bytes32, Type::Sig],
         Type::Zero,
     ),