[NCC-Y7H] Create compute_function_id helper which enforces minimal TLV encoding

circuit/program/src/function_id/mod.rs

@@ -0,0 +1,37 @@
+// Copyright (C) 2019-2023 Aleo Systems Inc.
+// This file is part of the snarkVM library.
+
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at:
+// http://www.apache.org/licenses/LICENSE-2.0
+
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+use crate::{Identifier, ProgramID};
+use snarkvm_circuit_network::Aleo;
+use snarkvm_circuit_types::{environment::prelude::*, Field, U16};
+
+/// Compute the function ID as `Hash(network_id, program_id.len(), program_id, function_name.len(), function_name)`.
+pub fn compute_function_id<A: Aleo>(
+    network_id: &U16<A>,
+    program_id: &ProgramID<A>,
+    function_name: &Identifier<A>,
+) -> Field<A> {
+    A::hash_bhp1024(
+        &(
+            network_id,
+            program_id.name().size_in_bits(),
+            program_id.name(),
+            program_id.network().size_in_bits(),
+            program_id.network(),
+            function_name.size_in_bits(),
+            function_name,
+        )
+            .to_bits_le(),
+    )
+}

circuit/program/src/lib.rs

@@ -22,6 +22,9 @@ use snarkvm_circuit_network::AleoV0 as Circuit;
 mod data;
 pub use data::*;
 
+mod function_id;
+pub use function_id::*;
+
 mod id;
 pub use id::*;
 

circuit/program/src/request/mod.rs

@@ -18,7 +18,7 @@ use snarkvm_circuit_types::environment::assert_scope;
 mod to_tpk;
 mod verify;
 
-use crate::{Identifier, Plaintext, ProgramID, Record, Value};
+use crate::{compute_function_id, Identifier, Plaintext, ProgramID, Record, Value};
 use snarkvm_circuit_account::Signature;
 use snarkvm_circuit_network::Aleo;
 use snarkvm_circuit_types::{environment::prelude::*, Address, Boolean, Field, Group, U16};

circuit/program/src/request/verify.rs

@@ -21,10 +21,8 @@ impl<A: Aleo> Request<A> {
     /// Verifies (challenge == challenge') && (address == address') && (serial_numbers == serial_numbers') where:
     ///     challenge' := HashToScalar(r * G, pk_sig, pr_sig, signer, \[tvk, tcm, function ID, input IDs\])
     pub fn verify(&self, input_types: &[console::ValueType<A::Network>], tpk: &Group<A>) -> Boolean<A> {
-        // Compute the function ID as `Hash(network_id, program_id, function_name)`.
-        let function_id = A::hash_bhp1024(
-            &(&self.network_id, self.program_id.name(), self.program_id.network(), &self.function_name).to_bits_le(),
-        );
+        // Compute the function ID.
+        let function_id = compute_function_id(&self.network_id, &self.program_id, &self.function_name);
 
         // Construct the signature message as `[tvk, tcm, function ID, input IDs]`.
         let mut message = Vec::with_capacity(3 + 4 * self.input_ids.len());
@@ -111,9 +109,8 @@ impl<A: Aleo> Request<A> {
             false => assert!(signature.is_none()),
         }
 
-        // Compute the function ID as `Hash(network_id, program_id, function_name)`.
-        let function_id =
-            A::hash_bhp1024(&(network_id, program_id.name(), program_id.network(), function_name).to_bits_le());
+        // Compute the function ID.
+        let function_id = compute_function_id(network_id, program_id, function_name);
 
         // Initialize a vector for a message.
         let mut message = Vec::new();
@@ -394,16 +391,16 @@ mod tests {
         // Note: This is correct. At this (high) level of a program, we override the default mode in the `Record` case,
         // based on the user-defined visibility in the record type. Thus, we have nonzero private and constraint values.
         // These bounds are determined experimentally.
-        check_verify(Mode::Constant, 42520, 0, 17494, 17518)
+        check_verify(Mode::Constant, 42629, 0, 17494, 17518)
     }
 
     #[test]
     fn test_sign_and_verify_public() -> Result<()> {
-        check_verify(Mode::Public, 40018, 0, 26401, 26429)
+        check_verify(Mode::Public, 40130, 0, 26401, 26429)
     }
 
     #[test]
     fn test_sign_and_verify_private() -> Result<()> {
-        check_verify(Mode::Private, 40018, 0, 26401, 26429)
+        check_verify(Mode::Private, 40130, 0, 26401, 26429)
     }
 }

circuit/program/src/response/from_outputs.rs

@@ -27,9 +27,8 @@ impl<A: Aleo> Response<A> {
         output_types: &[console::ValueType<A::Network>], // Note: Console type
         output_registers: &[Option<console::Register<A::Network>>], // Note: Console type
     ) -> Self {
-        // Compute the function ID as `Hash(network_id, program_id, function_name)`.
-        let function_id =
-            A::hash_bhp1024(&(network_id, program_id.name(), program_id.network(), function_name).to_bits_le());
+        // Compute the function ID.
+        let function_id = compute_function_id(network_id, program_id, function_name);
 
         // Compute the output IDs.
         let output_ids = outputs
@@ -302,11 +301,11 @@ mod tests {
 
     #[test]
     fn test_from_outputs_public() -> Result<()> {
-        check_from_outputs(Mode::Public, 24793, 6, 13962, 13983)
+        check_from_outputs(Mode::Public, 24849, 6, 13962, 13983)
     }
 
     #[test]
     fn test_from_outputs_private() -> Result<()> {
-        check_from_outputs(Mode::Private, 24793, 6, 13962, 13983)
+        check_from_outputs(Mode::Private, 24849, 6, 13962, 13983)
     }
 }

circuit/program/src/response/mod.rs

@@ -18,7 +18,7 @@ use snarkvm_circuit_types::environment::assert_scope;
 mod from_outputs;
 mod process_outputs_from_callback;
 
-use crate::{Identifier, ProgramID, Value};
+use crate::{compute_function_id, Identifier, ProgramID, Value};
 use snarkvm_circuit_network::Aleo;
 use snarkvm_circuit_types::{environment::prelude::*, Field, U16};
 

circuit/program/src/response/process_outputs_from_callback.rs

@@ -26,9 +26,8 @@ impl<A: Aleo> Response<A> {
         outputs: Vec<console::Value<A::Network>>,        // Note: Console type
         output_types: &[console::ValueType<A::Network>], // Note: Console type
     ) -> Vec<Value<A>> {
-        // Compute the function ID as `Hash(network_id, program_id, function_name)`.
-        let function_id =
-            A::hash_bhp1024(&(network_id, program_id.name(), program_id.network(), function_name).to_bits_le());
+        // Compute the function ID.
+        let function_id = compute_function_id(network_id, program_id, function_name);
 
         match outputs
             .iter()
@@ -326,16 +325,16 @@ mod tests {
 
     #[test]
     fn test_from_callback_constant() -> Result<()> {
-        check_from_callback(Mode::Constant, 20788, 5, 4922, 4931)
+        check_from_callback(Mode::Constant, 20844, 5, 4922, 4931)
     }
 
     #[test]
     fn test_from_callback_public() -> Result<()> {
-        check_from_callback(Mode::Public, 20788, 5, 6217, 6226)
+        check_from_callback(Mode::Public, 20844, 5, 6217, 6226)
     }
 
     #[test]
     fn test_from_callback_private() -> Result<()> {
-        check_from_callback(Mode::Private, 20788, 5, 6217, 6226)
+        check_from_callback(Mode::Private, 20844, 5, 6217, 6226)
     }
 }

console/program/src/function_id/mod.rs

@@ -0,0 +1,39 @@
+// Copyright (C) 2019-2023 Aleo Systems Inc.
+// This file is part of the snarkVM library.
+
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at:
+// http://www.apache.org/licenses/LICENSE-2.0
+
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+use crate::{Identifier, ProgramID};
+use snarkvm_console_account::ToBits;
+use snarkvm_console_algorithms::Result;
+use snarkvm_console_network::Network;
+use snarkvm_console_types::{Field, U16, U8};
+
+/// Compute the function ID as `Hash(network_id, program_id.len(), program_id, function_name.len(), function_name)`.
+pub fn compute_function_id<N: Network>(
+    network_id: &U16<N>,
+    program_id: &ProgramID<N>,
+    function_name: &Identifier<N>,
+) -> Result<Field<N>> {
+    N::hash_bhp1024(
+        &(
+            *network_id,
+            U8::<N>::new(program_id.name().size_in_bits()),
+            program_id.name(),
+            U8::<N>::new(program_id.network().size_in_bits()),
+            program_id.network(),
+            U8::<N>::new(function_name.size_in_bits()),
+            function_name,
+        )
+            .to_bits_le(),
+    )
+}

console/program/src/lib.rs

@@ -30,6 +30,9 @@ pub use data::*;
 mod data_types;
 pub use data_types::*;
 
+mod function_id;
+pub use function_id::*;
+
 mod id;
 pub use id::*;
 

console/program/src/request/mod.rs

@@ -21,7 +21,7 @@ mod sign;
 mod string;
 mod verify;
 
-use crate::{Identifier, Plaintext, ProgramID, Record, Value, ValueType};
+use crate::{compute_function_id, Identifier, Plaintext, ProgramID, Record, Value, ValueType};
 use snarkvm_console_account::{Address, ComputeKey, GraphKey, PrivateKey, Signature, ViewKey};
 use snarkvm_console_network::Network;
 use snarkvm_console_types::prelude::*;

console/program/src/request/sign.rs

@@ -64,10 +64,10 @@ impl<N: Network> Request<N> {
         // Compute the transition commitment `tcm` as `Hash(tvk)`.
         let tcm = N::hash_psd2(&[tvk])?;
 
-        // Compute the function ID as `Hash(network_id, program_id, function_name)`.
-        let function_id = N::hash_bhp1024(
-            &(U16::<N>::new(N::ID), program_id.name(), program_id.network(), function_name).to_bits_le(),
-        )?;
+        // Get the network id
+        let network_id = U16::new(N::ID);
+        // Compute the function id
+        let function_id = compute_function_id(&network_id, &program_id, &function_name)?;
 
         // Construct the hash input as `(r * G, pk_sig, pr_sig, signer, [tvk, tcm, function ID, input IDs])`.
         let mut message = Vec::with_capacity(9 + 2 * inputs.len());
@@ -222,7 +222,7 @@ impl<N: Network> Request<N> {
 
         Ok(Self {
             signer,
-            network_id: U16::new(N::ID),
+            network_id,
             program_id,
             function_name,
             input_ids,

console/program/src/request/verify.rs

@@ -43,11 +43,8 @@ impl<N: Network> Request<N> {
         // Retrieve the response from the signature.
         let response = self.signature.response();
 
-        // Compute the function ID as `Hash(network_id, program_id, function_name)`.
-        let function_id = match N::hash_bhp1024(
-            &(U16::<N>::new(N::ID), self.program_id.name(), self.program_id.network(), &self.function_name)
-                .to_bits_le(),
-        ) {
+        // Compute the function ID.
+        let function_id = match compute_function_id(&self.network_id, &self.program_id, &self.function_name) {
             Ok(function_id) => function_id,
             Err(error) => {
                 eprintln!("Failed to construct the function ID: {error}");

console/program/src/response/mod.rs

@@ -12,7 +12,7 @@
 // See the License for the specific language governing permissions and
 // limitations under the License.
 
-use crate::{Identifier, ProgramID, Register, Value, ValueType};
+use crate::{compute_function_id, Identifier, ProgramID, Register, Value, ValueType};
 use snarkvm_console_network::Network;
 use snarkvm_console_types::prelude::*;
 
@@ -60,9 +60,8 @@ impl<N: Network> Response<N> {
         output_types: &[ValueType<N>],
         output_operands: &[Option<Register<N>>],
     ) -> Result<Self> {
-        // Compute the function ID as `Hash(network_id, program_id, function_name)`.
-        let function_id =
-            N::hash_bhp1024(&(*network_id, program_id.name(), program_id.network(), function_name).to_bits_le())?;
+        // Compute the function ID.
+        let function_id = compute_function_id(network_id, program_id, function_name)?;
 
         // Compute the output IDs.
         let output_ids = outputs

ledger/block/src/transition/mod.rs

@@ -26,6 +26,7 @@ mod string;
 use console::{
     network::prelude::*,
     program::{
+        compute_function_id,
         Ciphertext,
         Identifier,
         InputID,
@@ -93,9 +94,8 @@ impl<N: Network> Transition<N> {
         let function_name = *request.function_name();
         let num_inputs = request.inputs().len();
 
-        // Compute the function ID as `Hash(network_id, program_id, function_name)`.
-        let function_id =
-            N::hash_bhp1024(&(network_id, program_id.name(), program_id.network(), function_name).to_bits_le())?;
+        // Compute the function ID.
+        let function_id = compute_function_id(&network_id, &program_id, &function_name)?;
 
         let inputs = request
             .input_ids()

synthesizer/process/src/lib.rs

@@ -42,7 +42,7 @@ mod tests;
 use console::{
     account::PrivateKey,
     network::prelude::*,
-    program::{Identifier, Literal, Locator, Plaintext, ProgramID, Record, Response, Value},
+    program::{compute_function_id, Identifier, Literal, Locator, Plaintext, ProgramID, Record, Response, Value},
     types::{Field, U16, U64},
 };
 use ledger_block::{Deployment, Execution, Fee, Input, Transition};

synthesizer/process/src/verify_execution.rs

@@ -73,16 +73,10 @@ impl<N: Network> Process<N> {
             // Ensure the number of outputs is within the allowed range.
             ensure!(transition.outputs().len() <= N::MAX_OUTPUTS, "Transition exceeded maximum number of outputs");
 
-            // Compute the function ID as `Hash(network_id, program_id, function_name)`.
-            let function_id = N::hash_bhp1024(
-                &(
-                    U16::<N>::new(N::ID),
-                    transition.program_id().name(),
-                    transition.program_id().network(),
-                    transition.function_name(),
-                )
-                    .to_bits_le(),
-            )?;
+            // Retrieve the network ID.
+            let network_id = U16::new(N::ID);
+            // Compute the function ID.
+            let function_id = compute_function_id(&network_id, transition.program_id(), transition.function_name())?;
 
             // Ensure each input is valid.
             if transition

synthesizer/process/src/verify_fee.rs

@@ -76,11 +76,10 @@ impl<N: Network> Process<N> {
     fn verify_fee_private(&self, fee: &&Fee<N>) -> Result<()> {
         let timer = timer!("Process::verify_fee_private");
 
-        // Compute the function ID as `Hash(network_id, program_id, function_name)`.
-        let function_id = N::hash_bhp1024(
-            &(U16::<N>::new(N::ID), fee.program_id().name(), fee.program_id().network(), fee.function_name())
-                .to_bits_le(),
-        )?;
+        // Get the network id
+        let network_id = U16::new(N::ID);
+        // Compute the function ID.
+        let function_id = compute_function_id(&network_id, fee.program_id(), fee.function_name())?;
 
         // Ensure the fee contains 1 input record.
         ensure!(
@@ -146,11 +145,10 @@ impl<N: Network> Process<N> {
     fn verify_fee_public(&self, fee: &&Fee<N>) -> Result<()> {
         let timer = timer!("Process::verify_fee_public");
 
-        // Compute the function ID as `Hash(network_id, program_id, function_name)`.
-        let function_id = N::hash_bhp1024(
-            &(U16::<N>::new(N::ID), fee.program_id().name(), fee.program_id().network(), fee.function_name())
-                .to_bits_le(),
-        )?;
+        // Get the network id
+        let network_id = U16::new(N::ID);
+        // Compute the function ID.
+        let function_id = compute_function_id(&network_id, fee.program_id(), fee.function_name())?;
 
         // Ensure the fee contains all public inputs.
         ensure!(

synthesizer/src/vm/mod.rs

@@ -893,17 +893,18 @@ function a:
             sample_next_block(&vm, &caller_private_key, &[deployment_3.clone(), deployment_4.clone()], rng).unwrap();
         vm.add_next_block(&deployment_block).unwrap();
 
-        // Check that the iterator ordering is not the same as the deployment ordering.
-        let deployment_transaction_ids =
-            vm.transaction_store().deployment_transaction_ids().map(|id| *id).collect::<Vec<_>>();
-        // This `assert_ne` check is here to ensure that we are properly loading imports even though any order will work for `VM::from`.
-        // Note: `deployment_transaction_ids` is sorted lexicographically by transaction id, so the order may change if we update internal methods.
-        assert_ne!(deployment_transaction_ids, vec![
-            deployment_1.id(),
-            deployment_2.id(),
-            deployment_3.id(),
-            deployment_4.id()
-        ]);
+        // Sanity check the ordering of the deployment transaction IDs from storage.
+        {
+            let deployment_transaction_ids =
+                vm.transaction_store().deployment_transaction_ids().map(|id| *id).collect::<Vec<_>>();
+            // This assert check is here to ensure that we are properly loading imports even though any order will work for `VM::from`.
+            // Note: `deployment_transaction_ids` is sorted lexicographically by transaction id, so the order may change if we update internal methods.
+            assert_eq!(
+                deployment_transaction_ids,
+                vec![deployment_1.id(), deployment_2.id(), deployment_3.id(), deployment_4.id()],
+                "Update me if serialization has changed"
+            );
+        }
 
         // Enforce that the VM can load properly with the imports.
         assert!(VM::from(vm.store.clone()).is_ok());