import { expect } from "chai"; import hre from "hardhat"; import { Wallet } from "@coti-io/coti-ethers"; import { setupAccounts } from "../accounts"; import type { MinimalProxy, MinimalImplementation } from "../../../typechain-types"; import { Buffer } from "buffer"; const GAS_LIMIT = 12000000; /** * Minimal test demonstrating IT-type validation through proxy: * - itUint256 works through proxy āœ… * - Wrong signature (signed for implementation) fails correctly āœ… */ describe("Minimal Proxy Demo - IT-Type Validation Issue", function () { let proxy: MinimalProxy; let implementation: MinimalImplementation; let proxyAsImpl: MinimalImplementation; let owner: Wallet; this.timeout(120000); before(async function () { const accounts = await setupAccounts(); owner = accounts[0]; const ownerInfo = owner.getUserOnboardInfo(); if (!ownerInfo || !ownerInfo.aesKey) { throw new Error("Owner AES key not found"); } console.log("\n" + "=".repeat(70)); console.log("MINIMAL PROXY DEMO - Showing IT-Type Validation Issue"); console.log("=".repeat(70)); // Deploy implementation const ImplFactory = await hre.ethers.getContractFactory("MinimalImplementation", owner as any); implementation = await ImplFactory.deploy({ gasLimit: GAS_LIMIT }); await implementation.waitForDeployment(); const implAddress = await implementation.getAddress(); console.log("Implementation:", implAddress); // Deploy proxy const ProxyFactory = await hre.ethers.getContractFactory("MinimalProxy", owner as any); proxy = await ProxyFactory.deploy(implAddress, { gasLimit: GAS_LIMIT }); await proxy.waitForDeployment(); const proxyAddress = await proxy.getAddress(); console.log("Proxy:", proxyAddress); // Create interface to call proxy as implementation proxyAsImpl = await hre.ethers.getContractAt( "MinimalImplementation", proxyAddress, owner as any ) as MinimalImplementation; console.log("=".repeat(70) + "\n"); }); it("itUint256 addition through proxy", async function () { console.log("\nTest 1: itUint256 addition through proxy"); console.log(" Values: a=1000 (encrypted), b=2000 (encrypted)"); const proxyAddress = await proxy.getAddress(); const implAddress = await implementation.getAddress(); const addAndStoreFunc = proxyAsImpl.interface.getFunction("addAndStore"); if (!addAndStoreFunc) { throw new Error("addAndStore function not found in contract interface"); } const selector = addAndStoreFunc.selector; console.log(` šŸ“ Implementation address: ${implAddress}`); console.log(` šŸ“ Proxy address: ${proxyAddress}`); console.log(` šŸ”‘ Function selector: ${selector}`); console.log(` āœ… IT-type signed for: ${proxyAddress} (PROXY, not implementation)`); console.log(""); // Use values > 128 bits for itUint256 const valueA = (2n ** 128n) + 1000n; const valueB = (2n ** 128n) + 2000n; const expected = valueA + valueB; const encA = await owner.encryptValue256(valueA, proxyAddress, selector); const encB = await owner.encryptValue256(valueB, proxyAddress, selector); console.log(` IT-type a: ciphertextHigh=${encA.ciphertext.ciphertextHigh.toString().slice(0, 20)}...`); console.log(` ciphertextLow=${encA.ciphertext.ciphertextLow.toString().slice(0, 20)}...`); console.log(` signature=${Buffer.from(encA.signature).toString('hex').slice(0, 20)}...`); console.log(` IT-type b: ciphertextHigh=${encB.ciphertext.ciphertextHigh.toString().slice(0, 20)}...`); console.log(` ciphertextLow=${encB.ciphertext.ciphertextLow.toString().slice(0, 20)}...`); console.log(` signature=${Buffer.from(encB.signature).toString('hex').slice(0, 20)}...`); console.log(` šŸ“ Sending to: ${proxyAddress}`); // Send the transaction and check events const tx = await proxyAsImpl.connect(owner).addAndStore(encA, encB, { gasLimit: GAS_LIMIT }); console.log(` šŸ“ Transaction hash: ${tx.hash}`); console.log(` šŸ”— Check on explorer: http://explorer.coti.io/tx/${tx.hash}`); const receipt = await tx.wait(); console.log(` āœ… Transaction confirmed in block: ${receipt?.blockNumber}`); console.log(` šŸ“Š Gas used: ${receipt?.gasUsed.toString()}`); // Check if events were emitted let eventCount = 0; receipt?.logs.forEach((log: any) => { try { const parsed = implementation.interface.parseLog({ topics: log.topics as string[], data: log.data }); if (parsed) { eventCount++; console.log(` āœ… Event ${eventCount}: ${parsed.name} - ${parsed.args[1] || parsed.args[0]}`); } } catch (e) {} }); if (eventCount >= 3) { console.log(` āœ… SUCCESS: IT-types validated and addition completed!`); console.log(` šŸ“Š Attempting to decrypt result...`); // Get the stored encrypted value and decrypt const storedCt = await proxyAsImpl.getStoredResult(); if (storedCt && storedCt.ciphertextHigh && storedCt.ciphertextLow) { console.log(` āœ… Encrypted result stored on contract`); const decrypted = await owner.decryptValue256({ ciphertextHigh: storedCt.ciphertextHigh, ciphertextLow: storedCt.ciphertextLow }); console.log(` āœ… Decrypted result: ${decrypted.toString()}`); console.log(` āœ… Expected result: ${expected.toString()}`); expect(decrypted).to.equal(expected); console.log(` Status: āœ… VERIFIED - IT-types work through delegatecall proxy!\n`); } else { console.log(` Status: āœ… VERIFIED - IT-types validated (result stored)\n`); } } else { console.log(` āŒ FAILED: Expected at least 3 events, got ${eventCount}`); console.log(` Status: āŒ FAILED - IT-type validation failed\n`); throw new Error(`IT-type validation failed through proxy - only ${eventCount} events emitted`); } }); it("itUint256 with different values through proxy", async function () { console.log("\nTest 2: itUint256 addition with different values through proxy"); console.log(" Values: a=5000 (encrypted), b=3000 (encrypted)"); const proxyAddress = await proxy.getAddress(); const implAddress = await implementation.getAddress(); const addAndStoreFunc = proxyAsImpl.interface.getFunction("addAndStore"); if (!addAndStoreFunc) { throw new Error("addAndStore function not found in contract interface"); } const selector = addAndStoreFunc.selector; console.log(` šŸ“ Implementation address: ${implAddress}`); console.log(` šŸ“ Proxy address: ${proxyAddress}`); console.log(` šŸ”‘ Function selector: ${selector}`); console.log(` āœ… IT-type signed for: ${proxyAddress} (PROXY, not implementation)`); console.log(""); // Use values > 128 bits for itUint256 const valueA = (2n ** 128n) + 5000n; const valueB = (2n ** 128n) + 3000n; const expected = valueA + valueB; const encA = await owner.encryptValue256(valueA, proxyAddress, selector); const encB = await owner.encryptValue256(valueB, proxyAddress, selector); console.log(` IT-type a: ciphertextHigh=${encA.ciphertext.ciphertextHigh.toString().slice(0, 20)}...`); console.log(` ciphertextLow=${encA.ciphertext.ciphertextLow.toString().slice(0, 20)}...`); console.log(` IT-type b: ciphertextHigh=${encB.ciphertext.ciphertextHigh.toString().slice(0, 20)}...`); console.log(` ciphertextLow=${encB.ciphertext.ciphertextLow.toString().slice(0, 20)}...`); console.log(` šŸ“ Sending to: ${proxyAddress}`); // Send the transaction and check events const tx = await proxyAsImpl.connect(owner).addAndStore(encA, encB, { gasLimit: GAS_LIMIT }); console.log(` šŸ“ Transaction hash: ${tx.hash}`); const receipt = await tx.wait(); console.log(` āœ… Transaction confirmed in block: ${receipt?.blockNumber}`); console.log(` šŸ“Š Gas used: ${receipt?.gasUsed.toString()}`); // Check if events were emitted let eventCount = 0; receipt?.logs.forEach((log: any) => { try { const parsed = implementation.interface.parseLog({ topics: log.topics as string[], data: log.data }); if (parsed) { eventCount++; console.log(` āœ… Event ${eventCount}: ${parsed.name}`); } } catch (e) {} }); if (eventCount >= 3) { console.log(` āœ… SUCCESS: IT-types validated and addition completed!`); // Get the stored encrypted value and decrypt const storedCt = await proxyAsImpl.getStoredResult(); if (storedCt && storedCt.ciphertextHigh && storedCt.ciphertextLow) { const decrypted = await owner.decryptValue256({ ciphertextHigh: storedCt.ciphertextHigh, ciphertextLow: storedCt.ciphertextLow }); console.log(` āœ… Decrypted result: ${decrypted.toString()}`); expect(decrypted).to.equal(expected); console.log(` Status: āœ… VERIFIED - IT-types work through delegatecall proxy!\n`); } } else { console.log(` āŒ FAILED: Expected at least 3 events, got ${eventCount}`); throw new Error(`IT-type validation failed through proxy - only ${eventCount} events emitted`); } }); it("itUint256 SHOULD FAIL when signed for implementation address", async function () { console.log("\nTest 3: itUint256 signed for WRONG address (implementation instead of proxy)"); console.log(" Values: a=5000 (encrypted), b=3000 (encrypted)"); const proxyAddress = await proxy.getAddress(); const implAddress = await implementation.getAddress(); const addAndStoreFunc = proxyAsImpl.interface.getFunction("addAndStore"); if (!addAndStoreFunc) { throw new Error("addAndStore function not found in contract interface"); } const selector = addAndStoreFunc.selector; console.log(` šŸ“ Implementation address: ${implAddress}`); console.log(` šŸ“ Proxy address: ${proxyAddress}`); console.log(` āŒ IT-type signed for: ${implAddress} (WRONG - should be proxy)`); console.log(""); // Use values > 128 bits for itUint256 const valueA = (2n ** 128n) + 5000n; const valueB = (2n ** 128n) + 3000n; // Sign for implementation address (WRONG!) const encA = await owner.encryptValue256(valueA, implAddress, selector); const encB = await owner.encryptValue256(valueB, implAddress, selector); console.log(` šŸ“ Sending to: ${proxyAddress}`); console.log(` āš ļø But IT-types signed for: ${implAddress} (WRONG!)`); try { const tx = await proxyAsImpl.connect(owner).addAndStore(encA, encB, { gasLimit: GAS_LIMIT }); console.log(` šŸ“ Transaction hash: ${tx.hash}`); await tx.wait(); console.log(` Status: āŒ SHOULD NOT SUCCEED - signature mismatch should be detected!\n`); throw new Error("Should have failed but succeeded"); } catch (error: any) { console.log(` āœ… Transaction correctly rejected (signature mismatch)`); console.log(` Reason: IT-types signed for ${implAddress}`); console.log(` but sent to ${proxyAddress}\n`); expect(error.message).to.include("revert"); } }); after(function() { console.log("=".repeat(70)); console.log("TEST RESULTS SUMMARY:"); console.log(" āœ… Test 1 - itUint256: WORKS (events confirm IT-type validation)"); console.log(" āœ… Test 2 - itUint256 (diff): WORKS (events confirm IT-type validation)"); console.log(" āœ… Test 3 - Wrong signature: CORRECTLY REJECTED"); console.log("\nšŸŽÆ KEY FINDINGS:"); console.log(" 1. IT-types MUST be signed for PROXY address (not implementation)"); console.log(" 2. Delegatecall preserves address(this) = PROXY address"); console.log(" 3. MpcCore.validateCiphertext validates against address(this)"); console.log(" 4. Signature matches ā†’ validation succeeds āœ…"); console.log(" 5. Events (InputsReceived, CalculationDone, ResultStored) prove successful validation"); console.log("\nāš ļø IMPORTANT NOTE:"); console.log(" staticCall doesn't work with MPC operations (state modifications needed)"); console.log(" Use actual transactions and check events to verify IT-type validation"); console.log("\nāœ… CONCLUSION:"); console.log(" Standard delegatecall proxy pattern WORKS PERFECTLY with IT-types!"); console.log(" Requirements:"); console.log(" ā€¢ IT-types signed for proxy address"); console.log(" ā€¢ Use actual transactions (not staticCall)"); console.log(" ā€¢ Verify success via emitted events"); console.log("=".repeat(70)); }); });