feat: use batched pollarding and cachable indexes

feat(wip): improve gas fees

Author: dndll

.direnv/flake-inputs/6hhlmiyksac9s0328fg8giyfj4avz2s4-source

@@ -0,0 +1 @@
+/nix/store/6hhlmiyksac9s0328fg8giyfj4avz2s4-source

.direnv/flake-inputs/714kd9iay1f89hspfp62f6xhch67n733-source

@@ -0,0 +1 @@
+/nix/store/714kd9iay1f89hspfp62f6xhch67n733-source

.direnv/flake-inputs/g0ya1mggp8nnpkcz6yj3jvqyjqxsl2rw-source

@@ -0,0 +1 @@
+/nix/store/g0ya1mggp8nnpkcz6yj3jvqyjqxsl2rw-source

.direnv/flake-inputs/jvsbsgg960pkxgvd8wknhg7d490qni3q-source

@@ -0,0 +1 @@
+/nix/store/jvsbsgg960pkxgvd8wknhg7d490qni3q-source

.direnv/flake-inputs/nbkbs33bkw54f60kv5c5y48714l00dpw-source

@@ -0,0 +1 @@
+/nix/store/nbkbs33bkw54f60kv5c5y48714l00dpw-source

.direnv/flake-inputs/sk4ga2wy0b02k7pnzakwq4r3jdknda4g-source

@@ -0,0 +1 @@
+/nix/store/sk4ga2wy0b02k7pnzakwq4r3jdknda4g-source

.direnv/flake-profile-a5d5b61aa8a61b7d9d765e1daf971a9a578f1cfa

@@ -0,0 +1 @@
+/nix/store/mjg7w4vrlbkydkqki65srggpwpksz5pg-nix-shell-env

.direnv/flake-profile-a5d5b61aa8a61b7d9d765e1daf971a9a578f1cfa.rc

@@ -0,0 +1,4 @@
+if ! has nix_direnv_version || ! nix_direnv_version 2.2.0; then
+    source_url "https://raw.githubusercontent.com/nix-community/nix-direnv/2.2.0/direnvrc" "sha256-5EwyKnkJNQeXrRkYbwwRBcXbibosCJqyIUuz9Xq+LRc="
+fi
+use flake

.envrc

@@ -3,13 +3,16 @@ pragma solidity ^0.8;
 
 import "rainbow-bridge-sol/nearbridge/contracts/AdminControlled.sol";
 import "rainbow-bridge-sol/nearbridge/contracts/INearBridge.sol";
-import "rainbow-bridge-sol/nearbridge/contracts/NearDecoder.sol";
 import "./ProofDecoder.sol";
 import "./INearProver.sol";
 
+error InvalidOutcomeRoot();
+error InvalidBlockRoot();
+error InvalidOutcomeRootRoot();
+error InvalidBlockHash();
+
 contract NearProver is INearProver, AdminControlled {
     using Borsh for Borsh.Data;
-    using NearDecoder for Borsh.Data;
     using ProofDecoder for Borsh.Data;
 
     INearBridge public bridge;
@@ -25,6 +28,27 @@ contract NearProver is INearProver, AdminControlled {
     uint constant UNPAUSE_ALL = 0;
     uint constant PAUSED_VERIFY = 1;
 
+    function lookupItems(ProofDecoder.LookupMerklePath memory proof, ProofDecoder.MerklePath memory cache)
+        internal
+        pure
+        returns (ProofDecoder.MerklePath memory path)
+    {
+        for (uint256 i = 0; i < proof.items.length; i++) {
+            if (proof.items.length == 0) {
+                return path;
+            }
+            path.items = new ProofDecoder.MerklePathItem[](proof.items.length);
+            ProofDecoder.LookupMerklePathItem memory lookup = proof.items[i];
+
+            if (lookup.either == 0) {
+                path.items[i] = cache.items[lookup.index];
+            } else if (lookup.either == 1) {
+                path.items[i] = lookup.item;
+            }
+        }
+        return path;
+    }
+
     function proveOutcome(bytes memory proofData, uint64 blockHeight)
         public
         view
@@ -33,30 +57,57 @@ contract NearProver is INearProver, AdminControlled {
         returns (bool)
     {
         Borsh.Data memory borsh = Borsh.from(proofData);
-        ProofDecoder.FullOutcomeProof memory fullOutcomeProof = borsh.decodeFullOutcomeProof();
+        ProofDecoder.Proof memory proof = borsh.decodeProof();
         borsh.done();
 
-        bytes32 hash = _computeRoot(
-            fullOutcomeProof.outcome_proof.outcome_with_id.hash,
-            fullOutcomeProof.outcome_proof.proof
-        );
+        bytes32 hash;
+        ProofDecoder.BlindedProof memory blindedProof;
+        ProofDecoder.MerklePath memory path;
+        ProofDecoder.LookupMerklePathItem memory lookup;
+
+        for (uint256 index = 0; index < proof.batch.length; index++) {
+            blindedProof = proof.batch[index];
+
+            // Outcome proof
+            hash = _computeLookupRoot(blindedProof.outcome_hash, blindedProof.outcome_proof, proof.cache);
+
+            //Outcome root proof
+            hash = _computeLookupRoot(sha256(abi.encodePacked(hash)), blindedProof.outcome_root_proof, proof.cache);
 
-        hash = sha256(abi.encodePacked(hash));
+            if (hash != blindedProof.transaction_header.outcome_root) {
+                revert InvalidOutcomeRoot();
+            }
 
-        hash = _computeRoot(hash, fullOutcomeProof.outcome_root_proof);
+            // Block hash from header
+            hash = blindedProof.transaction_header.hash;
+            if (hash != blindedProof.outcome_proof_block_hash) {
+                revert InvalidBlockHash();
+            }
 
-        require(
-            hash == fullOutcomeProof.block_header_lite.inner_lite.outcome_root,
-            "NearProver: outcome merkle proof is not valid"
-        );
+            // Block proof
+            path.items = new ProofDecoder.MerklePathItem[](
+                blindedProof.block_proof.items.length + proof.ancestry.items.length
+            );
+            for (uint256 i = 0; i < blindedProof.block_proof.items.length; i++) {
+                lookup = blindedProof.block_proof.items[i];
+                if (lookup.either == 0) {
+                    path.items[i] = proof.cache.items[lookup.index];
+                } else if (lookup.either == 1) {
+                    path.items[i] = lookup.item;
+                }
+            }
+            for (uint256 i = 0; i < proof.ancestry.items.length; i++) {
+                path.items[blindedProof.block_proof.items.length + i] = proof.ancestry.items[i];
+            }
 
-        bytes32 expectedBlockMerkleRoot = bridge.blockMerkleRoots(blockHeight);
+            hash = _computeRoot(hash, path);
+            if (hash != proof.client_block_merkle_root) {
+                revert InvalidBlockRoot();
+            }
 
-        require(
-            _computeRoot(fullOutcomeProof.block_header_lite.hash, fullOutcomeProof.block_proof) ==
-                expectedBlockMerkleRoot,
-            "NearProver: block proof is not valid"
-        );
+            bytes32 expectedBlockMerkleRoot = bridge.blockMerkleRoots(blockHeight);
+            require(hash == expectedBlockMerkleRoot, "NearProver: block merkle proof is not expected merkle root");
+        }
 
         return true;
     }
@@ -72,4 +123,22 @@ contract NearProver is INearProver, AdminControlled {
             }
         }
     }
+
+    function _computeLookupRoot(
+        bytes32 node,
+        ProofDecoder.LookupMerklePath memory proof,
+        ProofDecoder.MerklePath memory cache
+    ) internal pure returns (bytes32 hash) {
+        ProofDecoder.MerklePath memory path;
+        path.items = new ProofDecoder.MerklePathItem[](proof.items.length);
+        for (uint i = 0; i < proof.items.length; i++) {
+            ProofDecoder.LookupMerklePathItem memory item = proof.items[i];
+            if (item.either == 0) {
+                path.items[i] = cache.items[item.index];
+            } else if (item.either == 1) {
+                path.items[i] = item.item;
+            }
+        }
+        return _computeRoot(node, path);
+    }
 }