From c76dbf6062ad8c8388b6757e9eef11776df5763e Mon Sep 17 00:00:00 2001
From: ajgara <ajgarassino@gmail.com>
Date: Thu, 28 Sep 2023 10:05:44 -0300
Subject: [PATCH] Fix verifier and CairoAIR config (#578)

* Fix verifier and CairoAIR config

* Add test to make sure authentication paths are being checked

* Cargo format

* Fix clippy for feature metal

---------

Co-authored-by: Agustin <agustin@pop-os.localdomain>
---
 provers/cairo/src/air.rs                     |  4 +--
 provers/cairo/src/tests/integration_tests.rs | 28 ++++++++++++++++++++
 provers/stark/src/verifier.rs                |  2 +-
 3 files changed, 31 insertions(+), 3 deletions(-)

diff --git a/provers/cairo/src/air.rs b/provers/cairo/src/air.rs
index 84f6fb6df..9be92f439 100644
--- a/provers/cairo/src/air.rs
+++ b/provers/cairo/src/air.rs
@@ -637,7 +637,7 @@ impl AIR for CairoAIR {
     ) -> Self {
         debug_assert!(trace_length.is_power_of_two());
 
-        let mut trace_columns = 34 + 4 + 15 + 4;
+        let mut trace_columns = 59;
         let mut transition_degrees = vec![
             2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, // Flags 0-14.
             1, // Flag 15
@@ -803,7 +803,7 @@ impl AIR for CairoAIR {
     fn number_auxiliary_rap_columns(&self) -> usize {
         // RANGE_CHECK_COL_i + MEMORY_INCREASING_i + MEMORY_CONSISTENCY_i + PERMUTATION_ARGUMENT_COL_i +
         // + PERMUTATION_ARGUMENT_RANGE_CHECK_COL_i
-        4 + 5 + 5 + 5 + 4
+        23
     }
 
     fn compute_transition(
diff --git a/provers/cairo/src/tests/integration_tests.rs b/provers/cairo/src/tests/integration_tests.rs
index 70acac1b1..e7b262579 100644
--- a/provers/cairo/src/tests/integration_tests.rs
+++ b/provers/cairo/src/tests/integration_tests.rs
@@ -39,6 +39,34 @@ fn test_prove_cairo_fibonacci_5() {
     test_prove_cairo_program(&cairo0_program_path("fibonacci_5.json"), &None, layout);
 }
 
+#[test_log::test]
+fn test_verifier_rejects_wrong_authentication_paths() {
+    // Setup
+    let proof_options = ProofOptions::default_test_options();
+    let program_content = std::fs::read(cairo0_program_path("fibonacci_5.json")).unwrap();
+    let (main_trace, pub_inputs) =
+        generate_prover_args(&program_content, &None, CairoLayout::Plain).unwrap();
+
+    // Generate the proof
+    let mut proof = generate_cairo_proof(&main_trace, &pub_inputs, &proof_options).unwrap();
+
+    // Change order of authentication path hashes
+    let query = 0;
+    let merkle_tree = 0;
+    let mut original_path = proof.deep_poly_openings[query].lde_trace_merkle_proofs[merkle_tree]
+        .merkle_path
+        .clone();
+    original_path.swap(0, 1);
+    // For the test to make sense, we have to make sure
+    // that the two hashes are different.
+    assert_ne!(original_path[0], original_path[1]);
+    proof.deep_poly_openings[query].lde_trace_merkle_proofs[merkle_tree].merkle_path =
+        original_path;
+
+    // Verifier should reject the proof
+    assert!(!verify_cairo_proof(&proof, &pub_inputs, &proof_options));
+}
+
 #[test_log::test]
 fn test_prove_cairo_fibonacci_1000() {
     let layout = CairoLayout::Plain;
diff --git a/provers/stark/src/verifier.rs b/provers/stark/src/verifier.rs
index 7958c1515..fe7afd687 100644
--- a/provers/stark/src/verifier.rs
+++ b/provers/stark/src/verifier.rs
@@ -355,7 +355,7 @@ where
                 ];
 
                 // Verify openings Open(tⱼ(D_LDE), 𝜐₀)
-                proof
+                result &= proof
                     .lde_trace_merkle_roots
                     .iter()
                     .zip(&deep_poly_opening.lde_trace_merkle_proofs)